gauntlt 0.0.7 → 0.0.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/.gitignore +2 -1
- data/.travis.yml +7 -1
- data/Gemfile +1 -1
- data/README.md +14 -8
- data/bin/gauntlt +28 -46
- data/examples/curl/cookies.attack +12 -0
- data/examples/curl/simple.attack +9 -0
- data/examples/curl/verbs.attack +19 -0
- data/examples/nmap/os_detection.attack +16 -0
- data/examples/nmap/simple.attack +16 -0
- data/examples/nmap/tcp_ping_ports.attack +16 -0
- data/examples/nmap/xml_output.attack +18 -0
- data/examples/sslyze/sslyze.attack +23 -0
- data/features/attack.feature +30 -19
- data/features/attacks/curl.feature +23 -15
- data/features/attacks/nmap.feature +16 -93
- data/features/attacks/sqlmap.feature +2 -3
- data/features/attacks/sslyze.feature +7 -29
- data/features/help.feature +3 -30
- data/features/step_definitions/config_steps.rb +1 -1
- data/features/step_definitions/support_steps.rb +15 -0
- data/features/support/hooks.rb +2 -2
- data/features/tags.feature +44 -0
- data/gauntlt.gemspec +0 -2
- data/lib/gauntlt.rb +7 -11
- data/lib/gauntlt/attack.rb +26 -22
- data/lib/gauntlt/attack_adapters/curl.rb +35 -1
- data/lib/gauntlt/attack_adapters/support/cli_helper.rb +1 -1
- data/lib/gauntlt/attack_adapters/support/cookie_helper.rb +3 -10
- data/lib/gauntlt/version.rb +1 -1
- data/spec/gauntlt/attack_spec.rb +13 -35
- data/spec/gauntlt_spec.rb +7 -14
- metadata +12 -30
- data/features/attacks/cookies.feature +0 -25
- data/features/attacks/http_methods.feature +0 -33
- data/features/step_definitions/aruba_extension_steps.rb +0 -3
- data/features/support/attack_steps.rb +0 -1
- data/features/support/profile/profile.xml +0 -5
- data/lib/gauntlt/attack_adapters/cookies.rb +0 -11
- data/lib/gauntlt/attack_adapters/http_methods.rb +0 -12
data/.gitignore
CHANGED
data/.travis.yml
CHANGED
@@ -1,9 +1,15 @@
|
|
1
1
|
language: ruby
|
2
2
|
rvm:
|
3
3
|
- 1.9.3
|
4
|
+
- jruby-head
|
4
5
|
before_install:
|
5
6
|
- git submodule update --init --recursive
|
6
7
|
before_script:
|
7
8
|
- sudo apt-get install nmap
|
8
9
|
- export SSLYZE_PATH="/home/vagrant/builds/thegauntlet/gauntlt/vendor/sslyze/sslyze.py"
|
9
|
-
- export SQLMAP_PATH="/home/vagrant/builds/thegauntlet/gauntlt/vendor/sqlmap/sqlmap.py"
|
10
|
+
- export SQLMAP_PATH="/home/vagrant/builds/thegauntlet/gauntlt/vendor/sqlmap/sqlmap.py"
|
11
|
+
|
12
|
+
|
13
|
+
matrix:
|
14
|
+
allow_failures:
|
15
|
+
- rvm: jruby-head
|
data/Gemfile
CHANGED
data/README.md
CHANGED
@@ -10,7 +10,7 @@ Have questions? Ask us anything on the [gauntlt google group](http://bit.ly/gau
|
|
10
10
|
|
11
11
|
## GET STARTED
|
12
12
|
|
13
|
-
|
13
|
+
You will need ruby version `1.9.3` to run gauntlt, but you can run gauntlt against applications built with any language or platform.
|
14
14
|
|
15
15
|
1. Install the gem
|
16
16
|
|
@@ -37,24 +37,30 @@ Before you start, please note that gauntlt is tested regularly against ruby 1.9.
|
|
37
37
|
|
38
38
|
3. Run gauntlt to launch the attack defined above
|
39
39
|
|
40
|
-
$ gauntlt
|
41
|
-
#
|
42
|
-
#
|
40
|
+
$ gauntlt
|
41
|
+
# equivalent to gauntlt ./**/*.attack
|
42
|
+
# by default, gauntlt will search in the current folder
|
43
|
+
# and its subfolders for files with the .attack extension
|
44
|
+
#
|
45
|
+
# you can also specify one or more paths yourself:
|
46
|
+
$ gauntlt my_attacks/*.attack some_other.file
|
43
47
|
|
44
48
|
|
45
|
-
For more attack examples, refer to
|
49
|
+
For more attack examples, refer to the [examples](https://github.com/thegauntlet/gauntlt/tree/master/examples).
|
46
50
|
|
47
51
|
4. Other commands
|
48
52
|
|
49
53
|
# list defined attacks
|
50
|
-
$ gauntlt
|
54
|
+
$ gauntlt --list
|
51
55
|
|
52
56
|
# get help
|
53
|
-
$ gauntlt help
|
57
|
+
$ gauntlt --help
|
54
58
|
|
55
59
|
|
56
60
|
## For developers
|
57
61
|
|
62
|
+
NOTE: We currently use `ruby 1.9.3` and `JRuby 1.7.0-preview2` for development and testing.
|
63
|
+
|
58
64
|
1. Clone the git repo and get the submodules
|
59
65
|
|
60
66
|
$ git clone --recursive git://github.com/thegauntlet/gauntlt.git
|
@@ -77,7 +83,7 @@ Before you start, please note that gauntlt is tested regularly against ruby 1.9.
|
|
77
83
|
|
78
84
|
5. Launch attacks with bin/gauntlt
|
79
85
|
|
80
|
-
$ bin/gauntlt attack
|
86
|
+
$ bin/gauntlt attack
|
81
87
|
|
82
88
|
5. Refer to the features directory for usage examples and please write cucumber features for any new functionality you wish to submit.
|
83
89
|
|
data/bin/gauntlt
CHANGED
@@ -1,56 +1,38 @@
|
|
1
1
|
#!/usr/bin/env ruby
|
2
2
|
require 'rubygems'
|
3
|
+
require 'trollop'
|
4
|
+
|
3
5
|
$:.push File.expand_path("../../lib", __FILE__) unless $:.include?( File.expand_path("../../lib", __FILE__) )
|
4
6
|
require 'gauntlt'
|
5
7
|
|
6
|
-
|
8
|
+
opts = Trollop::options do
|
9
|
+
version Gauntlt::VERSION
|
10
|
+
banner <<-EOS
|
11
|
+
gauntlt is a ruggedization framework
|
12
|
+
|
13
|
+
Usage:
|
14
|
+
gauntlt <path>+ [--tags TAG_EXPRESSION]
|
7
15
|
|
8
|
-
|
9
|
-
|
10
|
-
|
16
|
+
Options:
|
17
|
+
EOS
|
18
|
+
|
19
|
+
opt :tags, "Only execute specified tags",
|
20
|
+
:type => String,
|
21
|
+
:multi => true
|
22
|
+
|
23
|
+
opt :list, "List defined attacks"
|
24
|
+
end
|
11
25
|
|
12
|
-
|
13
|
-
|
14
|
-
|
26
|
+
opts[:path] = if ARGV.empty?
|
27
|
+
"./**/*.attack"
|
28
|
+
else
|
29
|
+
ARGV.join(" ")
|
15
30
|
end
|
16
31
|
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
opt :name,
|
25
|
-
"attack name",
|
26
|
-
:short => '-n',
|
27
|
-
:type => String
|
28
|
-
|
29
|
-
opt :"attack-file",
|
30
|
-
"attack file",
|
31
|
-
:short => "-a",
|
32
|
-
:type => String
|
33
|
-
|
34
|
-
opt :list,
|
35
|
-
"list defined attacks",
|
36
|
-
:short => "-l"
|
37
|
-
|
38
|
-
end
|
39
|
-
when nil
|
40
|
-
puts "Try --help for help"
|
41
|
-
else
|
42
|
-
Trollop::die "unknown subcommand #{cmd.inspect}"
|
43
|
-
end
|
44
|
-
|
45
|
-
if cmd == "attack"
|
46
|
-
if cmd_opts[:'attack-file_given'] && cmd_opts[:name]
|
47
|
-
puts Gauntlt.attack(cmd_opts[:name], :attack_file => cmd_opts[:'attack-file'])
|
48
|
-
else
|
49
|
-
puts "Available attacks:"
|
50
|
-
puts ""
|
51
|
-
puts Gauntlt.attacks.map{|a| " #{a}"}.join("\n")
|
52
|
-
puts ""
|
53
|
-
puts " try: gauntlt attack -n nmap"
|
54
|
-
Trollop.die "must specify name and attack-file" unless cmd_opts[:list_given]
|
55
|
-
end
|
32
|
+
if opts[:list]
|
33
|
+
attack_list = Gauntlt.attacks.map{|s| " #{s}"}.join("\n")
|
34
|
+
puts "Defined attacks: #{}"
|
35
|
+
puts attack_list
|
36
|
+
else
|
37
|
+
Gauntlt.attack( opts[:path], opts[:tags].join(',') )
|
56
38
|
end
|
@@ -0,0 +1,12 @@
|
|
1
|
+
Feature: Evaluate received cookies against expected.
|
2
|
+
|
3
|
+
Background:
|
4
|
+
Given "curl" is installed
|
5
|
+
And the target hostname is "google.com"
|
6
|
+
|
7
|
+
Scenario: Verify server is returning the cookies expected
|
8
|
+
When I launch a "cookies" attack
|
9
|
+
Then the following cookies should be received:
|
10
|
+
| name | secure | _rest |
|
11
|
+
| PREF | false | {} |
|
12
|
+
| NID | false | {'HttpOnly': None} |
|
@@ -0,0 +1,19 @@
|
|
1
|
+
Feature: Evaluate responses to various HTTP methods.
|
2
|
+
|
3
|
+
Background:
|
4
|
+
Given "curl" is installed
|
5
|
+
And the target hostname is "google.com"
|
6
|
+
|
7
|
+
Scenario Outline: Verify server responds correctly to various HTTP methods
|
8
|
+
When I launch a "curl" attack with:
|
9
|
+
"""
|
10
|
+
curl -i -X <method> <hostname>
|
11
|
+
"""
|
12
|
+
Then the output should contain "<response>"
|
13
|
+
Examples:
|
14
|
+
| method | response |
|
15
|
+
| delete | Error 405 (Method Not Allowed) |
|
16
|
+
| patch | Error 405 (Method Not Allowed) |
|
17
|
+
| trace | Error 405 (Method Not Allowed) |
|
18
|
+
| track | Error 405 (Method Not Allowed) |
|
19
|
+
| bogus | Error 405 (Method Not Allowed) |
|
@@ -0,0 +1,16 @@
|
|
1
|
+
Feature: OS detection
|
2
|
+
|
3
|
+
Background:
|
4
|
+
Given "nmap" is installed
|
5
|
+
And the target hostname is "google.com"
|
6
|
+
|
7
|
+
@slow
|
8
|
+
Scenario: Detect OS
|
9
|
+
When I launch an "nmap" attack with:
|
10
|
+
"""
|
11
|
+
nmap -sV -p80 -PN <hostname>
|
12
|
+
"""
|
13
|
+
Then the output should contain:
|
14
|
+
"""
|
15
|
+
Service Info: OS: Linux
|
16
|
+
"""
|
@@ -0,0 +1,16 @@
|
|
1
|
+
Feature: simple nmap attack (sanity check)
|
2
|
+
|
3
|
+
Background:
|
4
|
+
Given "nmap" is installed
|
5
|
+
And the target hostname is "google.com"
|
6
|
+
|
7
|
+
Scenario: Verify server is available on standard web ports
|
8
|
+
When I launch an "nmap" attack with:
|
9
|
+
"""
|
10
|
+
nmap -p 80,443 <hostname>
|
11
|
+
"""
|
12
|
+
Then the output should contain:
|
13
|
+
"""
|
14
|
+
80/tcp open http
|
15
|
+
443/tcp open https
|
16
|
+
"""
|
@@ -0,0 +1,16 @@
|
|
1
|
+
Feature: nmap attacks for example.com
|
2
|
+
Background:
|
3
|
+
Given "nmap" is installed
|
4
|
+
And the target hostname is "google.com"
|
5
|
+
And the target tcp_ping_ports are "22,25,80,443"
|
6
|
+
|
7
|
+
@slow
|
8
|
+
Scenario: Using tcp syn ping scan and the nmap fast flag
|
9
|
+
When I launch an "nmap" attack with:
|
10
|
+
"""
|
11
|
+
nmap -F -PS<tcp_ping_ports> <hostname>
|
12
|
+
"""
|
13
|
+
Then the output should contain:
|
14
|
+
"""
|
15
|
+
80/tcp
|
16
|
+
"""
|
@@ -0,0 +1,18 @@
|
|
1
|
+
Feature: XML output
|
2
|
+
|
3
|
+
Background:
|
4
|
+
Given "nmap" is installed
|
5
|
+
And the target hostname is "google.com"
|
6
|
+
|
7
|
+
Scenario: Output to XML
|
8
|
+
When I launch an "nmap" attack with:
|
9
|
+
"""
|
10
|
+
nmap -p 80,443 -oX foo.xml <hostname>
|
11
|
+
"""
|
12
|
+
And the file "foo.xml" should contain XML:
|
13
|
+
| css |
|
14
|
+
| ports port[protocol="tcp"][portid="80"] state[state="open"] |
|
15
|
+
| ports port[protocol="tcp"][portid="443"] state[state="open"] |
|
16
|
+
And the file "foo.xml" should not contain XML:
|
17
|
+
| css |
|
18
|
+
| ports port[protocol="tcp"][portid="123"] state[state="open"] |
|
@@ -0,0 +1,23 @@
|
|
1
|
+
Feature: Run sslyze against a target
|
2
|
+
|
3
|
+
Background:
|
4
|
+
Given "sslyze" is installed
|
5
|
+
And the target hostname is "google.com"
|
6
|
+
|
7
|
+
Scenario: Ensure no anonymous certificates
|
8
|
+
When I launch an "sslyze" attack with:
|
9
|
+
"""
|
10
|
+
python <sslyze_path> <hostname>:443
|
11
|
+
"""
|
12
|
+
Then the output should not contain:
|
13
|
+
"""
|
14
|
+
Anon
|
15
|
+
"""
|
16
|
+
|
17
|
+
# Scenario: Make sure that the certificate key size is at least 2048
|
18
|
+
# Given the target hostname is "google.com"
|
19
|
+
# When I launch an "sslyze" attack with:
|
20
|
+
# """
|
21
|
+
# python <sslyze_path> <hostname>:443
|
22
|
+
# """
|
23
|
+
# Then the key size should be at least 2048
|
data/features/attack.feature
CHANGED
@@ -6,13 +6,14 @@ Feature: Verify the attack behaviour is correct
|
|
6
6
|
|
7
7
|
Scenario: List available attack steps
|
8
8
|
Given an attack "nmap" exists
|
9
|
-
When I run `gauntlt
|
9
|
+
When I run `gauntlt --list`
|
10
10
|
Then it should pass with:
|
11
11
|
"""
|
12
12
|
nmap
|
13
13
|
"""
|
14
14
|
|
15
|
-
|
15
|
+
@slow
|
16
|
+
Scenario: Run attack
|
16
17
|
Given an attack "nmap" exists
|
17
18
|
And a file named "nmap.attack" with:
|
18
19
|
"""
|
@@ -30,8 +31,25 @@ Feature: Verify the attack behaviour is correct
|
|
30
31
|
443/tcp open https
|
31
32
|
\"\"\"
|
32
33
|
"""
|
33
|
-
When I run `gauntlt
|
34
|
-
Then it should pass
|
34
|
+
When I run `gauntlt`
|
35
|
+
Then it should pass with:
|
36
|
+
"""
|
37
|
+
4 steps (4 passed)
|
38
|
+
"""
|
39
|
+
|
40
|
+
Scenario: Run attack with custom filename
|
41
|
+
Given an attack "nmap" exists
|
42
|
+
And a file named "my.awesome.attack.file" with:
|
43
|
+
"""
|
44
|
+
Feature: my nmap attacks
|
45
|
+
Scenario: nmap attack works
|
46
|
+
Given "nmap" is installed
|
47
|
+
"""
|
48
|
+
When I run `gauntlt my.awesome.attack.file`
|
49
|
+
Then it should pass with:
|
50
|
+
"""
|
51
|
+
1 step (1 passed)
|
52
|
+
"""
|
35
53
|
|
36
54
|
Scenario: Run attack with undefined steps
|
37
55
|
Given an attack "nmap" exists
|
@@ -41,30 +59,23 @@ Feature: Verify the attack behaviour is correct
|
|
41
59
|
Scenario: Fail on undefined step definition
|
42
60
|
Given "thisattackwouldneverexist" is installed
|
43
61
|
"""
|
44
|
-
When I run `gauntlt
|
62
|
+
When I run `gauntlt`
|
45
63
|
Then it should fail with:
|
46
64
|
"""
|
47
65
|
Bad or undefined attack!
|
48
66
|
"""
|
49
67
|
|
50
68
|
|
51
|
-
Scenario: No attack
|
52
|
-
When I run `gauntlt
|
69
|
+
Scenario: No attack files in default path
|
70
|
+
When I run `gauntlt`
|
53
71
|
Then it should fail with:
|
54
72
|
"""
|
55
|
-
|
73
|
+
No files found in path
|
56
74
|
"""
|
57
75
|
|
58
|
-
Scenario:
|
59
|
-
When I run `gauntlt
|
76
|
+
Scenario: No attack files in specified path
|
77
|
+
When I run `gauntlt apaththatdoesnotexist`
|
60
78
|
Then it should fail with:
|
61
79
|
"""
|
62
|
-
No
|
63
|
-
"""
|
64
|
-
|
65
|
-
Scenario: No attack file specified
|
66
|
-
When I run `gauntlt attack --name nmap`
|
67
|
-
Then it should fail with:
|
68
|
-
"""
|
69
|
-
must specify name and attack-file
|
70
|
-
"""
|
80
|
+
No files found in path: apaththatdoesnotexist
|
81
|
+
"""
|
@@ -1,23 +1,31 @@
|
|
1
|
-
Feature:
|
1
|
+
Feature: HTTP attacks
|
2
2
|
Background:
|
3
3
|
Given an attack "curl" exists
|
4
|
+
And I copy the attack files from the "examples/curl" folder
|
5
|
+
And the following attack files exist:
|
6
|
+
| filename |
|
7
|
+
| simple.attack |
|
8
|
+
| cookies.attack |
|
9
|
+
| verbs.attack |
|
4
10
|
|
5
|
-
Scenario: curl attack
|
6
|
-
|
11
|
+
Scenario: simple curl attack
|
12
|
+
When I run `gauntlt simple.attack`
|
13
|
+
Then it should pass with:
|
7
14
|
"""
|
8
|
-
|
9
|
-
|
10
|
-
Background:
|
11
|
-
Given "curl" is installed
|
12
|
-
And the target hostname is "google.com"
|
13
|
-
|
14
|
-
Scenario: Verify a 301 is received from a curl
|
15
|
-
When I launch a "curl" attack
|
16
|
-
Then the response code should be "301"
|
15
|
+
4 steps (4 passed)
|
17
16
|
"""
|
18
|
-
|
19
|
-
|
20
|
-
|
17
|
+
|
18
|
+
Scenario: cookies attack
|
19
|
+
When I run `gauntlt cookies.attack`
|
20
|
+
Then it should pass with:
|
21
21
|
"""
|
22
22
|
4 steps (4 passed)
|
23
|
+
"""
|
24
|
+
|
25
|
+
@slow
|
26
|
+
Scenario: http method verbs
|
27
|
+
When I run `gauntlt verbs.attack`
|
28
|
+
Then it should pass with:
|
29
|
+
"""
|
30
|
+
5 scenarios (5 passed)
|
23
31
|
"""
|
@@ -1,116 +1,39 @@
|
|
1
|
+
@slow
|
1
2
|
Feature: nmap attack
|
2
3
|
Background:
|
3
4
|
Given an attack "nmap" exists
|
4
|
-
And
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
Scenario: Verify server is available on standard web ports
|
13
|
-
When I launch an "nmap" attack with:
|
14
|
-
\"\"\"
|
15
|
-
nmap -p 80,443 <hostname>
|
16
|
-
\"\"\"
|
17
|
-
Then the output should contain:
|
18
|
-
\"\"\"
|
19
|
-
80/tcp open http
|
20
|
-
443/tcp open https
|
21
|
-
\"\"\"
|
22
|
-
"""
|
23
|
-
And a file named "os_detection_nmap.attack" with:
|
24
|
-
"""
|
25
|
-
Feature: OS detection
|
26
|
-
|
27
|
-
Background:
|
28
|
-
Given "nmap" is installed
|
29
|
-
And the target hostname is "google.com"
|
30
|
-
|
31
|
-
@slow
|
32
|
-
Scenario: Detect OS
|
33
|
-
When I launch an "nmap" attack with:
|
34
|
-
\"\"\"
|
35
|
-
nmap -sV -p80 -PN <hostname>
|
36
|
-
\"\"\"
|
37
|
-
Then the output should contain:
|
38
|
-
\"\"\"
|
39
|
-
Service Info: OS: Linux
|
40
|
-
\"\"\"
|
41
|
-
"""
|
42
|
-
And a file named "tcp_ping_ports_nmap.attack" with:
|
43
|
-
"""
|
44
|
-
Feature: nmap attacks for example.com
|
45
|
-
Background:
|
46
|
-
Given "nmap" is installed
|
47
|
-
And the target hostname is "google.com"
|
48
|
-
And the target tcp_ping_ports are "22,25,80,443"
|
49
|
-
|
50
|
-
@slow
|
51
|
-
Scenario: Using tcp syn ping scan and the nmap fast flag
|
52
|
-
When I launch an "nmap" attack with:
|
53
|
-
\"\"\"
|
54
|
-
nmap -F -PS<tcp_ping_ports> <hostname>
|
55
|
-
\"\"\"
|
56
|
-
Then the output should contain:
|
57
|
-
\"\"\"
|
58
|
-
80/tcp
|
59
|
-
\"\"\"
|
60
|
-
|
61
|
-
"""
|
62
|
-
And a file named "xml_output_nmap.attack" with:
|
63
|
-
"""
|
64
|
-
Feature: simple nmap attack (sanity check)
|
65
|
-
|
66
|
-
Background:
|
67
|
-
Given "nmap" is installed
|
68
|
-
And the target hostname is "google.com"
|
69
|
-
|
70
|
-
Scenario: Output to XML
|
71
|
-
When I launch an "nmap" attack with:
|
72
|
-
\"\"\"
|
73
|
-
nmap -p 80,443 -oX foo.xml <hostname>
|
74
|
-
\"\"\"
|
75
|
-
And the file "foo.xml" should contain XML:
|
76
|
-
| css |
|
77
|
-
| ports port[protocol="tcp"][portid="80"] state[state="open"] |
|
78
|
-
| ports port[protocol="tcp"][portid="443"] state[state="open"] |
|
79
|
-
And the file "foo.xml" should not contain XML:
|
80
|
-
| css |
|
81
|
-
| ports port[protocol="tcp"][portid="123"] state[state="open"] |
|
82
|
-
"""
|
83
|
-
|
5
|
+
And I copy the attack files from the "examples/nmap" folder
|
6
|
+
And the following attack files exist:
|
7
|
+
| filename |
|
8
|
+
| simple.attack |
|
9
|
+
| os_detection.attack |
|
10
|
+
| tcp_ping_ports.attack |
|
11
|
+
| xml_output.attack |
|
84
12
|
|
85
13
|
Scenario: Simple nmap attack
|
86
|
-
When I run `gauntlt
|
87
|
-
Then it should pass
|
88
|
-
And the output should contain:
|
14
|
+
When I run `gauntlt simple.attack`
|
15
|
+
Then it should pass with:
|
89
16
|
"""
|
90
17
|
4 steps (4 passed)
|
91
18
|
"""
|
92
19
|
|
93
|
-
@slow
|
94
20
|
Scenario: OS detection nmap attack
|
95
|
-
When I run `gauntlt
|
96
|
-
Then it should pass
|
97
|
-
And the output should contain:
|
21
|
+
When I run `gauntlt os_detection.attack`
|
22
|
+
Then it should pass with:
|
98
23
|
"""
|
99
24
|
4 steps (4 passed)
|
100
25
|
"""
|
101
26
|
|
102
27
|
Scenario: Testing the tcp_ping_ports
|
103
|
-
When I run `gauntlt
|
104
|
-
Then it should pass
|
105
|
-
And the output should contain:
|
28
|
+
When I run `gauntlt tcp_ping_ports.attack`
|
29
|
+
Then it should pass with:
|
106
30
|
"""
|
107
31
|
5 steps (5 passed)
|
108
32
|
"""
|
109
33
|
|
110
34
|
Scenario: Handle XML output file
|
111
|
-
When I run `gauntlt attack
|
112
|
-
Then it should pass
|
113
|
-
And the output should contain:
|
35
|
+
When I run `gauntlt attack xml_output.attack`
|
36
|
+
Then it should pass with:
|
114
37
|
"""
|
115
38
|
5 steps (5 passed)
|
116
39
|
"""
|