RubyGems - dawnscanner - Versions diffs - 1.6.8 → 2.0.0.rc4 - Mend

dawnscanner 1.6.8 → 2.0.0.rc4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (387) hide show

checksums.yaml +5 -5
data/.gitignore +1 -0
data/.ruby-version +1 -1
data/Changelog.md +27 -1
data/LICENSE.txt +1 -1
data/README.md +59 -57
data/Rakefile +10 -242
data/Roadmap.md +15 -23
data/VERSION +1 -1
data/bin/dawn +17 -273
data/checksum/dawnscanner-1.6.8.gem.sha1 +1 -0
data/checksum/dawnscanner-2.0.0.rc1.gem.sha1 +1 -0
data/checksum/dawnscanner-2.0.0.rc2.gem.sha1 +1 -0
data/checksum/dawnscanner-2.0.0.rc3.gem.sha1 +1 -0
data/dawnscanner.gemspec +10 -9
data/doc/change.sh +13 -0
data/doc/kickstart_kb.tar.gz +0 -0
data/doc/knowledge_base.rb +650 -0
data/docs/.placeholder +0 -0
data/docs/CNAME +1 -0
data/docs/_config.yml +1 -0
data/lib/dawn/cli/dawn_cli.rb +139 -0
data/lib/dawn/core.rb +8 -7
data/lib/dawn/engine.rb +93 -34
data/lib/dawn/gemfile_lock.rb +2 -2
data/lib/dawn/kb/basic_check.rb +1 -2
data/lib/dawn/kb/combo_check.rb +1 -1
data/lib/dawn/kb/dependency_check.rb +1 -1
data/lib/dawn/kb/operating_system_check.rb +1 -1
data/lib/dawn/kb/pattern_match_check.rb +10 -9
data/lib/dawn/kb/ruby_version_check.rb +11 -10
data/lib/dawn/kb/{gem_check.rb → rubygem_check.rb} +1 -1
data/lib/dawn/kb/unsafe_depedency_check.rb +44 -0
data/lib/dawn/kb/version_check.rb +41 -24
data/lib/dawn/knowledge_base.rb +259 -595
data/lib/dawn/reporter.rb +2 -1
data/lib/dawn/utils.rb +5 -2
data/lib/dawn/version.rb +5 -5
data/lib/dawnscanner.rb +7 -6
data/spec/lib/kb/codesake_unsafe_dependency_check_spec.rb +29 -0
data/spec/lib/kb/dependency_check.yml +29 -0
metadata +30 -496
checksums.yaml.gz.sig +0 -0
data.tar.gz.sig +0 -0
data/certs/paolo_at_dawnscanner_dot_org.pem +0 -21
data/lib/dawn/kb/cve_2004_0755.rb +0 -33
data/lib/dawn/kb/cve_2004_0983.rb +0 -31
data/lib/dawn/kb/cve_2005_1992.rb +0 -31
data/lib/dawn/kb/cve_2005_2337.rb +0 -33
data/lib/dawn/kb/cve_2006_1931.rb +0 -30
data/lib/dawn/kb/cve_2006_2582.rb +0 -28
data/lib/dawn/kb/cve_2006_3694.rb +0 -31
data/lib/dawn/kb/cve_2006_4112.rb +0 -27
data/lib/dawn/kb/cve_2006_5467.rb +0 -28
data/lib/dawn/kb/cve_2006_6303.rb +0 -28
data/lib/dawn/kb/cve_2006_6852.rb +0 -27
data/lib/dawn/kb/cve_2006_6979.rb +0 -29
data/lib/dawn/kb/cve_2007_0469.rb +0 -29
data/lib/dawn/kb/cve_2007_5162.rb +0 -28
data/lib/dawn/kb/cve_2007_5379.rb +0 -27
data/lib/dawn/kb/cve_2007_5380.rb +0 -29
data/lib/dawn/kb/cve_2007_5770.rb +0 -30
data/lib/dawn/kb/cve_2007_6077.rb +0 -31
data/lib/dawn/kb/cve_2007_6612.rb +0 -30
data/lib/dawn/kb/cve_2008_1145.rb +0 -38
data/lib/dawn/kb/cve_2008_1891.rb +0 -38
data/lib/dawn/kb/cve_2008_2376.rb +0 -30
data/lib/dawn/kb/cve_2008_2662.rb +0 -33
data/lib/dawn/kb/cve_2008_2663.rb +0 -32
data/lib/dawn/kb/cve_2008_2664.rb +0 -33
data/lib/dawn/kb/cve_2008_2725.rb +0 -31
data/lib/dawn/kb/cve_2008_3655.rb +0 -37
data/lib/dawn/kb/cve_2008_3657.rb +0 -37
data/lib/dawn/kb/cve_2008_3790.rb +0 -30
data/lib/dawn/kb/cve_2008_3905.rb +0 -36
data/lib/dawn/kb/cve_2008_4094.rb +0 -27
data/lib/dawn/kb/cve_2008_4310.rb +0 -100
data/lib/dawn/kb/cve_2008_5189.rb +0 -27
data/lib/dawn/kb/cve_2008_7248.rb +0 -27
data/lib/dawn/kb/cve_2009_4078.rb +0 -29
data/lib/dawn/kb/cve_2009_4124.rb +0 -30
data/lib/dawn/kb/cve_2009_4214.rb +0 -27
data/lib/dawn/kb/cve_2010_1330.rb +0 -28
data/lib/dawn/kb/cve_2010_2489.rb +0 -60
data/lib/dawn/kb/cve_2010_3933.rb +0 -27
data/lib/dawn/kb/cve_2011_0188.rb +0 -67
data/lib/dawn/kb/cve_2011_0446.rb +0 -28
data/lib/dawn/kb/cve_2011_0447.rb +0 -28
data/lib/dawn/kb/cve_2011_0739.rb +0 -28
data/lib/dawn/kb/cve_2011_0995.rb +0 -61
data/lib/dawn/kb/cve_2011_1004.rb +0 -34
data/lib/dawn/kb/cve_2011_1005.rb +0 -31
data/lib/dawn/kb/cve_2011_2197.rb +0 -27
data/lib/dawn/kb/cve_2011_2686.rb +0 -29
data/lib/dawn/kb/cve_2011_2705.rb +0 -32
data/lib/dawn/kb/cve_2011_2929.rb +0 -27
data/lib/dawn/kb/cve_2011_2930.rb +0 -28
data/lib/dawn/kb/cve_2011_2931.rb +0 -30
data/lib/dawn/kb/cve_2011_2932.rb +0 -27
data/lib/dawn/kb/cve_2011_3009.rb +0 -28
data/lib/dawn/kb/cve_2011_3186.rb +0 -29
data/lib/dawn/kb/cve_2011_3187.rb +0 -29
data/lib/dawn/kb/cve_2011_4319.rb +0 -30
data/lib/dawn/kb/cve_2011_4815.rb +0 -28
data/lib/dawn/kb/cve_2011_5036.rb +0 -26
data/lib/dawn/kb/cve_2012_1098.rb +0 -30
data/lib/dawn/kb/cve_2012_1099.rb +0 -27
data/lib/dawn/kb/cve_2012_1241.rb +0 -27
data/lib/dawn/kb/cve_2012_2139.rb +0 -26
data/lib/dawn/kb/cve_2012_2140.rb +0 -27
data/lib/dawn/kb/cve_2012_2660.rb +0 -28
data/lib/dawn/kb/cve_2012_2661.rb +0 -27
data/lib/dawn/kb/cve_2012_2671.rb +0 -28
data/lib/dawn/kb/cve_2012_2694.rb +0 -30
data/lib/dawn/kb/cve_2012_2695.rb +0 -27
data/lib/dawn/kb/cve_2012_3424.rb +0 -29
data/lib/dawn/kb/cve_2012_3463.rb +0 -27
data/lib/dawn/kb/cve_2012_3464.rb +0 -27
data/lib/dawn/kb/cve_2012_3465.rb +0 -26
data/lib/dawn/kb/cve_2012_4464.rb +0 -27
data/lib/dawn/kb/cve_2012_4466.rb +0 -27
data/lib/dawn/kb/cve_2012_4481.rb +0 -26
data/lib/dawn/kb/cve_2012_4522.rb +0 -27
data/lib/dawn/kb/cve_2012_5370.rb +0 -27
data/lib/dawn/kb/cve_2012_5371.rb +0 -27
data/lib/dawn/kb/cve_2012_5380.rb +0 -28
data/lib/dawn/kb/cve_2012_6109.rb +0 -25
data/lib/dawn/kb/cve_2012_6134.rb +0 -27
data/lib/dawn/kb/cve_2012_6496.rb +0 -28
data/lib/dawn/kb/cve_2012_6497.rb +0 -28
data/lib/dawn/kb/cve_2012_6684.rb +0 -28
data/lib/dawn/kb/cve_2013_0155.rb +0 -29
data/lib/dawn/kb/cve_2013_0156.rb +0 -27
data/lib/dawn/kb/cve_2013_0162.rb +0 -28
data/lib/dawn/kb/cve_2013_0175.rb +0 -27
data/lib/dawn/kb/cve_2013_0183.rb +0 -25
data/lib/dawn/kb/cve_2013_0184.rb +0 -25
data/lib/dawn/kb/cve_2013_0233.rb +0 -26
data/lib/dawn/kb/cve_2013_0256.rb +0 -59
data/lib/dawn/kb/cve_2013_0262.rb +0 -26
data/lib/dawn/kb/cve_2013_0263.rb +0 -26
data/lib/dawn/kb/cve_2013_0269.rb +0 -27
data/lib/dawn/kb/cve_2013_0276.rb +0 -28
data/lib/dawn/kb/cve_2013_0277.rb +0 -25
data/lib/dawn/kb/cve_2013_0284.rb +0 -27
data/lib/dawn/kb/cve_2013_0285.rb +0 -27
data/lib/dawn/kb/cve_2013_0333.rb +0 -28
data/lib/dawn/kb/cve_2013_0334.rb +0 -25
data/lib/dawn/kb/cve_2013_1607.rb +0 -25
data/lib/dawn/kb/cve_2013_1655.rb +0 -65
data/lib/dawn/kb/cve_2013_1656.rb +0 -28
data/lib/dawn/kb/cve_2013_1756.rb +0 -26
data/lib/dawn/kb/cve_2013_1800.rb +0 -26
data/lib/dawn/kb/cve_2013_1801.rb +0 -27
data/lib/dawn/kb/cve_2013_1802.rb +0 -27
data/lib/dawn/kb/cve_2013_1812.rb +0 -27
data/lib/dawn/kb/cve_2013_1821.rb +0 -28
data/lib/dawn/kb/cve_2013_1854.rb +0 -26
data/lib/dawn/kb/cve_2013_1855.rb +0 -25
data/lib/dawn/kb/cve_2013_1856.rb +0 -26
data/lib/dawn/kb/cve_2013_1857.rb +0 -27
data/lib/dawn/kb/cve_2013_1875.rb +0 -27
data/lib/dawn/kb/cve_2013_1898.rb +0 -27
data/lib/dawn/kb/cve_2013_1911.rb +0 -28
data/lib/dawn/kb/cve_2013_1933.rb +0 -27
data/lib/dawn/kb/cve_2013_1947.rb +0 -27
data/lib/dawn/kb/cve_2013_1948.rb +0 -27
data/lib/dawn/kb/cve_2013_2065.rb +0 -29
data/lib/dawn/kb/cve_2013_2090.rb +0 -28
data/lib/dawn/kb/cve_2013_2105.rb +0 -26
data/lib/dawn/kb/cve_2013_2119.rb +0 -27
data/lib/dawn/kb/cve_2013_2512.rb +0 -26
data/lib/dawn/kb/cve_2013_2513.rb +0 -25
data/lib/dawn/kb/cve_2013_2516.rb +0 -26
data/lib/dawn/kb/cve_2013_2615.rb +0 -27
data/lib/dawn/kb/cve_2013_2616.rb +0 -27
data/lib/dawn/kb/cve_2013_2617.rb +0 -28
data/lib/dawn/kb/cve_2013_3221.rb +0 -27
data/lib/dawn/kb/cve_2013_4164.rb +0 -30
data/lib/dawn/kb/cve_2013_4203.rb +0 -25
data/lib/dawn/kb/cve_2013_4389.rb +0 -26
data/lib/dawn/kb/cve_2013_4413.rb +0 -27
data/lib/dawn/kb/cve_2013_4457.rb +0 -29
data/lib/dawn/kb/cve_2013_4478.rb +0 -26
data/lib/dawn/kb/cve_2013_4479.rb +0 -26
data/lib/dawn/kb/cve_2013_4489.rb +0 -28
data/lib/dawn/kb/cve_2013_4491.rb +0 -29
data/lib/dawn/kb/cve_2013_4492.rb +0 -29
data/lib/dawn/kb/cve_2013_4562.rb +0 -27
data/lib/dawn/kb/cve_2013_4593.rb +0 -27
data/lib/dawn/kb/cve_2013_5647.rb +0 -29
data/lib/dawn/kb/cve_2013_5671.rb +0 -26
data/lib/dawn/kb/cve_2013_6414.rb +0 -30
data/lib/dawn/kb/cve_2013_6415.rb +0 -29
data/lib/dawn/kb/cve_2013_6416.rb +0 -29
data/lib/dawn/kb/cve_2013_6417.rb +0 -30
data/lib/dawn/kb/cve_2013_6421.rb +0 -28
data/lib/dawn/kb/cve_2013_6459.rb +0 -28
data/lib/dawn/kb/cve_2013_6460.rb +0 -53
data/lib/dawn/kb/cve_2013_6461.rb +0 -57
data/lib/dawn/kb/cve_2013_7086.rb +0 -27
data/lib/dawn/kb/cve_2014_0036.rb +0 -27
data/lib/dawn/kb/cve_2014_0080.rb +0 -29
data/lib/dawn/kb/cve_2014_0081.rb +0 -27
data/lib/dawn/kb/cve_2014_0082.rb +0 -27
data/lib/dawn/kb/cve_2014_0130.rb +0 -27
data/lib/dawn/kb/cve_2014_1233.rb +0 -27
data/lib/dawn/kb/cve_2014_1234.rb +0 -26
data/lib/dawn/kb/cve_2014_2322.rb +0 -28
data/lib/dawn/kb/cve_2014_2525.rb +0 -59
data/lib/dawn/kb/cve_2014_2538.rb +0 -26
data/lib/dawn/kb/cve_2014_3482.rb +0 -28
data/lib/dawn/kb/cve_2014_3483.rb +0 -28
data/lib/dawn/kb/cve_2014_3916.rb +0 -29
data/lib/dawn/kb/cve_2014_4975.rb +0 -28
data/lib/dawn/kb/cve_2014_7818.rb +0 -27
data/lib/dawn/kb/cve_2014_7819.rb +0 -31
data/lib/dawn/kb/cve_2014_7829.rb +0 -30
data/lib/dawn/kb/cve_2014_8090.rb +0 -30
data/lib/dawn/kb/cve_2014_9490.rb +0 -29
data/lib/dawn/kb/cve_2015_1819.rb +0 -34
data/lib/dawn/kb/cve_2015_1840/cve_2015_1840_a.rb +0 -28
data/lib/dawn/kb/cve_2015_1840/cve_2015_1840_b.rb +0 -28
data/lib/dawn/kb/cve_2015_2963.rb +0 -27
data/lib/dawn/kb/cve_2015_3224.rb +0 -26
data/lib/dawn/kb/cve_2015_3225.rb +0 -28
data/lib/dawn/kb/cve_2015_3226.rb +0 -27
data/lib/dawn/kb/cve_2015_3227.rb +0 -28
data/lib/dawn/kb/cve_2015_3448.rb +0 -29
data/lib/dawn/kb/cve_2015_4020.rb +0 -34
data/lib/dawn/kb/cve_2015_5312.rb +0 -30
data/lib/dawn/kb/cve_2015_7497.rb +0 -32
data/lib/dawn/kb/cve_2015_7498.rb +0 -32
data/lib/dawn/kb/cve_2015_7499.rb +0 -32
data/lib/dawn/kb/cve_2015_7500.rb +0 -32
data/lib/dawn/kb/cve_2015_7519.rb +0 -31
data/lib/dawn/kb/cve_2015_7541.rb +0 -31
data/lib/dawn/kb/cve_2015_7576.rb +0 -35
data/lib/dawn/kb/cve_2015_7577.rb +0 -34
data/lib/dawn/kb/cve_2015_7578.rb +0 -30
data/lib/dawn/kb/cve_2015_7579.rb +0 -30
data/lib/dawn/kb/cve_2015_7581.rb +0 -33
data/lib/dawn/kb/cve_2015_8241.rb +0 -32
data/lib/dawn/kb/cve_2015_8242.rb +0 -32
data/lib/dawn/kb/cve_2015_8317.rb +0 -32
data/lib/dawn/kb/cve_2016_0751.rb +0 -32
data/lib/dawn/kb/cve_2016_0752.rb +0 -35
data/lib/dawn/kb/cve_2016_0753.rb +0 -31
data/lib/dawn/kb/cve_2016_2097.rb +0 -35
data/lib/dawn/kb/cve_2016_2098.rb +0 -35
data/lib/dawn/kb/cve_2016_5697.rb +0 -30
data/lib/dawn/kb/cve_2016_6316.rb +0 -33
data/lib/dawn/kb/cve_2016_6317.rb +0 -32
data/lib/dawn/kb/cve_2016_6582.rb +0 -43
data/lib/dawn/kb/not_revised_code.rb +0 -22
data/lib/dawn/kb/osvdb_105971.rb +0 -29
data/lib/dawn/kb/osvdb_108530.rb +0 -27
data/lib/dawn/kb/osvdb_108563.rb +0 -28
data/lib/dawn/kb/osvdb_108569.rb +0 -28
data/lib/dawn/kb/osvdb_108570.rb +0 -27
data/lib/dawn/kb/osvdb_115654.rb +0 -33
data/lib/dawn/kb/osvdb_116010.rb +0 -30
data/lib/dawn/kb/osvdb_117903.rb +0 -30
data/lib/dawn/kb/osvdb_118579.rb +0 -31
data/lib/dawn/kb/osvdb_118830.rb +0 -32
data/lib/dawn/kb/osvdb_118954.rb +0 -33
data/lib/dawn/kb/osvdb_119878.rb +0 -32
data/lib/dawn/kb/osvdb_119927.rb +0 -33
data/lib/dawn/kb/osvdb_120415.rb +0 -31
data/lib/dawn/kb/osvdb_120857.rb +0 -34
data/lib/dawn/kb/osvdb_121701.rb +0 -30
data/lib/dawn/kb/osvdb_132234.rb +0 -34
data/lib/dawn/kb/owasp_ror_cheatsheet.rb +0 -33
data/lib/dawn/kb/owasp_ror_cheatsheet/check_for_backup_files.rb +0 -18
data/lib/dawn/kb/owasp_ror_cheatsheet/check_for_safe_redirect_and_forward.rb +0 -57
data/lib/dawn/kb/owasp_ror_cheatsheet/command_injection.rb +0 -28
data/lib/dawn/kb/owasp_ror_cheatsheet/csrf.rb +0 -29
data/lib/dawn/kb/owasp_ror_cheatsheet/mass_assignment_in_model.rb +0 -33
data/lib/dawn/kb/owasp_ror_cheatsheet/security_related_headers.rb +0 -35
data/lib/dawn/kb/owasp_ror_cheatsheet/sensitive_files.rb +0 -29
data/lib/dawn/kb/owasp_ror_cheatsheet/session_stored_in_database.rb +0 -31
data/lib/dawn/kb/simpleform_xss_20131129.rb +0 -28
data/lib/dawn/knowledge_base_experimental.rb +0 -245
data/spec/lib/kb/cve_2011_2705_spec.rb +0 -35
data/spec/lib/kb/cve_2011_2930_spec.rb +0 -31
data/spec/lib/kb/cve_2011_3009_spec.rb +0 -25
data/spec/lib/kb/cve_2011_3187_spec.rb +0 -24
data/spec/lib/kb/cve_2011_4319_spec.rb +0 -44
data/spec/lib/kb/cve_2011_5036_spec.rb +0 -95
data/spec/lib/kb/cve_2012_1098_spec.rb +0 -36
data/spec/lib/kb/cve_2012_2139_spec.rb +0 -20
data/spec/lib/kb/cve_2012_2671_spec.rb +0 -23
data/spec/lib/kb/cve_2012_6109_spec.rb +0 -112
data/spec/lib/kb/cve_2012_6684_spec.rb +0 -16
data/spec/lib/kb/cve_2013_0162_spec.rb +0 -23
data/spec/lib/kb/cve_2013_0183_spec.rb +0 -54
data/spec/lib/kb/cve_2013_0184_spec.rb +0 -115
data/spec/lib/kb/cve_2013_0256_spec.rb +0 -34
data/spec/lib/kb/cve_2013_0262_spec.rb +0 -44
data/spec/lib/kb/cve_2013_0263_spec.rb +0 -11
data/spec/lib/kb/cve_2013_0334_spec.rb +0 -35
data/spec/lib/kb/cve_2013_1607_spec.rb +0 -15
data/spec/lib/kb/cve_2013_1655_spec.rb +0 -31
data/spec/lib/kb/cve_2013_1756_spec.rb +0 -23
data/spec/lib/kb/cve_2013_2090_spec.rb +0 -15
data/spec/lib/kb/cve_2013_2105_spec.rb +0 -11
data/spec/lib/kb/cve_2013_2119_spec.rb +0 -27
data/spec/lib/kb/cve_2013_2512_spec.rb +0 -15
data/spec/lib/kb/cve_2013_2513_spec.rb +0 -15
data/spec/lib/kb/cve_2013_2516_spec.rb +0 -15
data/spec/lib/kb/cve_2013_4203_spec.rb +0 -15
data/spec/lib/kb/cve_2013_4413_spec.rb +0 -16
data/spec/lib/kb/cve_2013_4489_spec.rb +0 -63
data/spec/lib/kb/cve_2013_4491_spec.rb +0 -16
data/spec/lib/kb/cve_2013_4593_spec.rb +0 -16
data/spec/lib/kb/cve_2013_5647_spec.rb +0 -19
data/spec/lib/kb/cve_2013_5671_spec.rb +0 -27
data/spec/lib/kb/cve_2013_6414_spec.rb +0 -26
data/spec/lib/kb/cve_2013_6416_spec.rb +0 -31
data/spec/lib/kb/cve_2013_6459_spec.rb +0 -15
data/spec/lib/kb/cve_2013_7086_spec.rb +0 -22
data/spec/lib/kb/cve_2014_0036_spec.rb +0 -15
data/spec/lib/kb/cve_2014_0080_spec.rb +0 -33
data/spec/lib/kb/cve_2014_0081_spec.rb +0 -50
data/spec/lib/kb/cve_2014_0082_spec.rb +0 -52
data/spec/lib/kb/cve_2014_0130_spec.rb +0 -19
data/spec/lib/kb/cve_2014_1233_spec.rb +0 -15
data/spec/lib/kb/cve_2014_1234_spec.rb +0 -16
data/spec/lib/kb/cve_2014_2322_spec.rb +0 -15
data/spec/lib/kb/cve_2014_2538_spec.rb +0 -15
data/spec/lib/kb/cve_2014_3482_spec.rb +0 -15
data/spec/lib/kb/cve_2014_3483_spec.rb +0 -27
data/spec/lib/kb/cve_2014_7818_spec.rb +0 -42
data/spec/lib/kb/cve_2014_7819_spec.rb +0 -139
data/spec/lib/kb/cve_2014_7829_spec.rb +0 -50
data/spec/lib/kb/cve_2014_9490_spec.rb +0 -17
data/spec/lib/kb/cve_2015_1819_spec.rb +0 -16
data/spec/lib/kb/cve_2015_1840_spec.rb +0 -39
data/spec/lib/kb/cve_2015_2963_spec.rb +0 -17
data/spec/lib/kb/cve_2015_3224_spec.rb +0 -16
data/spec/lib/kb/cve_2015_3225_spec.rb +0 -27
data/spec/lib/kb/cve_2015_3226_spec.rb +0 -35
data/spec/lib/kb/cve_2015_3227_spec.rb +0 -31
data/spec/lib/kb/cve_2015_3448_spec.rb +0 -16
data/spec/lib/kb/cve_2015_4020_spec.rb +0 -24
data/spec/lib/kb/cve_2015_5312_spec.rb +0 -31
data/spec/lib/kb/cve_2015_7497_spec.rb +0 -31
data/spec/lib/kb/cve_2015_7498_spec.rb +0 -31
data/spec/lib/kb/cve_2015_7499_spec.rb +0 -31
data/spec/lib/kb/cve_2015_7500_spec.rb +0 -31
data/spec/lib/kb/cve_2015_7519_spec.rb +0 -23
data/spec/lib/kb/cve_2015_7541_spec.rb +0 -15
data/spec/lib/kb/cve_2015_7576_spec.rb +0 -51
data/spec/lib/kb/cve_2015_7577_spec.rb +0 -63
data/spec/lib/kb/cve_2015_7578_spec.rb +0 -15
data/spec/lib/kb/cve_2015_7579_spec.rb +0 -23
data/spec/lib/kb/cve_2015_7581_spec.rb +0 -51
data/spec/lib/kb/cve_2015_8241_spec.rb +0 -31
data/spec/lib/kb/cve_2015_8242_spec.rb +0 -31
data/spec/lib/kb/cve_2015_8317_spec.rb +0 -31
data/spec/lib/kb/cve_2016_0751_spec.rb +0 -55
data/spec/lib/kb/cve_2016_0752_spec.rb +0 -51
data/spec/lib/kb/cve_2016_0753_spec.rb +0 -51
data/spec/lib/kb/cve_2016_2097_spec.rb +0 -35
data/spec/lib/kb/cve_2016_2098_spec.rb +0 -55
data/spec/lib/kb/cve_2016_5697_spec.rb +0 -15
data/spec/lib/kb/cve_2016_6316_spec.rb +0 -44
data/spec/lib/kb/cve_2016_6317_spec.rb +0 -35
data/spec/lib/kb/cve_2016_6582_spec.rb +0 -29
data/spec/lib/kb/osvdb_105971_spec.rb +0 -15
data/spec/lib/kb/osvdb_108530_spec.rb +0 -22
data/spec/lib/kb/osvdb_108563_spec.rb +0 -18
data/spec/lib/kb/osvdb_108569_spec.rb +0 -17
data/spec/lib/kb/osvdb_108570_spec.rb +0 -17
data/spec/lib/kb/osvdb_115654_spec.rb +0 -15
data/spec/lib/kb/osvdb_116010_spec.rb +0 -15
data/spec/lib/kb/osvdb_117903_spec.rb +0 -23
data/spec/lib/kb/osvdb_118579_spec.rb +0 -8
data/spec/lib/kb/osvdb_118830_spec.rb +0 -16
data/spec/lib/kb/osvdb_118954_spec.rb +0 -20
data/spec/lib/kb/osvdb_119878_spec.rb +0 -92
data/spec/lib/kb/osvdb_119927_spec.rb +0 -16
data/spec/lib/kb/osvdb_120415_spec.rb +0 -16
data/spec/lib/kb/osvdb_120857_spec.rb +0 -32
data/spec/lib/kb/osvdb_121701_spec.rb +0 -15
data/spec/lib/kb/osvdb_132234_spec.rb +0 -15
metadata.gz.sig +0 -0

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: be00270c083b8265e402c4db5af3a5ea77097978
-  data.tar.gz: 1abf4048b91c6a0f8a4c3116880c4c11dbe58a60
+SHA256:
+  metadata.gz: b9ae4a53a59b132a6ce6c85407f0d4fddd88eda75958474a1aee0ce2369b4cf4
+  data.tar.gz: '01479eaa5129162d83ddcce897f74f250b5fe4b0cbe5e7c5e3bb2444b9cffce8'
 SHA512:
-  metadata.gz: 733ab01256a79072b93276bf4cd7b737effa5c46cbe0263c7a512dd1d2c52d0059d5d235cbc841aeac0c230b5df10eaf9cd3ab90cfa2d6f37861d7fcd759574e
-  data.tar.gz: 26e104ea9e588b0e3251e10897daa63cb8a92a165a7f558ff19498b48f931f2956f3e21147dcfc0307743f3c56bec191a47f4fd79c7daf22ba7459b953ccbd7f
+  metadata.gz: b2ddc397e425922f848612c1244b8e0ace964a766673b9a6f70317e441c00dd35c2687de1040fcfa0ef5203c5f7304d274e4a9091637670a8b5c3ccefec33804
+  data.tar.gz: '0345397057005fcd021910298c1befb282eddfcad7e13f876e5d36a8715579d71990dd18bcb9cd3ca3f8387fe99e962ad8e97224d5060dad1f711f49a82e62d2'

data/.gitignore CHANGED Viewed

@@ -19,3 +19,4 @@ test/tmp
 test/version_tmp
 tmp
 db/*
+tags

data/.ruby-version CHANGED Viewed

	@@ -1 +1 @@
1	- 2.3.1
1	+ 3

data/Changelog.md CHANGED Viewed

@@ -5,7 +5,33 @@ It supports [Sinatra](http://www.sinatrarb.com),
 [Padrino](http://www.padrinorb.com) and [Ruby on Rails](http://rubyonrails.org)
 frameworks.
-_latest update: Tue Nov  1 22:47:56 CET 2016_
+_latest update: mer 28 nov 2018, 11.03.53, CET_
+## Version 2.0.0 - codename: Finn McMissile (2019-xx-xx)
+* New knowledge base, YAML based and distributed separately from the ruby gem.
+* New CLI based on Thor library. Please read README.md file to know how to
+  invoke dawn the right way or use the 'dawn help' command
+* Added a new debug\_verbosely API for engines and checks
+* Removed rake osvdb[name] and rake cve[name] tasks
+* Adding telemetry
+* Dawn::Utils include refactory. Now it's available application wide
+* debug information refactory.
+* engine class, apply_all method now accepts an optional parameter containing a
+  list of security checks to be excluded (issue #230).
+* Fix issue #244. Now the KB path is no more hardcoded but it is relative to
+  $HOME and 'dawnscanner' folder where results are stored.
+* Fix issue #245. Pattern matching check is skipped on empty files.
+## Version 1.6.9 - codename: Tow Mater (2018-11-28)
+* Removed signing certificate. This will solve issue #233 and #229
+* Removed datamapper support. I will change to active\_record sooner or later.
+  This will solve issue #232 and issue #218
+## Version 1.6.8 - codename: Tow Mater (2017-04-07)
+* Update signing certficate
 ## Version 1.6.7 - codename: Tow Mater (2016-11-24)

data/LICENSE.txt CHANGED Viewed

@@ -1,4 +1,4 @@
-Copyright (c) 2013-2015 Paolo Perego
+Copyright (c) 2013-2021 Paolo Perego
 MIT License

data/README.md CHANGED Viewed

@@ -1,22 +1,40 @@
 # Dawnscanner - The raising security scanner for ruby web applications
-dawnscanner is a source code scanner designed to review your ruby code for security
-issues.
+dawnscanner is a source code scanner designed to review your web applications for
+security issues.
-dawnscanner is able to scan plain ruby scripts (e.g. command line applications) but
-all its features are unleashed when dealing with web applications source code.
-dawnscanner is able to scan major MVC (Model View Controller) frameworks, out of the
-box:
+dawnscanner is able to scan web applications written in Ruby and it supports all
+major MVC (Model View Controller) frameworks, out of the box:
 * [Ruby on Rails](http://rubyonrails.org)
 * [Sinatra](http://www.sinatrarb.com)
 * [Padrino](http://www.padrinorb.com)
+## Quick update from April, 2019
+We just released version 2.0.0 release candidate 1 with a YAML powered revamped
+knowledge base. Please note that dawnscanner will include a telemetry facility
+sending a POST  on https://dawnscanner.org/telemetry with an application id and
+some information about version and knowledge base.
+We won't now and ever collect your source code on our side.
+## Quick update from November, 2018
+As you can see dawnscanner is on hold since more then an year. Sorry for that.
+It's life. I was overwhelmed by tons of stuff and I dedicated free time to
+Offensive Security certifications. True to be told, I'm starting OSCE journey
+really soon.
+The dawnscanner project will be updated soon with new security checks and
+kickstarted again.
+Paolo
 ---
 [![Gem Version](https://badge.fury.io/rb/dawnscanner.png)](http://badge.fury.io/rb/dawnscanner)
 [![Build Status](https://travis-ci.org/thesp0nge/dawnscanner.png?branch=master)](https://travis-ci.org/thesp0nge/dawnscanner)
-[![Dependency Status](https://gemnasium.com/thesp0nge/dawnscanner.png)](https://gemnasium.com/thesp0nge/dawnscanner)
 [![Coverage Status](https://coveralls.io/repos/thesp0nge/dawnscanner/badge.png)](https://coveralls.io/r/thesp0nge/dawnscanner)
 [![Code Triagers Badge](https://www.codetriage.com/thesp0nge/dawnscanner/badges/users.svg)](https://www.codetriage.com/thesp0nge/dawnscanner)
 [![Inline docs](http://inch-ci.org/github/thesp0nge/dawnscanner.png?branch=master)](http://inch-ci.org/github/thesp0nge/dawnscanner)
@@ -50,30 +68,11 @@ application.
 ## Installation
-dawnscanner rubygem is cryptographically signed. To be sure the gem you
-install hasn’t been tampered, you must first add ```paolo@dawnscanner.org```
-public signing certificate as trusted to your gem specific keyring.
-```
-$ gem cert --add <(curl -Ls https://raw.githubusercontent.com/thesp0nge/dawnscanner/master/certs/paolo_at_dawnscanner_dot_org.pem)
-```
 You can install latest dawnscanner version, fetching it from
 [Rubygems](https://rubygems.org) by typing:
 ```
-$ gem install dawnscanner -P MediumSecurity
-```
-The MediumSecurity trust profile will verify signed gems, but allow the
-installation of unsigned dependencies. This is necessary because not all of
-dawnscanner’s dependencies are signed, so we cannot use HighSecurity.
-In order to install a release candidate version, the gem install command line
-is the following:
-```
-$ gem install dawnscanner --pre -P MediumSecurity
+$ gem install dawnscanner
 ```
 If you want to add dawn to your project Gemfile, you must add the following:
@@ -123,44 +122,47 @@ $ dawn -h
 Usage: dawn [options] target_directory
 Examples:
-  $ dawn a_sinatra_webapp_directory
-  $ dawn -C the_rails_blog_engine
-  $ dawn -C --json a_sinatra_webapp_directory
-  $ dawn --ascii-tabular-report my_rails_blog_ecommerce
-  $ dawn --html -F my_report.html my_rails_blog_ecommerce
-   -r, --rails          force dawn to consider the target a rails application
-   -s, --sinatra        force dawn to consider the target a sinatra application
-   -p, --padrino        force dawn to consider the target a padrino application
-   -G, --gem-lock       force dawn to scan only for vulnerabilities affecting dependencies in Gemfile.lock
-   -a, --ascii-tabular-report   cause dawn to format findings using table in ascii art
-   -j, --json                   cause dawn to format findings using json
-   -C, --count-only             dawn will only count vulnerabilities (useful for scripts)
-   -z, --exit-on-warn           dawn will return number of found vulnerabilities as exit code
-   -F, --file filename          tells dawn to write output to filename
-   -c, --config-file filename   tells dawn to load configuration from filename
+	$ dawn a_sinatra_webapp_directory
+	$ dawn -C the_rails_blog_engine
+	$ dawn -C --json a_sinatra_webapp_directory
+	$ dawn --ascii-tabular-report my_rails_blog_ecommerce
+	$ dawn --html -F my_report.html my_rails_blog_ecommerce
+   -G, --gem-lock				force dawn to scan only for vulnerabilities affecting dependencies in Gemfile.lock (DEPRECATED)
+   -d, --dependencies				force dawn to scan only for vulnerabilities affecting dependencies in Gemfile.lock
+Reporting
+   -a, --ascii-tabular-report			cause dawn to format findings using tables in ascii art (DEPRECATED)
+   -j, --json					cause dawn to format findings using json
+   -K, --console					cause dawn to format findings using plain ascii text
+   -C, --count-only				dawn will only count vulnerabilities (useful for scripts)
+   -z, --exit-on-warn				dawn will return number of found vulnerabilities as exit code
+   -F, --file filename				tells dawn to write output to filename
+   -c, --config-file filename			tells dawn to load configuration from filename
 Disable security check family
-       --disable-cve-bulletins  disable all CVE security checks
-       --disable-code-quality   disable all code quality checks
-       --disable-code-style     disable all code style checks
-       --disable-owasp-ror-cheatsheet   disable all Owasp Ruby on Rails cheatsheet checks
-       --disable-owasp-top-10           disable all Owasp Top 10 checks
+       --disable-cve-bulletins			disable all CVE security checks
+       --disable-code-quality			disable all code quality checks
+       --disable-code-style			disable all code style checks
+       --disable-owasp-ror-cheatsheet		disable all Owasp Ruby on Rails cheatsheet checks
+       --disable-owasp-top-10			disable all Owasp Top 10 checks
-Flags useful to query dawnscanner
+Flags useful to query Dawn
-       -S, --search-knowledge-base [check_name]   search check_name in the knowledge base
-           --list-knowledge-base                  list knowledge-base content
-           --list-known-families                  list security check families contained in dawn's knowledge base
-           --list-known-framework                 list ruby MVC frameworks supported by dawn
+   -S, --search-knowledge-base [check_name]	search check_name in the knowledge base
+       --list-knowledge-base			list knowledge-base content
+       --list-known-families			list security check families contained in dawn's knowledge base
+       --list-known-framework			list ruby MVC frameworks supported by dawn
+       --list-scan-registry			list past scan informations stored in scan registry
 Service flags
-   -D, --debug                                  enters dawn debug mode
-   -V, --verbose                                the output will be more verbose
-   -v, --version                                show version information
-   -h, --help                                   show this help
+   -D, --debug					enters dawn debug mode
+   -V, --verbose				the output will be more verbose
+   -v, --version				show version information
+   -h, --help					show this help
 ```
 ### Rake task

data/Rakefile CHANGED Viewed

@@ -8,7 +8,6 @@ require 'cucumber/rake/task'
 require 'fileutils'
 require "dawn/utils"
 require "dawn/knowledge_base"
-require "dawn/knowledge_base_experimental"
 Cucumber::Rake::Task.new(:features) do |t|
   t.cucumber_opts = "features --format pretty -x"
@@ -45,7 +44,7 @@ namespace :version do
       f.puts("module Dawn")
       puts "#{branch_name}|"
-      if branch_name != "master"
+      if branch_name != "main"
         av = version.split('.')
         f.puts "    VERSION = \"#{av[0]}.#{av[1]}.#{commit_hash.chop}\""
         f.puts "    CODENAME = \"#{codename.lstrip!.chop}\""
@@ -63,214 +62,6 @@ namespace :version do
   end
 end
-# namespace :check do
-# desc "Create a dependency check"
-# task :dependency, :name do |t, args|
-# end
-# end
-desc "Create a new CVE test"
-task :cve, :name do |t,args|
-  name      = args.name
-  SRC_DIR   = "./lib/dawn/kb/"
-  SPEC_DIR  = "./spec/lib/kb/"
-  raise "### It seems that #{name} is already in Dawn knowledge base" unless Dawn::KnowledgeBase.find(nil, name).nil?
-  raise "### Invalid CVE title: #{name}" if name.nil? or name.empty? or /CVE-\d{4}-\d{4}/.match(name).nil?
-  raise "### No target directory: #{SRC_DIR}" unless Dir.exists?(SRC_DIR)
-  raise "### No rspec directory: #{SPEC_DIR}" unless Dir.exists?(SPEC_DIR)
-  puts "Adding #{name} to knowledge base..."
-  rb_filename = SRC_DIR+name.downcase.gsub("-", "_")+".rb"
-  spec_filename = SPEC_DIR+name.downcase.gsub("-", "_")+"_spec.rb"
-  class_name = name.gsub("-", "_")
-  open(rb_filename, "w") do |file|
-    file.puts "module Dawn"
-    file.puts "\t\tmodule Kb"
-    file.puts "\t\t\t# Automatically created with rake on #{Time.now.strftime('%Y-%m-%d')}"
-    file.puts "\t\t\tclass #{class_name}"
-    file.puts "\t\t\t\t# Include the testing skeleton for this CVE"
-    file.puts "\t\t\t\t# include PatternMatchCheck"
-    file.puts "\t\t\t\t# include DependencyCheck"
-    file.puts "\t\t\t\t# include RubyVersionCheck"
-    file.puts ""
-    file.puts "\t\t\t\tdef initialize"
-    file.puts "\t\t\t\t\ttitle   = \"\""
-    file.puts "\t\t\t\t\tmessage = \"\""
-    file.puts "\t\t\t\tend"
-    file.puts "\t\t\tend"
-    file.puts "\t\tend"
-    file.puts "end"
-  end
-  puts "#{rb_filename} created"
-  open(spec_filename, "w") do |file|
-    file.puts "require 'spec_helper'"
-    file.puts "describe \"The #{name} vulnerability\" do"
-    file.puts "\tbefore(:all) do"
-    file.puts "\t\t@check = Dawn::Kb::#{class_name}.new"
-    file.puts "\t\t# @check.debug = true"
-    file.puts "\tend"
-    file.puts "\tit \"is reported when the vulnerable gem is detected\" do"
-    file.puts "\t\t@check.dependencies = [{:name=>\"\", :version=>\"\"}]"
-    file.puts "\t\texpect(@check.vuln?).to   eq(true)"
-    file.puts "\tend"
-    file.puts "\tit \"is not reported when a fixed release is detected\" do"
-    file.puts "\t\t@check.dependencies = [{:name=>\"\", :version=>\"\"}]"
-    file.puts "\t\texpect(@check.vuln?).to   eq(false)"
-    file.puts "\tend"
-    file.puts "end"
-  end
-  puts "#{spec_filename} created"
-  puts "*** PLEASE IMPLEMENT TEST FOR #{name} IN ./spec/lib/dawn/codesake_knowledgebase_spec.rb in order to reflect changes"
-  puts "*** PLEASE ADD THIS CODE IN ./lib/dawn/knowledge_base.rb in order to reflect changes"
-  puts "require \"dawn/kb/#{class_name.downcase}\""
-  puts "it \"must have test for #{name}\" do"
-  puts "  sc = kb.find(\"#{name}\")"
-  puts "  expect(sc).not_to   be_nil"
-  puts "  expect(sc.class).to eq(Dawn::Kb::#{class_name})"
-  puts "end"
-end
-desc "Create a new OSVDB security check"
-task :osvdb, :name do |t,args|
-  name      = args.name
-  SRC_DIR   = "./lib/dawn/kb/"
-  SPEC_DIR  = "./spec/lib/kb/"
-  raise "### It seems that #{name} is already in Dawn knowledge base" unless Dawn::KnowledgeBase.find(nil, name).nil?
-  raise "### Invalid OSVDB identifier: #{name}" if name.nil? or name.empty? or /\d{6}/.match(name).nil?
-  raise "### No target directory: #{SRC_DIR}" unless Dir.exists?(SRC_DIR)
-  raise "### No rspec directory: #{SPEC_DIR}" unless Dir.exists?(SPEC_DIR)
-  puts "Adding #{name} to knowledge base..."
-  name = "OSVDB_"+name
-  rb_filename = SRC_DIR+name.downcase.gsub("-", "_")+".rb"
-  spec_filename = SPEC_DIR+name.downcase.gsub("-", "_")+"_spec.rb"
-  class_name = name.gsub("-", "_")
-  open(rb_filename, "w") do |file|
-    file.puts "module Dawn"
-    file.puts "\t\tmodule Kb"
-    file.puts "\t\t\t# Automatically created with rake on #{Time.now.strftime('%Y-%m-%d')}"
-    file.puts "\t\t\tclass #{class_name}"
-    file.puts "\t\t\t\t# Include the testing skeleton for this Security Check"
-    file.puts "\t\t\t\t# include PatternMatchCheck"
-    file.puts "\t\t\t\t# include DependencyCheck"
-    file.puts "\t\t\t\t# include RubyVersionCheck"
-    file.puts ""
-    file.puts "\t\t\t\tdef initialize"
-    file.puts "\t\t\t\t\ttitle   = \"\""
-    file.puts "\t\t\t\t\tmessage = \"\""
-    file.puts "\t\t\t\tend"
-    file.puts "\t\t\tend"
-    file.puts "\t\tend"
-    file.puts "end"
-  end
-  puts "#{rb_filename} created"
-  open(spec_filename, "w") do |file|
-    file.puts "require 'spec_helper'"
-    file.puts "describe \"The #{name} vulnerability\" do"
-    file.puts "\tbefore(:all) do"
-    file.puts "\t\t@check = Dawn::Kb::#{class_name}.new"
-    file.puts "\t\t# @check.debug = true"
-    file.puts "\tend"
-    file.puts "\tit \"is reported when the vulnerable gem is detected\" do"
-    file.puts "\t\t@check.dependencies = [{:name=>\"\", :version=>\"\"}]"
-    file.puts "\t\texpect(@check.vuln?).to   eq(true)"
-    file.puts "\tend"
-    file.puts "\tit \"is not reported when a fixed release is detected\" do"
-    file.puts "\t\t@check.dependencies = [{:name=>\"\", :version=>\"\"}]"
-    file.puts "\t\texpect(@check.vuln?).to   eq(false)"
-    file.puts "\tend"
-    file.puts "end"
-  end
-  puts "#{spec_filename} created"
-  puts "*** PLEASE IMPLEMENT TEST FOR #{name} IN ./spec/lib/dawn/codesake_knowledgebase_spec.rb in order to reflect changes"
-  puts "*** PLEASE ADD THIS CODE IN ./lib/dawn/knowledge_base.rb in order to reflect changes"
-  puts "require \"dawn/kb/#{class_name.downcase}\""
-  puts "it \"must have test for #{name}\" do"
-  puts "  sc = kb.find(\"#{name}\")"
-  puts "  expect(sc).not_to   be_nil"
-  puts "  expect(sc.class).to eq(Dawn::Kb::#{class_name})"
-  puts "end"
-end
-desc "Create a new Generic security check"
-task :check, :name do |t,args|
-  name      = args.name
-  SRC_DIR   = "./lib/dawn/kb/"
-  SPEC_DIR  = "./spec/lib/kb/"
-  raise "### It seems that #{name} is already in Dawn knowledge base" unless Dawn::KnowledgeBase.find(nil, name).nil?
-  raise "### No target directory: #{SRC_DIR}" unless Dir.exists?(SRC_DIR)
-  raise "### No rspec directory: #{SPEC_DIR}" unless Dir.exists?(SPEC_DIR)
-  puts "Adding #{name} to knowledge base..."
-  rb_filename = SRC_DIR+name.downcase.gsub("-", "_")+".rb"
-  spec_filename = SPEC_DIR+name.downcase.gsub("-", "_")+"_spec.rb"
-  class_name = name.gsub("-", "_")
-  open(rb_filename, "w") do |file|
-    file.puts "module Dawn"
-    file.puts "\t\tmodule Kb"
-    file.puts "\t\t\t# Automatically created with rake on #{Time.now.strftime('%Y-%m-%d')}"
-    file.puts "\t\t\tclass #{class_name}"
-    file.puts "\t\t\t\t# Include the testing skeleton for this Security Check"
-    file.puts "\t\t\t\t# include PatternMatchCheck"
-    file.puts "\t\t\t\t# include DependencyCheck"
-    file.puts "\t\t\t\t# include RubyVersionCheck"
-    file.puts ""
-    file.puts "\t\t\t\tdef initialize"
-    file.puts "\t\t\t\tend"
-    file.puts "\t\t\tend"
-    file.puts "\t\tend"
-    file.puts "end"
-  end
-  puts "#{rb_filename} created"
-  open(spec_filename, "w") do |file|
-    file.puts "require 'spec_helper'"
-    file.puts "describe \"The #{name} vulnerability\" do"
-    file.puts "\tbefore(:all) do"
-    file.puts "\t\t@check = Dawn::Kb::#{class_name}.new"
-    file.puts "\t\t# @check.debug = true"
-    file.puts "\tend"
-    file.puts "\tit \"is reported when...\""
-    file.puts "end"
-  end
-  puts "#{spec_filename} created"
-  puts "*** PLEASE IMPLEMENT TEST FOR #{name} IN ./spec/lib/dawn/codesake_knowledgebase_spec.rb in order to reflect changes"
-  puts "*** PLEASE ADD THIS CODE IN ./lib/dawn/knowledge_base.rb in order to reflect changes"
-  puts "require \"dawn/kb/#{class_name.downcase}\""
-  puts "it \"must have test for #{name}\" do"
-  puts "  sc = kb.find(\"#{name}\")"
-  puts "  sc.should_not   be_nil"
-  puts "  sc.class.should == Dawn::Kb::#{class_name}"
-  puts "end"
-end
 namespace :kb do
   desc 'Check information lint'
   task :lint do
@@ -283,27 +74,8 @@ namespace :kb do
   desc 'Pack the library for shipping'
   task :pack do
-    YAML_KB = File.join(Dir.pwd, 'db')
-    __kb_pack
-  end
-  desc 'Transform all checks to YAML file and pack the library for shipping'
-  task :to_yaml do
-    YAML_KB = File.join(Dir.pwd, 'db')
-    FileUtils.rm_rf YAML_KB
-    FileUtils.mkdir_p YAML_KB
-    Dawn::KnowledgeBase.new.all.each do |check|
-      out_dir = File.join(YAML_KB, check.check_family.to_s)
-      FileUtils.mkdir_p(out_dir) unless Dir.exists? out_dir
-      filename = File.join(out_dir, check.name.gsub(" ", "_").gsub("-", "_") + '.yml')
-      open(filename, 'w') do |f|
-        f.puts(check.to_yaml)
-      end
-      puts "#{filename} created"
-    end
+    YAML_KB = File.join(Dir.home, "dawnscanner", 'db')
+    FileUtils.mkdir_p(YAML_KB)
     __kb_pack
   end
@@ -393,50 +165,46 @@ end
 def __kb_pack
   if Dir.exists? "#{YAML_KB}/bulletin"
-    system "tar cfvz #{YAML_KB}/bulletin.tar.gz #{YAML_KB}/bulletin"
+    system "tar cfvz #{YAML_KB}/bulletin.tar.gz -C #{YAML_KB} bulletin"
     system "rm -rf #{YAML_KB}/bulletin"
     system "shasum -a 256 #{YAML_KB}/bulletin.tar.gz > #{YAML_KB}/bulletin.tar.gz.sig"
   end
   if Dir.exists? "#{YAML_KB}/generic_check"
-    system "tar cfvz #{YAML_KB}/generic_check.tar.gz #{YAML_KB}/generic_check"
+    system "tar cfvz #{YAML_KB}/generic_check.tar.gz -C #{YAML_KB} generic_check"
     system "rm -rf #{YAML_KB}/generic_check"
     system "shasum -a 256 #{YAML_KB}/generic_check.tar.gz > #{YAML_KB}/generic_check.tar.gz.sig"
   end
   if Dir.exists? "#{YAML_KB}/owasp_ror_cheatsheet"
-    system "tar cfvz #{YAML_KB}/owasp_ror_cheatsheet.tar.gz #{YAML_KB}/owasp_ror_cheatsheet"
+    system "tar cfvz #{YAML_KB}/owasp_ror_cheatsheet.tar.gz -C #{YAML_KB} owasp_ror_cheatsheet"
     system "rm -rf #{YAML_KB}/owasp_ror_cheatsheet"
     system "shasum -a 256 #{YAML_KB}/owasp_ror_cheatsheet.tar.gz > #{YAML_KB}/owasp_ror_cheatsheet.tar.gz.sig"
   end
   if Dir.exists? "#{YAML_KB}/code_style"
-    system "tar cfvz #{YAML_KB}/code_style.tar.gz #{YAML_KB}/code_style"
+    system "tar cfvz #{YAML_KB}/code_style.tar.gz -C #{YAML_KB} code_style"
     system "rm -rf #{YAML_KB}/code_style"
     system "shasum -a 256 #{YAML_KB}/code_style.tar.gz > #{YAML_KB}/code_style.tar.gz.sig"
   end
   if Dir.exists? "#{YAML_KB}/code_quality"
-    system "tar cfvz #{YAML_KB}/code_quality.tar.gz #{YAML_KB}/code_quality"
+    system "tar cfvz #{YAML_KB}/code_quality.tar.gz -C #{YAML_KB} code_quality"
     system "rm -rf #{YAML_KB}/code_quality"
     system "shasum -a 256 #{YAML_KB}/code_quality.tar.gz > #{YAML_KB}/code_quality.tar.gz.sig"
   end
   if Dir.exists? "#{YAML_KB}/owasp_top_10"
-    system "tar cfvz #{YAML_KB}/owasp_top_10.tar.gz #{YAML_KB}/owasp_top_10"
+    system "tar cfvz #{YAML_KB}/owasp_top_10.tar.gz -C #{YAML_KB} owasp_top_10"
     system "rm -rf #{YAML_KB}/owasp_top_10"
     system "shasum -a 256 #{YAML_KB}/owasp_top_10.tar.gz > #{YAML_KB}/owasp_top_10.tar.gz.sig"
   end
   open(File.join(YAML_KB, "kb.yaml"), 'w') do |f|
-    f.puts(Dawn::KnowledgeBaseExperimental.kb_descriptor)
+    f.puts(Dawn::KnowledgeBase.kb_descriptor)
   end
   puts "kb.yaml created"
   system "shasum -a 256 #{YAML_KB}/kb.yaml > #{YAML_KB}/kb.yaml.sig"
-  system "tar cfvz #{YAML_KB}/signatures.tar.gz #{YAML_KB}/*.tar.gz.sig"
-  system "rm -rf #{YAML_KB}/*.tar.gz.sig "
-  puts "#{YAML_KB}/signatures.tar.gz created"
   puts "Library ready to be shipped"
 end