gauntlt 0.0.5 → 0.0.6

data/README.md

@@ -1,4 +1,4 @@
-# gauntlt [![Build Status](https://secure.travis-ci.org/thegauntlet/gauntlt.png?branch=master)](http://travis-ci.org/thegauntlet/gauntlt)
+# gauntlt [![Build Status](https://secure.travis-ci.org/thegauntlet/gauntlt.png?branch=master)](http://travis-ci.org/thegauntlet/gauntlt) [![Code Climate](https://codeclimate.com/badge.png)](https://codeclimate.com/github/thegauntlet/gauntlt)
 
 gauntlt is a ruggedization framework
 
@@ -6,35 +6,18 @@ gauntlt is a ruggedization framework
 
 The gauntlt project is under active development and is not ready for production use but we are looking for community feedback and involvement on the project.  Please file issues via github and follow the project on twitter: [@gauntlt](https://twitter.com/gauntlt).
 
-Have questions?  Ask us anything on the [gauntlt google group](http://bit.ly/gauntlt_group).
+Have questions?  Ask us anything on the [gauntlt google group](http://bit.ly/gauntlt_group) or find us on irc at [#gauntlt](http://webchat.freenode.net/?channels=gauntlt) (irc.freenode.net).
 
 ## GET STARTED
 
 Before you start, please note that gauntlt is tested regularly against ruby 1.9.3. We don't test againt older versions of ruby. Keep in mind that you run gauntlt separately from the application it targets, so it does not matter whether the targeted application uses ruby.
 
-1. Clone the git repo
-
-        $ git clone --recursive git@github.com:thegauntlet/gauntlt.git
-        $ cd gauntlt
-
-
-2. Install bundler
+1. Install the gem
 
-        $ gem install bundler
-
-
-3. Install dependencies
+        $ gem install gauntlt
 
-Note, you may see errors in bundle related to the curb gem.  It is looking for curl dependencies. In ubuntu you can do a sudo apt-get install libcurl4-openssl-dev
+2. Create an attack file and put it anywhere you like
 
-        $ bundle
-
-4. Create an attack file
-
-        # general format
-        $ bin/gauntlt attack --name <attack_name> --attack-file my_attack.attack
-
-        # for example, launch an nmap attack
         # nmap.attack
         Feature: nmap attacks
           Background:
@@ -52,17 +35,51 @@ Note, you may see errors in bundle related to the curb gem.  It is looking for c
               443/tcp open  https
               """
 
-        $ bin/gauntlt attack -n nmap -a nmap.attack
+3. Run gauntlt to launch the attack defined above
+
+        $ gauntlt attack -n nmap -a nmap.attack
+        # general format:
+        #  $ gauntlt attack --name <attack_name> --attack-file <path>
+
 
       For more attack examples, refer to features/attacks.
 
-5. Other commands
+4. Other commands
 
         # list defined attacks
-        $ bin/gauntlt attack --list
+        $ gauntlt attack --list
 
         # get help
-        $ bin/gauntlt help
+        $ gauntlt help
+
+
+## For developers
+
+1. Clone the git repo and get the submodules
+
+        $ git clone --recursive git://github.com/thegauntlet/gauntlt.git
+
+2. Install bundler
+
+        $ gem install bundler
+
+3. Install dependencies
+
+        $ bundle
+        # if you get errors, you may need to install curl libs first
+        # on ubuntu:
+        #   $ sudo apt-get install libcurl4-openssl-dev
+
+
+4. Run the cucumber features and rspec examples
+
+        $ bundle exec rake
+
+5. Launch attacks with bin/gauntlt
+
+        $ bin/gauntlt attack -n nmap -a my_attack_file.attack
+
+5. Refer to the features directory for usage examples and please write cucumber features for any new functionality you wish to submit.
 
 
 ## ROADMAP

data/bin/gauntlt

@@ -1,53 +1,56 @@
 #!/usr/bin/env ruby
-$:.unshift(File.join(File.dirname(__FILE__), "/../lib"))
+require 'rubygems'
+$:.push File.expand_path("../../lib", __FILE__) unless $:.include?( File.expand_path("../../lib", __FILE__) )
 require 'gauntlt'
 
-require 'acclaim'
+require 'trollop'
 
-class Gauntlt::Command < Acclaim::Command
-  option :help,     '-h', '--help',    'Help outputs available command options'
-  option :version,  '-v', '--version', 'Version of app'
+SUB_COMMANDS = %w(
+  attack
+)
 
-  when_called do |options, args|
-    if options.help? || options.empty?
-      help options: false
-      Gauntlt::Command.run 'help'
-    elsif options.version?
-      puts Gauntlt::VERSION
-    end
-  end
+global_opts = Trollop::options do
+  banner "usage: gauntlt attack [<args>]"
+  stop_on SUB_COMMANDS
 end
 
-# gauntlt attack ...
-class Gauntlt::Command::Attack < Gauntlt::Command
-  option :help, '-h', '--help', 'Help outputs available command options'
-  option :list, '-l', '--list', 'List of available attacks'
-
-  option :name, '-n', '--name', 'Name of attack to launch', arity: [1, 0]
-  option :attack_file, '-a', '--attack-file', 'Name of file with attack definition', arity: [1, 0]
-
-  action do |options, args|
-    if options.list? || options.empty?
-      puts "Available attacks:"
-      puts ""
-      puts Gauntlt.attacks.map{|a| "  #{a}"}.join("\n")
-      puts ""
-      puts "  try: gauntlt attack -n nmap"
-    elsif options.help?
-      help options: false
-      Gauntlt::Command.run 'help'
-      puts "  try: gauntlt attack -n nmap -a your.attack"
-    else
-      if options.attack_file? && options.name?
-        puts Gauntlt.attack(options.name, :attack_file => options.attack_file)
-      else
-        puts "  Must specify name and attack-file"
-        puts ""
-        puts "  try: gauntlt attack -n nmap -a your.attack"
-        raise
-      end
+cmd = ARGV.shift # get the subcommand
+
+cmd_opts = case cmd
+  when "attack" # parse delete options
+    Trollop::options do
+      banner "usage: gauntlt attack -n [attack-name] -a [attack-file]"
+
+      opt :name,
+          "attack name",
+          :short => '-n',
+          :type  => String
+
+      opt :"attack-file",
+          "attack file",
+          :short => "-a",
+          :type  => String
+
+      opt :list,
+          "list defined attacks",
+          :short => "-l"
+
     end
+  when nil
+    puts "Try --help for help"
+  else
+    Trollop::die "unknown subcommand #{cmd.inspect}"
   end
-end
 
-Gauntlt::Command.run *ARGV
+if cmd == "attack"
+  if cmd_opts[:'attack-file_given'] && cmd_opts[:name]
+      puts Gauntlt.attack(cmd_opts[:name], :attack_file => cmd_opts[:'attack-file'])
+  else
+    puts "Available attacks:"
+    puts ""
+    puts Gauntlt.attacks.map{|a| "  #{a}"}.join("\n")
+    puts ""
+    puts "  try: gauntlt attack -n nmap"
+    Trollop.die "must specify name and attack-file" unless cmd_opts[:list_given]
+  end
+end

data/examples/nmap/nmap.attack

@@ -0,0 +1,57 @@
+@slow
+
+Feature: nmap attacks for example.com
+  Background:
+    Given "nmap" is installed
+    And the target hostname is "google.com"
+    And the target tcp_ping_ports are "22,25,80,443"
+
+
+  Scenario: Verify server is open on expected set of ports using the nmap fast flag
+    When I launch an "nmap" attack with:
+      """
+      nmap -F <hostname>
+      """
+    Then the output should contain:
+      """
+      80/tcp   open  http
+      443/tcp  open  https
+      3128/tcp open  squid-http
+      8080/tcp open  http-proxy
+      """
+  Scenario: Verify that there are no unexpected ports open
+    When I launch an "nmap" attack with:
+      """
+      nmap -F <hostname>
+      """
+    Then the output should not contain:
+      """
+      22/tcp
+      25/tcp
+      """
+
+  Scenario: Using tcp syn ping scan and the nmap fast flag
+    When I launch an "nmap" attack with:
+      """
+      nmap -F -PS<tcp_ping_ports> <hostname>
+      """
+    Then the output should contain:
+      """
+      80/tcp   open  http
+      443/tcp  open  https
+      3128/tcp open  squid-http
+      8080/tcp open  http-proxy
+      """
+
+  Scenario: Output to XML
+    When I launch an "nmap" attack with:
+      """
+      nmap -p 80,443 -oX foo.xml <hostname>
+      """
+    And the file "foo.xml" should contain XML:
+      | css                                                          |
+      | ports port[protocol="tcp"][portid="80"] state[state="open"]  |
+      | ports port[protocol="tcp"][portid="443"] state[state="open"] |
+    And the file "foo.xml" should not contain XML:
+      | css                                                          |
+      | ports port[protocol="tcp"][portid="123"] state[state="open"] |

data/features/attack.feature

@@ -37,14 +37,14 @@ Feature: Verify the attack behaviour is correct
     When I run `gauntlt attack --name thisattackwouldneverexist`
     Then it should fail with:
     """
-    Must specify name and attack-file
+    must specify name and attack-file
     """
 
   Scenario: No attack name specified
     When I run `gauntlt attack --attack-file thisattackwouldneverexist`
     Then it should fail with:
     """
-    Must specify name and attack-file
+    must specify name and attack-file
     """
 
   Scenario: Bad attack file specified
@@ -58,5 +58,5 @@ Feature: Verify the attack behaviour is correct
     When I run `gauntlt attack --name nmap`
     Then it should fail with:
     """
-    Must specify name and attack-file
+    must specify name and attack-file
     """

data/features/attacks/nmap.feature

@@ -1,10 +1,9 @@
 Feature: nmap attack
-  @slow
-  Scenario: Launch nmap attack
+  Background:
     Given an attack "nmap" exists
-    And a file named "nmap.attack" with:
+    And a file named "simple_nmap.attack" with:
     """
-    Feature: nmap attacks
+    Feature: simple nmap attack (sanity check)
 
       Background:
         Given "nmap" is installed
@@ -20,6 +19,14 @@ Feature: nmap attack
           80/tcp  open  http
           443/tcp open  https
           \"\"\"
+    """
+    And a file named "os_detection_nmap.attack" with:
+    """
+    Feature: OS detection
+
+      Background:
+        Given "nmap" is installed
+        And the target hostname is "google.com"
 
       @slow
       Scenario: Detect OS
@@ -32,9 +39,78 @@ Feature: nmap attack
           Service Info: OS: Linux
           \"\"\"
     """
-    When I run `gauntlt attack --name nmap --attack-file nmap.attack`
+    And a file named "tcp_ping_ports_nmap.attack" with:
+    """
+    Feature: nmap attacks for example.com
+      Background:
+        Given "nmap" is installed
+        And the target hostname is "google.com"
+        And the target tcp_ping_ports are "22,25,80,443"
+
+      @slow
+      Scenario: Using tcp syn ping scan and the nmap fast flag
+        When I launch an "nmap" attack with:
+          \"\"\"
+          nmap -F -PS<tcp_ping_ports> <hostname>
+          \"\"\"
+        Then the output should contain:
+          \"\"\"
+          80/tcp
+          \"\"\"
+
+     """
+    And a file named "xml_output_nmap.attack" with:
+      """
+      Feature: simple nmap attack (sanity check)
+
+        Background:
+          Given "nmap" is installed
+          And the target hostname is "google.com"
+
+        Scenario: Output to XML
+          When I launch an "nmap" attack with:
+            \"\"\"
+            nmap -p 80,443 -oX foo.xml <hostname>
+            \"\"\"
+          And the file "foo.xml" should contain XML:
+            | css                                                          |
+            | ports port[protocol="tcp"][portid="80"] state[state="open"]  |
+            | ports port[protocol="tcp"][portid="443"] state[state="open"] |
+          And the file "foo.xml" should not contain XML:
+            | css                                                          |
+            | ports port[protocol="tcp"][portid="123"] state[state="open"] |
+      """
+
+
+  Scenario: Simple nmap attack
+    When I run `gauntlt attack --name nmap --attack-file simple_nmap.attack`
+    Then it should pass
+    And the output should contain:
+      """
+      4 steps (4 passed)
+      """
+
+  @slow
+  Scenario: OS detection nmap attack
+    When I run `gauntlt attack -n nmap -a os_detection_nmap.attack`
+    Then it should pass
+    And the output should contain:
+      """
+      4 steps (4 passed)
+      """
+
+  Scenario: Testing the tcp_ping_ports
+    When I run `gauntlt attack -n nmap -a tcp_ping_ports_nmap.attack`
+    Then it should pass
+    And the output should contain:
+      """
+      5 steps (5 passed)
+      """
+
+  Scenario: Handle XML output file
+    When I run `gauntlt attack -n nmap -a xml_output_nmap.attack`
     Then it should pass
     And the output should contain:
       """
-      8 steps (8 passed)
+      5 steps (5 passed)
       """

data/features/help.feature

@@ -4,34 +4,39 @@ Feature: Display help info
   I want contextual help info,
   In order to learn the options required by an attack
 
-  Scenario: A user runs the help command in the core part of gauntlt
+  Scenario: Global help
     When I run `gauntlt --help`
-    Then I should see a help menu that explains how to invoke gauntlt
+    Then the output should contain:
+      """
+      usage: gauntlt attack [<args>]
+      """
 
-  Scenario: A user runs the help command for a certain test
+  Scenario: Attack help
     When I run `gauntlt attack -h -n nmap`
     Then the output should contain:
-    """
-    Command 'attack':
-    """
+      """
+      usage: gauntlt attack -n [attack-name] -a [attack-file]
+      """
 
   Scenario: A user runs gauntlt without any arguments
     When I run `gauntlt`
-    Then I should see a help menu that explains how to invoke gauntlt
+    Then the output should contain:
+      """
+      Try --help for help
+      """
 
   Scenario: A user runs the attack command without specifying attack name
     When I run `gauntlt attack`
     Then the output should contain:
-    """
-    Available attacks:
-
-      cookies
-      curl
-      http_methods
-      nmap
-      sqlmap
-      sslyze
-
-      try: gauntlt attack -n nmap
-    """
-
+      """
+      Available attacks:
+
+        cookies
+        curl
+        http_methods
+        nmap
+        sqlmap
+        sslyze
+
+        try: gauntlt attack -n nmap
+      """

data/gauntlt.gemspec

@@ -7,24 +7,24 @@ Gem::Specification.new do |s|
   s.version     = Gauntlt::VERSION
   s.authors     = ["James Wickett", "Mani Tadayon"]
   s.email       = ["james@ruggeddevops.org"]
-  s.homepage    = ""
+  s.homepage    = "https://github.com/thegauntlet/gauntlt"
   s.summary     = %q{behaviour-driven security using cucumber}
   s.description = %q{Using standard Gherkin language to define security tests, gauntlt happily wraps cucumber functionality and provides a security testing framework that security engineers, developers and operations teams can collaborate on together.}
 
-    s.files         = `git ls-files`.split("\n")
+  s.files         = `git ls-files`.split("\n")
   s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
   s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
   s.require_paths = ["lib"]
 
   # specify any dependencies here; for example:
   s.add_development_dependency "cucumber"
-  s.add_development_dependency "rspec"
+  s.add_development_dependency "rspec", "~> 2.11"
   s.add_development_dependency "aruba"
-  s.add_development_dependency "rake"  
+  s.add_development_dependency "rake"
 
   s.add_runtime_dependency "cucumber"
   s.add_runtime_dependency "aruba"
-  s.add_runtime_dependency "curb"  
-  s.add_runtime_dependency "acclaim"
-  s.add_runtime_dependency "ribbon", "0.7.0"
+  s.add_runtime_dependency "curb"
+  s.add_runtime_dependency "nokogiri"
+  s.add_runtime_dependency "trollop"
 end

data/lib/gauntlt/attack_adapters/nmap.rb

@@ -8,7 +8,31 @@ When /^the target hostname is "(.*?)"$/ do |host|
   set_hostname host
 end
 
+When /^the target tcp_ping_ports are "(.*?)"$/ do |ports|
+  set_tcp_ping_ports ports
+end
+
 When /^I launch an "nmap" attack with:$/ do |command|
   command.gsub!('<hostname>', hostname)
+
+  if tcp_ping_ports.nil?
+    else
+      command.gsub!('<tcp_ping_ports>', tcp_ping_ports)
+    end
+
   run command
 end
+
+require 'nokogiri'
+
+When /^the file "(.*?)" should contain XML:$/ do |filename, css_selectors|
+  css_selectors.hashes.each do |row|
+    assert_xml_includes(filename, row['css'])
+  end
+end
+
+When /^the file "(.*?)" should not contain XML:$/ do |filename, css_selectors|
+  css_selectors.hashes.each do |row|
+    assert_xml_does_not_include(filename, row['css'])
+  end
+end

data/lib/gauntlt/attack_adapters/support/cli_helper.rb

@@ -1,3 +1,5 @@
+require 'aruba/cucumber'
+
 require 'English'
 # English.rb adds human-readable names for things like $?, $!, etc.:
 #   http://www.ruby-doc.org/stdlib-1.9.3/libdoc/English/rdoc/English_rb.html
@@ -15,4 +17,9 @@ module Gauntlt
     end
   end
 end
-World(Gauntlt::Support::CliHelper)
+
+World(Gauntlt::Support::CliHelper)
+
+Before('@slow') do
+  @aruba_timeout_seconds = 10
+end

data/lib/gauntlt/attack_adapters/support/cookie_helper.rb

@@ -1,27 +1,32 @@
 require 'curb'
 
-module CookieHelper
-  def cookies_for(url)
-    [].tap do |returner|
-      c = Curl::Easy.perform(url) do |curl|
-        curl.follow_location = true
-        curl.enable_cookies = true
+module Gauntlt
+  module Support
+    module CookieHelper
+      def cookies_for(url)
+        [].tap do |returner|
+          c = Curl::Easy.perform(url) do |curl|
+            curl.follow_location = true
+            curl.enable_cookies = true
 
-        curl.on_header do |header|
-          returner << "#{$1}=#{$2}" if header =~ /^Set-Cookie: ([^=]+)=([^;]+;)/
+            curl.on_header do |header|
+              returner << "#{$1}=#{$2}" if header =~ /^Set-Cookie: ([^=]+)=([^;]+;)/
+            end
+          end
         end
       end
-    end
-  end
 
-  def cookies
-    raise "No cookies set" if @cookies.nil?
+      def cookies
+        raise "No cookies set" if @cookies.nil?
 
-    @cookies
-  end
+        @cookies
+      end
 
-  def set_cookies(a)
-    @cookies = a
+      def set_cookies(a)
+        @cookies = a
+      end
+    end
   end
 end
-World(CookieHelper)
+
+World(Gauntlt::Support::CookieHelper)

data/lib/gauntlt/attack_adapters/support/nmap_helper.rb

@@ -1,13 +1,18 @@
 require 'aruba'
 
-module NmapHelper
-  def run_nmap_attack(host, opts)
-    args = opts.map{|k,v| "#{k} #{v}"}
+module Gauntlt
+  module Support
+    module NmapHelper
+      def run_nmap_attack(host, opts)
+        args = opts.map{|k,v| "#{k} #{v}"}
 
-    command = "nmap #{args.join(' ')} #{host}"
+        command = "nmap #{args.join(' ')} #{host}"
 
-    # run is from aruba
-    run command
+        # run is from aruba
+        run command
+      end
+    end
   end
 end
-World(NmapHelper)
+
+World(Gauntlt::Support::NmapHelper)

data/lib/gauntlt/attack_adapters/support/profile_helper.rb

@@ -1,12 +1,28 @@
-module ProfileHelper
-  def hostname
-    raise "No host defined" if @hostname.nil?
+module Gauntlt
+  module Support
+    module ProfileHelper
+      def hostname
+        raise "No host defined" if @hostname.nil?
 
-    @hostname
-  end
+        @hostname
+      end
+
+      def tcp_ping_ports
+        #raise "No tcp_ping_ports defined" if @tcp_ping_ports.nil?
+
+        @tcp_ping_ports
+      end
 
-  def set_hostname(s)
-    @hostname = s
+      def set_hostname(s)
+        @hostname = s
+      end
+
+      def set_tcp_ping_ports(s)
+        @tcp_ping_ports = s
+      end
+    end
   end
 end
-World(ProfileHelper)
+
+World(Gauntlt::Support::ProfileHelper)
+

data/lib/gauntlt/attack_adapters/support/python_script_helper.rb

@@ -67,4 +67,5 @@ EOS
     end
   end
 end
+
 World(Gauntlt::Support::PythonScriptHelper)

data/lib/gauntlt/attack_adapters/support/xml_helper.rb

@@ -0,0 +1,31 @@
+require 'aruba/cucumber'
+
+module Gauntlt
+  module Support
+    module XmlHelper
+      def load_xml_from_file(filename)
+        content = ""
+        prep_for_fs_check do
+          content = IO.read(filename)
+        end
+        Nokogiri::XML(content)
+      end
+
+
+      def xml_at_css(filename, css)
+        xml = load_xml_from_file(filename)
+        xml.at_css(css)
+      end
+
+      def assert_xml_includes(filename, css)
+        raise "#{css} not found in #{filename}" if xml_at_css(filename, css).nil?
+      end
+
+      def assert_xml_does_not_include(filename, css)
+        raise "#{css} found in #{filename}" unless xml_at_css(filename, css).nil?
+      end
+    end
+  end
+end
+
+World(Gauntlt::Support::XmlHelper)

data/lib/gauntlt/version.rb

@@ -1,3 +1,3 @@
 module Gauntlt
-  VERSION = "0.0.5"
+  VERSION = "0.0.6"
 end

data/spec/gauntlt_spec.rb

@@ -23,10 +23,9 @@ describe Gauntlt do
 
   describe :attack_files do
     it "returns the full path to each attack file" do
-      with_constants :"Gauntlt::ATTACK_GLOB_PATTERN" =>'foo' do
-        Dir.stub(:glob).with('foo').and_return(['bar', 'baz'])
-        subject.attack_files.should == ['bar', 'baz']
-      end
+      stub_const "Gauntlt::ATTACK_GLOB_PATTERN",'foo'
+      Dir.stub(:glob).with('foo').and_return(['bar', 'baz'])
+      subject.attack_files.should == ['bar', 'baz']
     end
   end
 

data/spec/spec_helper.rb

@@ -9,10 +9,7 @@ require 'gauntlt'
 
 require 'aruba/api'
 
-Dir['./spec/support/**/*.rb'].map {|f| require f}
-
 RSpec.configure do |c|
   c.include Aruba::Api
-  c.include RSpecConstantsHelpers
   c.color = true
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: gauntlt
 version: !ruby/object:Gem::Version
-  version: 0.0.5
+  version: 0.0.6
   prerelease: 
 platform: ruby
 authors:
@@ -10,7 +10,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2012-08-02 00:00:00.000000000 Z
+date: 2012-08-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: cucumber
@@ -33,17 +33,17 @@ dependencies:
   requirement: !ruby/object:Gem::Requirement
     none: false
     requirements:
-    - - ! '>='
+    - - ~>
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '2.11'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     none: false
     requirements:
-    - - ! '>='
+    - - ~>
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '2.11'
 - !ruby/object:Gem::Dependency
   name: aruba
   requirement: !ruby/object:Gem::Requirement
@@ -125,7 +125,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: acclaim
+  name: nokogiri
   requirement: !ruby/object:Gem::Requirement
     none: false
     requirements:
@@ -141,21 +141,21 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: ribbon
+  name: trollop
   requirement: !ruby/object:Gem::Requirement
     none: false
     requirements:
-    - - '='
+    - - ! '>='
       - !ruby/object:Gem::Version
-        version: 0.7.0
+        version: '0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     none: false
     requirements:
-    - - '='
+    - - ! '>='
       - !ruby/object:Gem::Version
-        version: 0.7.0
+        version: '0'
 description: Using standard Gherkin language to define security tests, gauntlt happily
   wraps cucumber functionality and provides a security testing framework that security
   engineers, developers and operations teams can collaborate on together.
@@ -174,6 +174,7 @@ files:
 - README.md
 - Rakefile
 - bin/gauntlt
+- examples/nmap/nmap.attack
 - features/attack.feature
 - features/attacks/cookies.feature
 - features/attacks/curl.feature
@@ -185,7 +186,6 @@ files:
 - features/report.feature
 - features/step_definitions/aruba_extension_steps.rb
 - features/step_definitions/config_steps.rb
-- features/step_definitions/help_steps.rb
 - features/step_definitions/support_steps.rb
 - features/support/aruba.rb
 - features/support/attack_steps.rb
@@ -205,18 +205,16 @@ files:
 - lib/gauntlt/attack_adapters/sslyze.rb
 - lib/gauntlt/attack_adapters/support/cli_helper.rb
 - lib/gauntlt/attack_adapters/support/cookie_helper.rb
-- lib/gauntlt/attack_adapters/support/env.rb
-- lib/gauntlt/attack_adapters/support/hooks.rb
 - lib/gauntlt/attack_adapters/support/nmap_helper.rb
 - lib/gauntlt/attack_adapters/support/profile_helper.rb
 - lib/gauntlt/attack_adapters/support/python_script_helper.rb
-- lib/gauntlt/attack_adapters/support/sslyze_output.README
+- lib/gauntlt/attack_adapters/support/xml_helper.rb
 - lib/gauntlt/version.rb
 - spec/gauntlt/attack_spec.rb
 - spec/gauntlt_spec.rb
 - spec/spec_helper.rb
-- spec/support/mock_constants.rb
-homepage: ''
+- vendor/sslyze_output.README
+homepage: https://github.com/thegauntlet/gauntlt
 licenses: []
 post_install_message: 
 rdoc_options: []
@@ -236,7 +234,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 1.8.23
+rubygems_version: 1.8.24
 signing_key: 
 specification_version: 3
 summary: behaviour-driven security using cucumber
@@ -252,7 +250,6 @@ test_files:
 - features/report.feature
 - features/step_definitions/aruba_extension_steps.rb
 - features/step_definitions/config_steps.rb
-- features/step_definitions/help_steps.rb
 - features/step_definitions/support_steps.rb
 - features/support/aruba.rb
 - features/support/attack_steps.rb
@@ -262,4 +259,3 @@ test_files:
 - spec/gauntlt/attack_spec.rb
 - spec/gauntlt_spec.rb
 - spec/spec_helper.rb
-- spec/support/mock_constants.rb

data/features/step_definitions/help_steps.rb

@@ -1,8 +0,0 @@
-Then /^I should see a help menu that explains how to invoke gauntlt$/ do
-  steps %q{
-    Then the output should contain:
-    """
-      -h, --help
-    """
-  }
-end

data/lib/gauntlt/attack_adapters/support/env.rb

@@ -1 +0,0 @@
-require 'aruba/cucumber'

data/lib/gauntlt/attack_adapters/support/hooks.rb

@@ -1,3 +0,0 @@
-Before('@slow') do
-  @aruba_timeout_seconds = 10
-end

data/spec/support/mock_constants.rb

@@ -1,46 +0,0 @@
-# from http://missingbit.blogspot.com/2011/07/stubbing-constants-in-rspec_20.html
-# example: (from http://digitaldumptruck.jotabout.com/?p=551)
-#     it "does not allow links to be added in production environment" do
-#       with_constants :RAILS_ENV => 'production' do
-#         get :add, @nonexistent_link.url
-#         response.should_not be_success
-#       end
-#     end
-module RSpecConstantsHelpers
-  def constantize(camel_cased_word)
-    names = camel_cased_word.split('::')
-    names.shift if names.empty? || names.first.empty?
-
-    constant = Object
-    names.each do |name|
-      constant = constant.const_defined?(name) ? constant.const_get(name) : constant.const_missing(name)
-    end
-    constant
-  end
-
-  def parse(constant)
-    source, _, constant_name = constant.to_s.rpartition('::')
-
-    [constantize(source), constant_name]
-  end
-
-  def with_constants(constants, &block)
-    saved_constants = {}
-    constants.each do |constant, val|
-      source_object, const_name = parse(constant)
-
-      saved_constants[constant] = source_object.const_get(const_name)
-      source_object.const_set(const_name, val)
-    end
-
-    begin
-      block.call
-    ensure
-      constants.each do |constant, val|
-        source_object, const_name = parse(constant)
-
-        source_object.const_set(const_name, saved_constants[constant])
-      end
-    end
-  end
-end