gauntlt 0.1.4 → 0.1.5

data/.gitignore

@@ -24,10 +24,11 @@ tmp
 doc
 Gemfile.lock
 .rvmrc
+.ruby-version
 .rbenv*
 *.gem
 .rspec
 
 #sqlite DB (from scapegoat)
 *.db
-*.$DB
+*.$DB

data/examples/arachni/arachni-xss.attack

@@ -0,0 +1,18 @@
+@slow
+Feature: Run dirb scan on a URL
+
+Scenario: Use dirb to scan a website for basic security requirements and the DIRB_WORDLISTS environment variable must be set in your path.  You can use different wordlists by changing the environment variable.
+  Given "dirb" is installed
+  And the following profile:
+     | name                | value                          |
+     | hostname            | https://google.com             |
+     | dirb_wordlists_path | Overwritten by $DIRB_WORDLISTS |
+     | wordlist            | vulns/tests.txt                |
+  When I launch a "dirb" attack with:
+  """
+  dirb <hostname> <dirb_wordlists_path>/<wordlist> 
+  """
+  Then the output should contain:
+  """
+  FOUND: 0
+  """

data/features/attacks/arachni.notimplemented

@@ -0,0 +1,14 @@
+@slow
+Feature: web application security scan with arachni
+  Background:
+    Given an attack "arachni" exists
+    And I copy the attack files from the "examples/arachni" folder
+    And the following attack files exist:
+      | filename     |
+      | arachni-xss.attack  |
+  Scenario: Check for XSS (Cross Site Scripting) on our site
+    When I run `gauntlt arachni-xss.attack`
+    Then it should pass with:
+      """
+      4 steps (4 passed)
+      """

data/gauntlt.gemspec

@@ -23,6 +23,6 @@ Gem::Specification.new do |s|
 
   s.add_runtime_dependency "cucumber"
   s.add_runtime_dependency "aruba"
-  s.add_runtime_dependency "nokogiri"
+  s.add_runtime_dependency "nokogiri", "~>1.5.0"
   s.add_runtime_dependency "trollop"
 end

data/lib/gauntlt/version.rb

@@ -1,3 +1,3 @@
 module Gauntlt
-  VERSION = "0.1.4"
+  VERSION = "0.1.5"
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: gauntlt
 version: !ruby/object:Gem::Version
-  version: 0.1.4
+  version: 0.1.5
   prerelease: 
 platform: ruby
 authors:
@@ -10,7 +10,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-07-23 00:00:00.000000000 Z
+date: 2013-07-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: cucumber
@@ -113,17 +113,17 @@ dependencies:
   requirement: !ruby/object:Gem::Requirement
     none: false
     requirements:
-    - - ! '>='
+    - - ~>
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 1.5.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     none: false
     requirements:
-    - - ! '>='
+    - - ~>
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 1.5.0
 - !ruby/object:Gem::Dependency
   name: trollop
   requirement: !ruby/object:Gem::Requirement
@@ -159,6 +159,7 @@ files:
 - Rakefile
 - bin/gauntlt
 - config/warble.rb
+- examples/arachni/arachni-xss.attack
 - examples/curl/cookies.attack
 - examples/curl/simple.attack
 - examples/curl/verbs.attack
@@ -175,6 +176,7 @@ files:
 - examples/sqlmap/sqlmap.attack
 - examples/sslyze/sslyze.attack
 - features/attack.feature
+- features/attacks/arachni.notimplemented
 - features/attacks/curl.feature
 - features/attacks/dirb.feature
 - features/attacks/garmr.feature
@@ -247,6 +249,7 @@ specification_version: 3
 summary: behaviour-driven security using cucumber
 test_files:
 - features/attack.feature
+- features/attacks/arachni.notimplemented
 - features/attacks/curl.feature
 - features/attacks/dirb.feature
 - features/attacks/garmr.feature