gauntlt 0.1.4 → 0.1.5
Sign up to get free protection for your applications and to get access to all the features.
- data/.gitignore +2 -1
- data/examples/arachni/arachni-xss.attack +18 -0
- data/features/attacks/arachni.notimplemented +14 -0
- data/gauntlt.gemspec +1 -1
- data/lib/gauntlt/version.rb +1 -1
- metadata +9 -6
data/.gitignore
CHANGED
@@ -0,0 +1,18 @@
|
|
1
|
+
@slow
|
2
|
+
Feature: Run dirb scan on a URL
|
3
|
+
|
4
|
+
Scenario: Use dirb to scan a website for basic security requirements and the DIRB_WORDLISTS environment variable must be set in your path. You can use different wordlists by changing the environment variable.
|
5
|
+
Given "dirb" is installed
|
6
|
+
And the following profile:
|
7
|
+
| name | value |
|
8
|
+
| hostname | https://google.com |
|
9
|
+
| dirb_wordlists_path | Overwritten by $DIRB_WORDLISTS |
|
10
|
+
| wordlist | vulns/tests.txt |
|
11
|
+
When I launch a "dirb" attack with:
|
12
|
+
"""
|
13
|
+
dirb <hostname> <dirb_wordlists_path>/<wordlist>
|
14
|
+
"""
|
15
|
+
Then the output should contain:
|
16
|
+
"""
|
17
|
+
FOUND: 0
|
18
|
+
"""
|
@@ -0,0 +1,14 @@
|
|
1
|
+
@slow
|
2
|
+
Feature: web application security scan with arachni
|
3
|
+
Background:
|
4
|
+
Given an attack "arachni" exists
|
5
|
+
And I copy the attack files from the "examples/arachni" folder
|
6
|
+
And the following attack files exist:
|
7
|
+
| filename |
|
8
|
+
| arachni-xss.attack |
|
9
|
+
Scenario: Check for XSS (Cross Site Scripting) on our site
|
10
|
+
When I run `gauntlt arachni-xss.attack`
|
11
|
+
Then it should pass with:
|
12
|
+
"""
|
13
|
+
4 steps (4 passed)
|
14
|
+
"""
|
data/gauntlt.gemspec
CHANGED
data/lib/gauntlt/version.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: gauntlt
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1.
|
4
|
+
version: 0.1.5
|
5
5
|
prerelease:
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
@@ -10,7 +10,7 @@ authors:
|
|
10
10
|
autorequire:
|
11
11
|
bindir: bin
|
12
12
|
cert_chain: []
|
13
|
-
date: 2013-07-
|
13
|
+
date: 2013-07-25 00:00:00.000000000 Z
|
14
14
|
dependencies:
|
15
15
|
- !ruby/object:Gem::Dependency
|
16
16
|
name: cucumber
|
@@ -113,17 +113,17 @@ dependencies:
|
|
113
113
|
requirement: !ruby/object:Gem::Requirement
|
114
114
|
none: false
|
115
115
|
requirements:
|
116
|
-
- -
|
116
|
+
- - ~>
|
117
117
|
- !ruby/object:Gem::Version
|
118
|
-
version:
|
118
|
+
version: 1.5.0
|
119
119
|
type: :runtime
|
120
120
|
prerelease: false
|
121
121
|
version_requirements: !ruby/object:Gem::Requirement
|
122
122
|
none: false
|
123
123
|
requirements:
|
124
|
-
- -
|
124
|
+
- - ~>
|
125
125
|
- !ruby/object:Gem::Version
|
126
|
-
version:
|
126
|
+
version: 1.5.0
|
127
127
|
- !ruby/object:Gem::Dependency
|
128
128
|
name: trollop
|
129
129
|
requirement: !ruby/object:Gem::Requirement
|
@@ -159,6 +159,7 @@ files:
|
|
159
159
|
- Rakefile
|
160
160
|
- bin/gauntlt
|
161
161
|
- config/warble.rb
|
162
|
+
- examples/arachni/arachni-xss.attack
|
162
163
|
- examples/curl/cookies.attack
|
163
164
|
- examples/curl/simple.attack
|
164
165
|
- examples/curl/verbs.attack
|
@@ -175,6 +176,7 @@ files:
|
|
175
176
|
- examples/sqlmap/sqlmap.attack
|
176
177
|
- examples/sslyze/sslyze.attack
|
177
178
|
- features/attack.feature
|
179
|
+
- features/attacks/arachni.notimplemented
|
178
180
|
- features/attacks/curl.feature
|
179
181
|
- features/attacks/dirb.feature
|
180
182
|
- features/attacks/garmr.feature
|
@@ -247,6 +249,7 @@ specification_version: 3
|
|
247
249
|
summary: behaviour-driven security using cucumber
|
248
250
|
test_files:
|
249
251
|
- features/attack.feature
|
252
|
+
- features/attacks/arachni.notimplemented
|
250
253
|
- features/attacks/curl.feature
|
251
254
|
- features/attacks/dirb.feature
|
252
255
|
- features/attacks/garmr.feature
|