gauntlt 1.0.11 → 1.0.12
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.gitignore +3 -0
- data/.gitmodules +1 -1
- data/.travis.yml +10 -15
- data/README.md +41 -10
- data/features/attacks/curl.feature +1 -1
- data/gauntlt.gemspec +4 -4
- data/install_gauntlt_deps.sh +121 -0
- data/lib/gauntlt/attack_adapters/arachni.rb +8 -3
- data/lib/gauntlt/attack_adapters/support/attack_step_helper.rb +18 -3
- data/lib/gauntlt/attack_adapters/support/cli_helper.rb +6 -0
- data/lib/gauntlt/attack_aliases/arachni.json +14 -5
- data/lib/gauntlt/version.rb +1 -1
- metadata +14 -13
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: e5441f5eb6efbb45a3f2256b6221b701fd44ecfa
|
4
|
+
data.tar.gz: 0326e52f48b970207e867b29d5417b279dc5b97b
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 565a159c44612a49c817ce6a97f95ac417dd19f7fa7db1d6cd92a36f8f9471e57f366e5a8a00e5250a898e5839911bf579eaaa98759ccd78418c172c5d674e98
|
7
|
+
data.tar.gz: 021e7f39ce8adfbcd3999729be2f080e8b2016ac25dac2f89f0fbc8ea941be2f07fa7d345c73b7cd1a37d21b0cb895a6f92136b5e6855e1332fdc0f7a48d18a9
|
data/.gitignore
CHANGED
data/.gitmodules
CHANGED
data/.travis.yml
CHANGED
@@ -1,30 +1,25 @@
|
|
1
1
|
language: ruby
|
2
2
|
rvm:
|
3
|
-
- 1.
|
4
|
-
- 2.
|
5
|
-
- 2.
|
3
|
+
- 2.1.0
|
4
|
+
- 2.1.5
|
5
|
+
- 2.2.4
|
6
|
+
- 2.3.0
|
6
7
|
before_install:
|
7
|
-
- git submodule update --init --recursive
|
8
|
+
- git submodule update --init --recursive --force
|
9
|
+
- gem update bundler
|
8
10
|
before_script:
|
9
11
|
#- go get github.com/FiloSottile/Heartbleed
|
10
12
|
#- go install github.com/FiloSottile/Heartbleed
|
11
13
|
#- which Heartbleed
|
12
14
|
- sudo apt-get update
|
13
|
-
- sudo apt-get install
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
- sudo apt-get install libcurl4-openssl-dev
|
18
|
-
- export SSLYZE_PATH="/home/travis/build/gauntlt/gauntlt/vendor/sslyze/sslyze.py"
|
15
|
+
- sudo apt-get install build-essential git libxml2 libxml2-dev
|
16
|
+
libxslt-dev libcurl4-openssl-dev libsqlite3-dev libyaml-dev zlib1g-dev
|
17
|
+
python-dev python-pip python-setuptools curl nmap w3af-console wget golang
|
18
|
+
- export SSLYZE_PATH="/home/travis/build/gauntlt/gauntlt/vendor/sslyze/sslyze_cli.py"
|
19
19
|
- export SQLMAP_PATH="/home/travis/build/gauntlt/gauntlt/vendor/sqlmap/sqlmap.py"
|
20
20
|
- 'cd vendor/Garmr && sudo python setup.py install && cd ../..'
|
21
21
|
- 'cd vendor && wget http://downloads.sourceforge.net/project/dirb/dirb/2.03/dirb203.tar.gz && tar xvfz dirb203.tar.gz && cd dirb && ./configure && make && sudo cp dirb /usr/local/bin/ && cd ..'
|
22
22
|
- export DIRB_WORDLISTS="/home/travis/build/gauntlt/gauntlt/vendor/dirb/wordlists"
|
23
|
-
|
24
|
-
matrix:
|
25
|
-
allow_failures:
|
26
|
-
- rvm: 2.1.2
|
27
|
-
|
28
23
|
notifications:
|
29
24
|
irc:
|
30
25
|
channels:
|
data/README.md
CHANGED
@@ -1,19 +1,42 @@
|
|
1
|
-
[![Build Status](https://secure.travis-ci.org/gauntlt/gauntlt.png?branch=master)](http://travis-ci.org/gauntlt/gauntlt)
|
1
|
+
[![Build Status](https://secure.travis-ci.org/gauntlt/gauntlt.png?branch=master)](http://travis-ci.org/gauntlt/gauntlt)
|
2
|
+
[![Code Climate](https://codeclimate.com/github/gauntlt/gauntlt.png)](https://codeclimate.com/github/gauntlt/gauntlt)
|
3
|
+
[![Gem Version](https://badge.fury.io/rb/gauntlt.png)](http://badge.fury.io/rb/gauntlt)
|
2
4
|
|
3
5
|
# gauntlt
|
4
|
-
Gauntlt is a ruggedization framework that is enables security testing that is
|
6
|
+
Gauntlt is a ruggedization framework that is enables security testing that is
|
7
|
+
usable by devs, ops and security.
|
5
8
|
|
6
9
|
## PROJECT STATUS
|
7
10
|
|
8
|
-
Gauntlt is under active development and we welcome community feedback and
|
11
|
+
Gauntlt is under active development and we welcome community feedback and
|
12
|
+
contributions. Please file issues via github and follow the project on
|
13
|
+
twitter: [@gauntlt](https://twitter.com/gauntlt).
|
9
14
|
|
10
|
-
Have questions? Ask us anything on the [gauntlt google group](http://bit.ly/gauntlt_group)
|
15
|
+
Have questions? Ask us anything on the [gauntlt google group](http://bit.ly/gauntlt_group)
|
16
|
+
or find us on irc at [#gauntlt](http://webchat.freenode.net/?channels=gauntlt) (irc.freenode.net).
|
11
17
|
|
12
18
|
## GET STARTED
|
13
19
|
|
14
|
-
Note: if you are new to gauntlt, have a look at
|
20
|
+
Note: if you are new to gauntlt, have a look at
|
21
|
+
[gauntlt-starter-kit](https://github.com/gauntlt/gauntlt-starter-kit), it is
|
22
|
+
the easiest way to get up and running.
|
23
|
+
|
24
|
+
If you are using Kali Linux 2.0, Debian Jessie, Ubuntu 14.04, or Ubuntu 15.10,
|
25
|
+
you can run the following:
|
26
|
+
```shell
|
27
|
+
git clone https://github.com/gauntlt/gauntlt
|
28
|
+
cd gauntlt
|
29
|
+
source ./install_gauntlt_deps.sh
|
30
|
+
bash ./ready_to_rumble.sh
|
31
|
+
gauntlt
|
32
|
+
```
|
33
|
+
This script will install Ruby RVM, all the required system dependencies and
|
34
|
+
tools, and update your .bashrc with the necessary environmental variables. You
|
35
|
+
can install this for another user by exporting $HOME_FOLDER and $USER_NAME
|
36
|
+
variables before running install_gauntlt_deps.sh
|
15
37
|
|
16
|
-
|
38
|
+
To install Gauntlt from source, you will need ruby version `2.1.0` or higher,
|
39
|
+
but you can run gauntlt against applications built with any language or platform.
|
17
40
|
|
18
41
|
1. Install the gem
|
19
42
|
|
@@ -21,7 +44,8 @@ You will need ruby version `1.9.3` to run gauntlt, but you can run gauntlt again
|
|
21
44
|
$ gem install gauntlt
|
22
45
|
```
|
23
46
|
|
24
|
-
2. Create an attack file and put it anywhere you like. (There is a more relevant
|
47
|
+
2. Create an attack file and put it anywhere you like. (There is a more relevant
|
48
|
+
example on gauntlt.org)
|
25
49
|
|
26
50
|
```gherkin
|
27
51
|
# simplest.attack
|
@@ -71,9 +95,13 @@ Gauntlt includes attack adapters for the following tools:
|
|
71
95
|
* [sqlmap] [sqlmap]
|
72
96
|
* [Garmr] [garmr]
|
73
97
|
|
74
|
-
You will need to install each tool yourself before you can use it with gauntlt.
|
98
|
+
You will need to install each tool yourself before you can use it with gauntlt.
|
99
|
+
However, if you try to use a tool that is not installed or that gauntlt cannot
|
100
|
+
find, you will get a helpful error message from gauntlt with information on how
|
101
|
+
to install and/or configure the tool for use with gauntlt.
|
75
102
|
|
76
|
-
We also include a generic attack adapter that allows you to run anything on the
|
103
|
+
We also include a generic attack adapter that allows you to run anything on the
|
104
|
+
command line, parse its output and check its exit status.
|
77
105
|
|
78
106
|
|
79
107
|
## ATTACK FILES
|
@@ -136,6 +164,7 @@ NOTE: We currently use `ruby 1.9.3` and `JRuby 1.7.0` for development and testin
|
|
136
164
|
2. Install bundler
|
137
165
|
|
138
166
|
```shell
|
167
|
+
cd gauntlt
|
139
168
|
$ gem install bundler
|
140
169
|
```
|
141
170
|
|
@@ -146,8 +175,10 @@ NOTE: We currently use `ruby 1.9.3` and `JRuby 1.7.0` for development and testin
|
|
146
175
|
# if you get errors, you may need to install curl libs first
|
147
176
|
# on ubuntu:
|
148
177
|
# $ sudo apt-get install libcurl4-openssl-dev
|
178
|
+
# alternatively: update and use the install_gauntlt.sh script, tested on
|
179
|
+
# Kali Linux 2.0, Debian Jessie, Ubuntu 14.04, and Ubuntu 15.10
|
149
180
|
```
|
150
|
-
4. Run the ready_to_rumble.sh script to make sure you have all the dependencies installed like sqlmap and sslyze. This is meant to replicate the travis setup for devs. This should be a rake task instead.
|
181
|
+
4. Run the ready_to_rumble.sh script to make sure you have all the dependencies installed like sqlmap and sslyze. This is meant to replicate the travis setup for devs. This should be a rake task instead.
|
151
182
|
|
152
183
|
5. Run the cucumber features and rspec examples
|
153
184
|
|
data/gauntlt.gemspec
CHANGED
@@ -20,12 +20,12 @@ Gem::Specification.new do |s|
|
|
20
20
|
s.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
|
21
21
|
s.require_paths = ["lib"]
|
22
22
|
|
23
|
-
s.add_development_dependency 'rake', '~>
|
24
|
-
s.add_development_dependency 'arachni', '=
|
23
|
+
s.add_development_dependency 'rake', '~> 11.0.1'
|
24
|
+
s.add_development_dependency 'arachni', '= 1.4'
|
25
25
|
|
26
26
|
s.add_runtime_dependency 'cucumber', '= 1.3.20'
|
27
27
|
s.add_runtime_dependency 'aruba', '= 0.5.4'
|
28
|
-
s.add_runtime_dependency 'nokogiri', '
|
29
|
-
s.add_runtime_dependency 'trollop', '~> 2.
|
28
|
+
s.add_runtime_dependency 'nokogiri', '~> 1.6.5'
|
29
|
+
s.add_runtime_dependency 'trollop', '~> 2.1.2'
|
30
30
|
|
31
31
|
end
|
@@ -0,0 +1,121 @@
|
|
1
|
+
#!/bin/bash
|
2
|
+
|
3
|
+
# check for system variables
|
4
|
+
if [ -z $HOME_FOLDER ]; then
|
5
|
+
HOME_FOLDER=$HOME
|
6
|
+
echo -e "INFO: setting \$HOME_FOLDER to $HOME";
|
7
|
+
fi
|
8
|
+
if [ -z $USER_NAME ]; then
|
9
|
+
USER_NAME=`whoami`
|
10
|
+
echo -e "INFO: setting \$USER_NAME to `whoami`";
|
11
|
+
fi
|
12
|
+
|
13
|
+
# install system dependencies
|
14
|
+
apt-get update
|
15
|
+
apt-get install -y build-essential git libxml2 libxml2-dev \
|
16
|
+
libxslt-dev libcurl4-openssl-dev libsqlite3-dev libyaml-dev zlib1g-dev \
|
17
|
+
python-dev python-pip python-setuptools curl nmap w3af-console wget
|
18
|
+
|
19
|
+
|
20
|
+
# install Ruby rvm, ruby 2.3.0 w/ json patch
|
21
|
+
# @see https://github.com/rbenv/ruby-build/issues/834
|
22
|
+
gpg --keyserver hkp://keys.gnupg.net --recv-keys \
|
23
|
+
409B6B1796C275462A1703113804BB82D39DC0E3
|
24
|
+
curl -sSL https://get.rvm.io | bash -s stable
|
25
|
+
source /etc/profile.d/rvm.sh
|
26
|
+
echo "source /etc/profile.d/rvm.sh" >> ~/.bashrc
|
27
|
+
rvm use 2.3.0 --default --install --fuzzy
|
28
|
+
|
29
|
+
# install gauntlt, from source
|
30
|
+
GAUNTLT_DIR=`pwd` # user current working directory, wherever you install Gauntlt
|
31
|
+
gem install bundler
|
32
|
+
bundle update
|
33
|
+
git submodule update --init --recursive --force
|
34
|
+
|
35
|
+
|
36
|
+
|
37
|
+
# install sslyze
|
38
|
+
if ! type "sslyze" > /dev/null 2>&1; then
|
39
|
+
cd $GAUNTLT_DIR/vendor/sslyze
|
40
|
+
pip install -r requirements.txt
|
41
|
+
ln -s `pwd`/sslyze_cli.py /usr/bin/sslyze
|
42
|
+
fi
|
43
|
+
|
44
|
+
|
45
|
+
|
46
|
+
# install sqlmap
|
47
|
+
if ! type "sqlmap" > /dev/null 2>&1; then
|
48
|
+
cd $GAUNTLT_DIR/vendor/sqlmap
|
49
|
+
ln -s `pwd`/sqlmap.py /usr/bin/sqlmap
|
50
|
+
fi
|
51
|
+
|
52
|
+
|
53
|
+
|
54
|
+
# install Go, Heartbleed
|
55
|
+
if ! type "Heartbleed" > /dev/null 2>&1; then
|
56
|
+
apt-get install -y golang
|
57
|
+
export GOPATH=$HOME_FOLDER/go
|
58
|
+
export PATH=$PATH:$GOROOT/bin:$GOPATH/bin
|
59
|
+
cat << 'EOF' >> $HOME_FOLDER/.bashrc
|
60
|
+
|
61
|
+
# configure go pathways
|
62
|
+
export GOPATH=$HOME/go
|
63
|
+
export PATH=$PATH:$GOROOT/bin:$GOPATH/bin
|
64
|
+
EOF
|
65
|
+
go get github.com/FiloSottile/Heartbleed
|
66
|
+
fi
|
67
|
+
|
68
|
+
|
69
|
+
# install dirb
|
70
|
+
if ! type "dirb" > /dev/null 2>&1; then
|
71
|
+
cd $GAUNTLT_DIR/vendor
|
72
|
+
wget -q http://downloads.sourceforge.net/project/dirb/dirb/2.22/dirb222.tar.gz
|
73
|
+
tar -zxf dirb222.tar.gz
|
74
|
+
mv dirb222 dirb
|
75
|
+
chmod -R +x ./dirb
|
76
|
+
cd dirb
|
77
|
+
chown -R $(whoami) .
|
78
|
+
bash ./configure
|
79
|
+
make
|
80
|
+
ln -s `pwd`/dirb /usr/bin/dirb
|
81
|
+
cd $GAUNTLT_DIR/vendor/dirb/wordlists
|
82
|
+
export DIRB_WORDLISTS=`pwd`
|
83
|
+
else
|
84
|
+
export DIRB_WORDLISTS=`locate dirb | grep "/dirb/wordlists$"`
|
85
|
+
fi
|
86
|
+
|
87
|
+
|
88
|
+
# install Garmr, from source
|
89
|
+
if ! type "garmr" > /dev/null 2>&1; then
|
90
|
+
cd $GAUNTLT_DIR/vendor/Garmr
|
91
|
+
python setup.py install
|
92
|
+
fi
|
93
|
+
|
94
|
+
|
95
|
+
# install Arachni, from a gem
|
96
|
+
if ! type "arachni" > /dev/null 2>&1; then
|
97
|
+
gem install arachni -v 1.0.6
|
98
|
+
gem install service_manager
|
99
|
+
fi
|
100
|
+
|
101
|
+
|
102
|
+
# start gruyere
|
103
|
+
cd $GAUNTLT_DIR/vendor/gruyere
|
104
|
+
bash ./manual_launch.sh
|
105
|
+
|
106
|
+
# set the environmental variables
|
107
|
+
export SSLYZE_PATH=`which sslyze`
|
108
|
+
export SQLMAP_PATH=`which sqlmap`
|
109
|
+
|
110
|
+
# save environmental variables to .bashrc
|
111
|
+
cat << EOF >> $HOME_FOLDER/.bashrc
|
112
|
+
|
113
|
+
# configure environmental variables for Gauntlt
|
114
|
+
export DIRB_WORDLISTS=`locate dirb | grep "/dirb/wordlists$"`
|
115
|
+
export SSLYZE_PATH=`which sslyze`
|
116
|
+
export SQLMAP_PATH=`which sqlmap`
|
117
|
+
EOF
|
118
|
+
|
119
|
+
# chown the environment
|
120
|
+
cd $GAUNTLT_DIR
|
121
|
+
chown -R $USER_NAME ./
|
@@ -8,9 +8,14 @@ end
|
|
8
8
|
|
9
9
|
When /^I launch (?:a|an) "arachni-(.*?)" attack$/ do | type |
|
10
10
|
attack_alias = 'arachni-' + type
|
11
|
-
|
12
|
-
|
13
|
-
|
11
|
+
arachni_version = get_cli_version("arachni")
|
12
|
+
attack = load_attack_alias(attack_alias, arachni_version)
|
13
|
+
|
14
|
+
if arachni_version.length > 0
|
15
|
+
optional_version_info = " with version #{arachni_version} of arachni"
|
16
|
+
end
|
17
|
+
|
18
|
+
Kernel.puts "Running a #{attack_alias} attack#{optional_version_info}. This attack has this description:\n #{attack['description']}"
|
14
19
|
Kernel.puts "The #{attack_alias} attack requires the following to be set in the profile:\n #{attack['requires']}"
|
15
20
|
|
16
21
|
run_with_profile attack['command']
|
@@ -7,10 +7,25 @@ module Gauntlt
|
|
7
7
|
def gauntlt_attack_aliases
|
8
8
|
@gauntlt_attack_aliases ||= {}
|
9
9
|
end
|
10
|
-
|
11
|
-
def load_attack_alias(alias_name)
|
10
|
+
|
11
|
+
def load_attack_alias(alias_name, *version)
|
12
12
|
@attack_steps = import_attack_aliases
|
13
|
-
@
|
13
|
+
@alias_versioned = ""
|
14
|
+
@alias_versioned << alias_name
|
15
|
+
if version.length > 0
|
16
|
+
@alias_versioned << "-"
|
17
|
+
@alias_versioned << version[0]
|
18
|
+
end
|
19
|
+
|
20
|
+
print "Checking #{@alias_versioned} and #{alias_name}"
|
21
|
+
|
22
|
+
if @attack_steps.has_key?(@alias_versioned)
|
23
|
+
@attack_steps[@alias_versioned]
|
24
|
+
elsif @attack_steps.has_key?(alias_name)
|
25
|
+
@attack_steps[alias_name]
|
26
|
+
else
|
27
|
+
raise("Unknown attack alias #{alias_name}, try gauntlt --list_attack_aliases")
|
28
|
+
end
|
14
29
|
end
|
15
30
|
|
16
31
|
def import_attack_aliases
|
@@ -22,6 +22,11 @@ module Gauntlt
|
|
22
22
|
def get_shell_variable(shell_variable)
|
23
23
|
ENV[shell_variable]
|
24
24
|
end
|
25
|
+
|
26
|
+
#this should succeed in getting the version of a command in most situations
|
27
|
+
def get_cli_version(bin_name)
|
28
|
+
return `#{bin_name} --version`.scan(/((\d+\.)?(\d+\.)?(\*|\d+))/)[0][0]
|
29
|
+
end
|
25
30
|
|
26
31
|
def shell_variable_exists?(shell_variable)
|
27
32
|
path = get_shell_variable(shell_variable)
|
@@ -42,3 +47,4 @@ end
|
|
42
47
|
Before('@reallyslow') do
|
43
48
|
@aruba_timeout_seconds = 600
|
44
49
|
end
|
50
|
+
|
@@ -1,20 +1,29 @@
|
|
1
|
-
{
|
1
|
+
{
|
2
|
+
"arachni-simple_xss-1.3.2" : { "command" : "arachni --check=xss <url>",
|
3
|
+
"description" : "This is a scan for cross site scripting (xss) that only runs the base xss module in arachni. This particular scan is for version 1.3.2 of arachni.",
|
4
|
+
"requires" : [ "<url>" ]
|
5
|
+
},
|
6
|
+
"arachni-simple_xss-1.0.6" : { "command" : "arachni --modules=xss <url>",
|
7
|
+
"description" : "This is a scan for cross site scripting (xss) that only runs the base xss module in arachni. This particular scan is for version 1.3.2 of arachni.",
|
8
|
+
"requires" : [ "<url>" ]
|
9
|
+
},
|
10
|
+
"arachni-simple_xss" : { "command" : "arachni --checks=xss --scope-directory-depth-limit=1 --scope-page-limit=10 --scope-auto-redundant=2 <url>",
|
2
11
|
"description" : "This is a scan for cross site scripting (xss) that only runs the base xss module in arachni. The scan only crawls one level deep which makes it faster. For more depth, run the gauntlt attack alias 'arachni-simple_xss_with_depth' and specifiy depth.",
|
3
12
|
"requires" : [ "<url>" ]
|
4
13
|
},
|
5
|
-
"arachni-simple_xss_with_depth" : { "command" : "arachni --
|
14
|
+
"arachni-simple_xss_with_depth" : { "command" : "arachni --checks=xss --scope-directory-depth-limit=<depth> <url>",
|
6
15
|
"description" : "This is a scan for cross site scripting (xss) that only runs the base xss module in arachni. The scan only crawls as many levels deep as you specify. The higher the integer, the longer the scan will take to run.",
|
7
16
|
"requires" : [ "<url>", "<depth>"]
|
8
17
|
},
|
9
|
-
"arachni-full_xss" : { "command" : "arachni --
|
18
|
+
"arachni-full_xss" : { "command" : "arachni --checks=xss* --scope-directory-depth-limit=1 --scope-page-limit=10 --scope-auto-redundant=2 <url>",
|
10
19
|
"description" : "This is a scan for cross site scripting (xss) that only runs all the xss modules in arachni. The scan only crawls one level deep, which makes it faster. For more depth, run the gauntlt attack alias 'arachni-full_xss_with_depth' and specifiy depth.",
|
11
20
|
"requires" : [ "<url>" ]
|
12
21
|
},
|
13
|
-
"arachni-full_xss_with_depth" : { "command" : "arachni --
|
22
|
+
"arachni-full_xss_with_depth" : { "command" : "arachni --checks=xss* --scope-directory-depth-limit=<depth> <url>",
|
14
23
|
"description" : "This is a scan for cross site scripting (xss) that only runs all the xss modules in arachni. The scan only crawls as many levels deep as you specify. The higher the integer, the longer the scan will take to run.",
|
15
24
|
"requires" : [ "<url>", "<depth>"]
|
16
25
|
},
|
17
|
-
"arachni-xss_with_options" : { "command" : "arachni --
|
26
|
+
"arachni-xss_with_options" : { "command" : "arachni --checks=xss* --scope-directory-depth-limit=<depth> --scope-page-limit=<link_count> --scope-auto-redundant=<auto_redundant> <url>",
|
18
27
|
"description" : "This is a scan for cross site scripting (xss) that runs all the xss modules in arachni. This requires to specify several options for the scan. The arachni wiki has information on what these options represent but generally as you increase their values, the scan takes longer to run. \nThe wiki for arachni is available here > https://github.com/Arachni/arachni/wiki/Command-line-user-interface. \nThe depth option is described here: https://github.com/Arachni/arachni/wiki/Command-line-user-interface#wiki-depth \nThe link_count option is described here: https://github.com/Arachni/arachni/wiki/Command-line-user-interface#wiki-link-count \nThe auto_redundant option is described here: https://github.com/Arachni/arachni/wiki/Command-line-user-interface#wiki-auto-redundant",
|
19
28
|
"requires" : [ "<url>", "<depth>", "<link_count>", "<auto_redundant>" ]
|
20
29
|
}
|
data/lib/gauntlt/version.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: gauntlt
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.0.
|
4
|
+
version: 1.0.12
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- James Wickett
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date:
|
12
|
+
date: 2016-04-15 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: rake
|
@@ -17,28 +17,28 @@ dependencies:
|
|
17
17
|
requirements:
|
18
18
|
- - ~>
|
19
19
|
- !ruby/object:Gem::Version
|
20
|
-
version:
|
20
|
+
version: 11.0.1
|
21
21
|
type: :development
|
22
22
|
prerelease: false
|
23
23
|
version_requirements: !ruby/object:Gem::Requirement
|
24
24
|
requirements:
|
25
25
|
- - ~>
|
26
26
|
- !ruby/object:Gem::Version
|
27
|
-
version:
|
27
|
+
version: 11.0.1
|
28
28
|
- !ruby/object:Gem::Dependency
|
29
29
|
name: arachni
|
30
30
|
requirement: !ruby/object:Gem::Requirement
|
31
31
|
requirements:
|
32
32
|
- - '='
|
33
33
|
- !ruby/object:Gem::Version
|
34
|
-
version:
|
34
|
+
version: '1.4'
|
35
35
|
type: :development
|
36
36
|
prerelease: false
|
37
37
|
version_requirements: !ruby/object:Gem::Requirement
|
38
38
|
requirements:
|
39
39
|
- - '='
|
40
40
|
- !ruby/object:Gem::Version
|
41
|
-
version:
|
41
|
+
version: '1.4'
|
42
42
|
- !ruby/object:Gem::Dependency
|
43
43
|
name: cucumber
|
44
44
|
requirement: !ruby/object:Gem::Requirement
|
@@ -71,30 +71,30 @@ dependencies:
|
|
71
71
|
name: nokogiri
|
72
72
|
requirement: !ruby/object:Gem::Requirement
|
73
73
|
requirements:
|
74
|
-
- -
|
74
|
+
- - ~>
|
75
75
|
- !ruby/object:Gem::Version
|
76
|
-
version: 1.6.
|
76
|
+
version: 1.6.5
|
77
77
|
type: :runtime
|
78
78
|
prerelease: false
|
79
79
|
version_requirements: !ruby/object:Gem::Requirement
|
80
80
|
requirements:
|
81
|
-
- -
|
81
|
+
- - ~>
|
82
82
|
- !ruby/object:Gem::Version
|
83
|
-
version: 1.6.
|
83
|
+
version: 1.6.5
|
84
84
|
- !ruby/object:Gem::Dependency
|
85
85
|
name: trollop
|
86
86
|
requirement: !ruby/object:Gem::Requirement
|
87
87
|
requirements:
|
88
88
|
- - ~>
|
89
89
|
- !ruby/object:Gem::Version
|
90
|
-
version:
|
90
|
+
version: 2.1.2
|
91
91
|
type: :runtime
|
92
92
|
prerelease: false
|
93
93
|
version_requirements: !ruby/object:Gem::Requirement
|
94
94
|
requirements:
|
95
95
|
- - ~>
|
96
96
|
- !ruby/object:Gem::Version
|
97
|
-
version:
|
97
|
+
version: 2.1.2
|
98
98
|
description: Using standard Gherkin language to define security tests, gauntlt happily
|
99
99
|
wraps cucumber functionality and provides a security testing framework that security
|
100
100
|
engineers, developers and operations teams can collaborate on together.
|
@@ -137,6 +137,7 @@ files:
|
|
137
137
|
- gauntlt.gemspec
|
138
138
|
- gem_tasks/cucumber.rake
|
139
139
|
- gem_tasks/test.rake
|
140
|
+
- install_gauntlt_deps.sh
|
140
141
|
- lib/gauntlt.rb
|
141
142
|
- lib/gauntlt/attack.rb
|
142
143
|
- lib/gauntlt/attack_adapters/arachni.rb
|
@@ -189,7 +190,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
189
190
|
version: '0'
|
190
191
|
requirements: []
|
191
192
|
rubyforge_project:
|
192
|
-
rubygems_version: 2.
|
193
|
+
rubygems_version: 2.4.8
|
193
194
|
signing_key:
|
194
195
|
specification_version: 4
|
195
196
|
summary: behaviour-driven security using cucumber
|