gauntlt 1.0.11 → 1.0.12

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 542c7503470b428ccd400e71110ffac1a82053d3
-  data.tar.gz: 42029378c6e716bfc73eb924cdf110304089808a
+  metadata.gz: e5441f5eb6efbb45a3f2256b6221b701fd44ecfa
+  data.tar.gz: 0326e52f48b970207e867b29d5417b279dc5b97b
 SHA512:
-  metadata.gz: ca7e58ded74004dcefc122acd80ac027f1079fcc213f9896c1490f5bc0a492be1058309a3004f82f9af6f26a526e9189ce9a1fc852a12c1e9ae8a0c4c6e752be
-  data.tar.gz: c6df1f16395c1e4ed4650397fe0106bc9f0f6a705cfcaa1122f86b694c3d0220024cb372fa9c606f642c6434291f472b76b48844493cb8a0708a721d975c304d
+  metadata.gz: 565a159c44612a49c817ce6a97f95ac417dd19f7fa7db1d6cd92a36f8f9471e57f366e5a8a00e5250a898e5839911bf579eaaa98759ccd78418c172c5d674e98
+  data.tar.gz: 021e7f39ce8adfbcd3999729be2f080e8b2016ac25dac2f89f0fbc8ea941be2f07fa7d345c73b7cd1a37d21b0cb895a6f92136b5e6855e1332fdc0f7a48d18a9

data/.gitignore

@@ -28,6 +28,8 @@ Gemfile.lock
 .rbenv*
 *.gem
 .rspec
+.idea
+.project*
 
 #sqlite DB (from scapegoat)
 *.db
@@ -42,3 +44,4 @@ my_attacks
 
 # Gruyere testing
 vendor/gruyere/source/stored-data.txt
+.pydevproject

data/.gitmodules

@@ -1,6 +1,6 @@
 [submodule "vendor/sslyze"]
 	path = vendor/sslyze
-	url = git://github.com/iSECPartners/sslyze.git
+	url = git://github.com/nabla-c0d3/sslyze.git
 [submodule "vendor/sqlmap"]
 	path = vendor/sqlmap
 	url = https://github.com/sqlmapproject/sqlmap.git

data/.travis.yml

@@ -1,30 +1,25 @@
 language: ruby
 rvm:
-  - 1.9.3
-  - 2.0.0
-  - 2.1.2
+  - 2.1.0
+  - 2.1.5
+  - 2.2.4
+  - 2.3.0
 before_install:
-  - git submodule update --init --recursive
+  - git submodule update --init --recursive --force
+  - gem update bundler
 before_script:
   #- go get github.com/FiloSottile/Heartbleed
   #- go install github.com/FiloSottile/Heartbleed
   #- which Heartbleed
   - sudo apt-get update
-  - sudo apt-get install nmap
-  - sudo apt-get install wget
-  - sudo apt-get install golang
-  #- sudo apt-get install unzip
-  - sudo apt-get install libcurl4-openssl-dev
-  - export SSLYZE_PATH="/home/travis/build/gauntlt/gauntlt/vendor/sslyze/sslyze.py"
+  - sudo apt-get install build-essential git libxml2 libxml2-dev
+    libxslt-dev libcurl4-openssl-dev libsqlite3-dev libyaml-dev zlib1g-dev
+    python-dev python-pip python-setuptools curl nmap w3af-console wget golang
+  - export SSLYZE_PATH="/home/travis/build/gauntlt/gauntlt/vendor/sslyze/sslyze_cli.py"
   - export SQLMAP_PATH="/home/travis/build/gauntlt/gauntlt/vendor/sqlmap/sqlmap.py"
   - 'cd vendor/Garmr && sudo python setup.py install && cd ../..'
   - 'cd vendor && wget http://downloads.sourceforge.net/project/dirb/dirb/2.03/dirb203.tar.gz && tar xvfz dirb203.tar.gz && cd dirb && ./configure && make && sudo cp dirb /usr/local/bin/ && cd ..'
   - export DIRB_WORDLISTS="/home/travis/build/gauntlt/gauntlt/vendor/dirb/wordlists"
-
-matrix:
-  allow_failures:
-    - rvm: 2.1.2
-
 notifications:
   irc:
     channels:

data/README.md

@@ -1,19 +1,42 @@
-[![Build Status](https://secure.travis-ci.org/gauntlt/gauntlt.png?branch=master)](http://travis-ci.org/gauntlt/gauntlt) [![Code Climate](https://codeclimate.com/github/gauntlt/gauntlt.png)](https://codeclimate.com/github/gauntlt/gauntlt) [![Gem Version](https://badge.fury.io/rb/gauntlt.png)](http://badge.fury.io/rb/gauntlt)
+[![Build Status](https://secure.travis-ci.org/gauntlt/gauntlt.png?branch=master)](http://travis-ci.org/gauntlt/gauntlt)
+[![Code Climate](https://codeclimate.com/github/gauntlt/gauntlt.png)](https://codeclimate.com/github/gauntlt/gauntlt)
+[![Gem Version](https://badge.fury.io/rb/gauntlt.png)](http://badge.fury.io/rb/gauntlt)
 
 # gauntlt
-Gauntlt is a ruggedization framework that is enables security testing that is usable by devs, ops and security
+Gauntlt is a ruggedization framework that is enables security testing that is
+usable by devs, ops and security.
 
 ## PROJECT STATUS
 
-Gauntlt is under active development and we welcome community feedback and contributions.  Please file issues via github and follow the project on twitter: [@gauntlt](https://twitter.com/gauntlt).
+Gauntlt is under active development and we welcome community feedback and
+contributions.  Please file issues via github and follow the project on
+twitter: [@gauntlt](https://twitter.com/gauntlt).
 
-Have questions?  Ask us anything on the [gauntlt google group](http://bit.ly/gauntlt_group) or find us on irc at [#gauntlt](http://webchat.freenode.net/?channels=gauntlt) (irc.freenode.net).
+Have questions?  Ask us anything on the [gauntlt google group](http://bit.ly/gauntlt_group)
+or find us on irc at [#gauntlt](http://webchat.freenode.net/?channels=gauntlt) (irc.freenode.net).
 
 ## GET STARTED
 
-Note: if you are new to gauntlt, have a look at [gauntlt-starter-kit](https://github.com/gauntlt/gauntlt-starter-kit), which is the easiest way to get up and running with gauntlt.
+Note: if you are new to gauntlt, have a look at
+[gauntlt-starter-kit](https://github.com/gauntlt/gauntlt-starter-kit), it is
+the easiest way to get up and running.
+
+If you are using Kali Linux 2.0, Debian Jessie, Ubuntu 14.04, or Ubuntu 15.10,
+you can run the following:
+```shell
+git clone https://github.com/gauntlt/gauntlt
+cd gauntlt
+source ./install_gauntlt_deps.sh
+bash ./ready_to_rumble.sh
+gauntlt
+```
+This script will install Ruby RVM, all the required system dependencies and
+tools, and update your .bashrc with the necessary environmental variables. You
+ can install this for another user by exporting $HOME_FOLDER and $USER_NAME
+variables before running install_gauntlt_deps.sh
 
-You will need ruby version `1.9.3` to run gauntlt, but you can run gauntlt against applications built with any language or platform.
+To install Gauntlt from source, you will need ruby version `2.1.0` or higher,
+but you can run gauntlt against applications built with any language or platform.
 
 1. Install the gem
 
@@ -21,7 +44,8 @@ You will need ruby version `1.9.3` to run gauntlt, but you can run gauntlt again
     $ gem install gauntlt
     ```
 
-2. Create an attack file and put it anywhere you like. (There is a more relevant example on gauntlt.org)
+2. Create an attack file and put it anywhere you like. (There is a more relevant
+example on gauntlt.org)
 
     ```gherkin
     # simplest.attack
@@ -71,9 +95,13 @@ Gauntlt includes attack adapters for the following tools:
 * [sqlmap] [sqlmap]
 * [Garmr] [garmr]
 
-You will need to install each tool yourself before you can use it with gauntlt. However, if you try to use a tool that is not installed or that gauntlt cannot find, you will get a helpful error message from gauntlt with information on how to install and/or configure the tool for use with gauntlt.
+You will need to install each tool yourself before you can use it with gauntlt.
+However, if you try to use a tool that is not installed or that gauntlt cannot
+find, you will get a helpful error message from gauntlt with information on how
+to install and/or configure the tool for use with gauntlt.
 
-We also include a generic attack adapter that allows you to run anything on the command line, parse its output and check its exit status.
+We also include a generic attack adapter that allows you to run anything on the
+command line, parse its output and check its exit status.
 
 
 ## ATTACK FILES
@@ -136,6 +164,7 @@ NOTE: We currently use `ruby 1.9.3` and `JRuby 1.7.0` for development and testin
 2. Install bundler
 
     ```shell
+    cd gauntlt
     $ gem install bundler
     ```
 
@@ -146,8 +175,10 @@ NOTE: We currently use `ruby 1.9.3` and `JRuby 1.7.0` for development and testin
     # if you get errors, you may need to install curl libs first
     # on ubuntu:
     #   $ sudo apt-get install libcurl4-openssl-dev
+    # alternatively: update and use the install_gauntlt.sh script, tested on
+    # Kali Linux 2.0, Debian Jessie, Ubuntu 14.04, and Ubuntu 15.10
     ```
-4. Run the ready_to_rumble.sh script to make sure you have all the dependencies installed like sqlmap and sslyze.  This is meant to replicate the travis setup for devs. This should be a rake task instead. 
+4. Run the ready_to_rumble.sh script to make sure you have all the dependencies installed like sqlmap and sslyze.  This is meant to replicate the travis setup for devs. This should be a rake task instead.
 
 5. Run the cucumber features and rspec examples
 

data/features/attacks/curl.feature

@@ -29,4 +29,4 @@ Feature: HTTP attacks
     Then it should pass with:
       """
       5 scenarios (5 passed)
-      """
+      """

data/gauntlt.gemspec

@@ -20,12 +20,12 @@ Gem::Specification.new do |s|
   s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
   s.require_paths = ["lib"]
 
-  s.add_development_dependency 'rake', '~> 10.1'
-  s.add_development_dependency 'arachni', '= 0.4.6'
+  s.add_development_dependency 'rake', '~> 11.0.1'
+  s.add_development_dependency 'arachni', '= 1.4'
 
   s.add_runtime_dependency 'cucumber', '= 1.3.20'
   s.add_runtime_dependency 'aruba', '= 0.5.4'
-  s.add_runtime_dependency 'nokogiri', '= 1.6.1'
-  s.add_runtime_dependency 'trollop', '~> 2.0'
+  s.add_runtime_dependency 'nokogiri', '~> 1.6.5'
+  s.add_runtime_dependency 'trollop', '~> 2.1.2'
 
 end

data/install_gauntlt_deps.sh

@@ -0,0 +1,121 @@
+#!/bin/bash
+
+# check for system variables
+if [ -z $HOME_FOLDER ]; then
+    HOME_FOLDER=$HOME
+    echo -e "INFO: setting \$HOME_FOLDER to $HOME";
+fi
+if [ -z $USER_NAME ]; then
+    USER_NAME=`whoami`
+    echo -e "INFO: setting \$USER_NAME to `whoami`";
+fi
+
+# install system dependencies
+apt-get update
+apt-get install -y build-essential git libxml2 libxml2-dev \
+    libxslt-dev libcurl4-openssl-dev libsqlite3-dev libyaml-dev zlib1g-dev \
+    python-dev python-pip python-setuptools curl nmap w3af-console wget
+
+
+# install Ruby rvm, ruby 2.3.0 w/ json patch
+# @see https://github.com/rbenv/ruby-build/issues/834
+gpg --keyserver hkp://keys.gnupg.net --recv-keys \
+    409B6B1796C275462A1703113804BB82D39DC0E3
+curl -sSL https://get.rvm.io | bash -s stable
+source /etc/profile.d/rvm.sh
+echo "source /etc/profile.d/rvm.sh" >> ~/.bashrc
+rvm use 2.3.0 --default --install --fuzzy
+
+# install gauntlt, from source
+GAUNTLT_DIR=`pwd` # user current working directory, wherever you install Gauntlt
+gem install bundler
+bundle update
+git submodule update --init --recursive --force
+
+
+
+# install sslyze
+if ! type "sslyze" > /dev/null 2>&1; then
+    cd $GAUNTLT_DIR/vendor/sslyze
+    pip install -r requirements.txt
+    ln -s `pwd`/sslyze_cli.py /usr/bin/sslyze
+fi
+
+
+
+# install sqlmap
+if ! type "sqlmap" > /dev/null 2>&1; then
+    cd $GAUNTLT_DIR/vendor/sqlmap
+    ln -s `pwd`/sqlmap.py /usr/bin/sqlmap
+fi
+
+
+
+# install Go, Heartbleed
+if ! type "Heartbleed" > /dev/null 2>&1; then
+    apt-get install -y golang
+    export GOPATH=$HOME_FOLDER/go
+    export PATH=$PATH:$GOROOT/bin:$GOPATH/bin
+    cat << 'EOF' >> $HOME_FOLDER/.bashrc
+
+# configure go pathways
+export GOPATH=$HOME/go
+export PATH=$PATH:$GOROOT/bin:$GOPATH/bin
+EOF
+    go get github.com/FiloSottile/Heartbleed
+fi
+
+
+# install dirb
+if ! type "dirb" > /dev/null 2>&1; then
+    cd $GAUNTLT_DIR/vendor
+    wget -q http://downloads.sourceforge.net/project/dirb/dirb/2.22/dirb222.tar.gz
+    tar -zxf dirb222.tar.gz
+    mv dirb222 dirb
+    chmod -R +x ./dirb
+    cd dirb
+    chown -R $(whoami) .
+    bash ./configure
+    make
+    ln -s `pwd`/dirb /usr/bin/dirb
+    cd $GAUNTLT_DIR/vendor/dirb/wordlists
+    export DIRB_WORDLISTS=`pwd`
+else
+    export DIRB_WORDLISTS=`locate dirb | grep "/dirb/wordlists$"`
+fi
+
+
+# install Garmr, from source
+if ! type "garmr" > /dev/null 2>&1; then
+    cd $GAUNTLT_DIR/vendor/Garmr
+    python setup.py install
+fi
+
+
+# install Arachni, from a gem
+if ! type "arachni" > /dev/null 2>&1; then
+    gem install arachni -v 1.0.6
+    gem install service_manager
+fi
+
+
+# start gruyere
+cd $GAUNTLT_DIR/vendor/gruyere
+bash ./manual_launch.sh
+
+# set the environmental variables
+export SSLYZE_PATH=`which sslyze`
+export SQLMAP_PATH=`which sqlmap`
+
+# save environmental variables to .bashrc
+cat << EOF >> $HOME_FOLDER/.bashrc
+
+# configure environmental variables for Gauntlt
+export DIRB_WORDLISTS=`locate dirb | grep "/dirb/wordlists$"`
+export SSLYZE_PATH=`which sslyze`
+export SQLMAP_PATH=`which sqlmap`
+EOF
+
+# chown the environment
+cd $GAUNTLT_DIR
+chown -R $USER_NAME ./

data/lib/gauntlt/attack_adapters/arachni.rb

@@ -8,9 +8,14 @@ end
 
 When /^I launch (?:a|an) "arachni-(.*?)" attack$/ do | type |
   attack_alias = 'arachni-' + type
-  attack = load_attack_alias(attack_alias)                
-  
-  Kernel.puts "Running a #{attack_alias} attack. This attack has this description:\n #{attack['description']}"
+  arachni_version = get_cli_version("arachni")
+  attack = load_attack_alias(attack_alias, arachni_version)                
+ 
+  if arachni_version.length > 0
+      optional_version_info = " with version #{arachni_version} of arachni"
+  end
+
+  Kernel.puts "Running a #{attack_alias} attack#{optional_version_info}. This attack has this description:\n #{attack['description']}"
   Kernel.puts "The #{attack_alias} attack requires the following to be set in the profile:\n #{attack['requires']}"
   
   run_with_profile attack['command']

data/lib/gauntlt/attack_adapters/support/attack_step_helper.rb

@@ -7,10 +7,25 @@ module Gauntlt
       def gauntlt_attack_aliases
         @gauntlt_attack_aliases ||= {}
       end
-      
-      def load_attack_alias(alias_name)
+     
+      def load_attack_alias(alias_name, *version)
         @attack_steps = import_attack_aliases
-        @attack_steps[alias_name] || raise("Unknown attack alias #{alias_name}, try gauntlt --list_attack_aliases")
+        @alias_versioned = ""
+	@alias_versioned << alias_name
+        if version.length > 0
+            @alias_versioned << "-"
+            @alias_versioned << version[0]
+        end
+
+	print "Checking #{@alias_versioned} and #{alias_name}"
+
+        if @attack_steps.has_key?(@alias_versioned)
+            @attack_steps[@alias_versioned]
+        elsif @attack_steps.has_key?(alias_name)
+            @attack_steps[alias_name]
+        else
+            raise("Unknown attack alias #{alias_name}, try gauntlt --list_attack_aliases")
+        end
       end
 
       def import_attack_aliases

data/lib/gauntlt/attack_adapters/support/cli_helper.rb

@@ -22,6 +22,11 @@ module Gauntlt
       def get_shell_variable(shell_variable)
         ENV[shell_variable]
       end
+     
+      #this should succeed in getting the version of a command in most situations
+      def get_cli_version(bin_name)
+        return `#{bin_name} --version`.scan(/((\d+\.)?(\d+\.)?(\*|\d+))/)[0][0]
+      end
 
       def shell_variable_exists?(shell_variable)
         path = get_shell_variable(shell_variable)
@@ -42,3 +47,4 @@ end
 Before('@reallyslow') do
   @aruba_timeout_seconds = 600
 end
+

data/lib/gauntlt/attack_aliases/arachni.json

@@ -1,20 +1,29 @@
-{ "arachni-simple_xss" : { "command" : "arachni --modules=xss --depth=1 --link-count=10 --auto-redundant=2 <url>",
+{
+    "arachni-simple_xss-1.3.2" : { "command" : "arachni --check=xss <url>",
+      "description" : "This is a scan for cross site scripting (xss) that only runs the base xss module in arachni. This particular scan is for version 1.3.2 of arachni.",
+      "requires" : [ "<url>" ]
+    },
+    "arachni-simple_xss-1.0.6" : { "command" : "arachni --modules=xss <url>",
+      "description" : "This is a scan for cross site scripting (xss) that only runs the base xss module in arachni. This particular scan is for version 1.3.2 of arachni.",
+      "requires" : [ "<url>" ]
+    },
+   "arachni-simple_xss" : { "command" : "arachni --checks=xss --scope-directory-depth-limit=1 --scope-page-limit=10 --scope-auto-redundant=2 <url>",
       "description" : "This is a scan for cross site scripting (xss) that only runs the base xss module in arachni.  The scan only crawls one level deep which makes it faster.  For more depth, run the gauntlt attack alias 'arachni-simple_xss_with_depth' and specifiy depth.",
       "requires" : [ "<url>" ]
     },
-  "arachni-simple_xss_with_depth" : { "command" : "arachni --modules=xss --depth=<depth> <url>",
+  "arachni-simple_xss_with_depth" : { "command" : "arachni --checks=xss --scope-directory-depth-limit=<depth> <url>",
       "description" : "This is a scan for cross site scripting (xss) that only runs the base xss module in arachni.  The scan only crawls as many levels deep as you specify.  The higher the integer, the longer the scan will take to run.",
       "requires" : [ "<url>", "<depth>"]
     },
-  "arachni-full_xss" : { "command" : "arachni --modules=xss* --depth=1 --link-count=10 --auto-redundant=2 <url>",
+  "arachni-full_xss" : { "command" : "arachni --checks=xss* --scope-directory-depth-limit=1 --scope-page-limit=10 --scope-auto-redundant=2 <url>",
       "description" : "This is a scan for cross site scripting (xss) that only runs all the xss modules in arachni.  The scan only crawls one level deep, which makes it faster.  For more depth, run the gauntlt attack alias 'arachni-full_xss_with_depth' and specifiy depth.",
       "requires" : [ "<url>" ]
     },
-  "arachni-full_xss_with_depth" : { "command" : "arachni --modules=xss* --depth=<depth> <url>",
+  "arachni-full_xss_with_depth" : { "command" : "arachni --checks=xss* --scope-directory-depth-limit=<depth> <url>",
       "description" : "This is a scan for cross site scripting (xss) that only runs all the xss modules in arachni.  The scan only crawls as many levels deep as you specify.  The higher the integer, the longer the scan will take to run.",
       "requires" : [ "<url>", "<depth>"]
     },
-  "arachni-xss_with_options" : { "command" : "arachni --modules=xss* --depth=<depth> --link-count=<link_count> --auto-redundant=<auto_redundant> <url>",
+  "arachni-xss_with_options" : { "command" : "arachni --checks=xss* --scope-directory-depth-limit=<depth> --scope-page-limit=<link_count> --scope-auto-redundant=<auto_redundant> <url>",
       "description" : "This is a scan for cross site scripting (xss) that runs all the xss modules in arachni.  This requires to specify several options for the scan. The arachni wiki has information on what these options represent but generally as you increase their values, the scan takes longer to run. \nThe wiki for arachni is available here > https://github.com/Arachni/arachni/wiki/Command-line-user-interface. \nThe depth option is described here: https://github.com/Arachni/arachni/wiki/Command-line-user-interface#wiki-depth \nThe link_count option is described here: https://github.com/Arachni/arachni/wiki/Command-line-user-interface#wiki-link-count \nThe auto_redundant option is described here: https://github.com/Arachni/arachni/wiki/Command-line-user-interface#wiki-auto-redundant",
       "requires" : [ "<url>", "<depth>", "<link_count>", "<auto_redundant>" ]
     }

data/lib/gauntlt/version.rb

@@ -1,3 +1,3 @@
 module Gauntlt
-  VERSION = "1.0.11"
+  VERSION = "1.0.12"
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: gauntlt
 version: !ruby/object:Gem::Version
-  version: 1.0.11
+  version: 1.0.12
 platform: ruby
 authors:
 - James Wickett
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-11-19 00:00:00.000000000 Z
+date: 2016-04-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake
@@ -17,28 +17,28 @@ dependencies:
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
-        version: '10.1'
+        version: 11.0.1
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
-        version: '10.1'
+        version: 11.0.1
 - !ruby/object:Gem::Dependency
   name: arachni
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.4.6
+        version: '1.4'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.4.6
+        version: '1.4'
 - !ruby/object:Gem::Dependency
   name: cucumber
   requirement: !ruby/object:Gem::Requirement
@@ -71,30 +71,30 @@ dependencies:
   name: nokogiri
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - ~>
       - !ruby/object:Gem::Version
-        version: 1.6.1
+        version: 1.6.5
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - ~>
       - !ruby/object:Gem::Version
-        version: 1.6.1
+        version: 1.6.5
 - !ruby/object:Gem::Dependency
   name: trollop
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
-        version: '2.0'
+        version: 2.1.2
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
-        version: '2.0'
+        version: 2.1.2
 description: Using standard Gherkin language to define security tests, gauntlt happily
   wraps cucumber functionality and provides a security testing framework that security
   engineers, developers and operations teams can collaborate on together.
@@ -137,6 +137,7 @@ files:
 - gauntlt.gemspec
 - gem_tasks/cucumber.rake
 - gem_tasks/test.rake
+- install_gauntlt_deps.sh
 - lib/gauntlt.rb
 - lib/gauntlt/attack.rb
 - lib/gauntlt/attack_adapters/arachni.rb
@@ -189,7 +190,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.0.14
+rubygems_version: 2.4.8
 signing_key: 
 specification_version: 4
 summary: behaviour-driven security using cucumber