gauntlt 1.0.12 → 1.0.13

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: e5441f5eb6efbb45a3f2256b6221b701fd44ecfa
-  data.tar.gz: 0326e52f48b970207e867b29d5417b279dc5b97b
+  metadata.gz: c2c51cde0442bafb05665ed820dc8f1093b8f2c7
+  data.tar.gz: 510e74457b2a5e31de244ea646d278809f44087a
 SHA512:
-  metadata.gz: 565a159c44612a49c817ce6a97f95ac417dd19f7fa7db1d6cd92a36f8f9471e57f366e5a8a00e5250a898e5839911bf579eaaa98759ccd78418c172c5d674e98
-  data.tar.gz: 021e7f39ce8adfbcd3999729be2f080e8b2016ac25dac2f89f0fbc8ea941be2f07fa7d345c73b7cd1a37d21b0cb895a6f92136b5e6855e1332fdc0f7a48d18a9
+  metadata.gz: abc774b0b9c1356117eb8b9f2c971200871081707ed41786c91f7aa5d21888cda86bf98a74e9c2128d2bb6f1e18fb8c2070f5d05bfc0fa2238fd15ab1bf4cb72
+  data.tar.gz: 79dc9aa306817106cb273649657e5b94e36bc78c7826ec8fd4c5d2211514a654a2f002c7fe3b4a36c320d11368ef81b18c950f5a93f5149c63e20022ac685ce4

data/.travis.yml

@@ -1,16 +1,16 @@
 language: ruby
 rvm:
-  - 2.1.0
-  - 2.1.5
-  - 2.2.4
-  - 2.3.0
+  - 2.1.10
+  - 2.2.7
+  - 2.3.4
+env:
+  global:
+    - ARACHNI="arachni-1.5.1-0.5.12"
+    - ARACHNI_URL="https://github.com/Arachni/arachni/releases/download/v1.5.1/arachni-1.5.1-0.5.12-linux-x86_64.tar.gz"
 before_install:
   - git submodule update --init --recursive --force
   - gem update bundler
 before_script:
-  #- go get github.com/FiloSottile/Heartbleed
-  #- go install github.com/FiloSottile/Heartbleed
-  #- which Heartbleed
   - sudo apt-get update
   - sudo apt-get install build-essential git libxml2 libxml2-dev
     libxslt-dev libcurl4-openssl-dev libsqlite3-dev libyaml-dev zlib1g-dev
@@ -18,10 +18,8 @@ before_script:
   - export SSLYZE_PATH="/home/travis/build/gauntlt/gauntlt/vendor/sslyze/sslyze_cli.py"
   - export SQLMAP_PATH="/home/travis/build/gauntlt/gauntlt/vendor/sqlmap/sqlmap.py"
   - 'cd vendor/Garmr && sudo python setup.py install && cd ../..'
-  - 'cd vendor && wget http://downloads.sourceforge.net/project/dirb/dirb/2.03/dirb203.tar.gz && tar xvfz dirb203.tar.gz && cd dirb && ./configure && make && sudo cp dirb /usr/local/bin/ && cd ..'
-  - export DIRB_WORDLISTS="/home/travis/build/gauntlt/gauntlt/vendor/dirb/wordlists"
+  - 'cd vendor && tar xvfz dirb222.tar.gz > /dev/null && chmod -R 755 ./dirb222 && cd ./dirb222 && ./configure && make && sudo cp dirb /usr/local/bin/ && cd ..'
+  - export DIRB_WORDLISTS="/home/travis/build/gauntlt/gauntlt/vendor/dirb222/wordlists"
+  - 'wget $ARACHNI_URL && tar xzvf $ARACHNI-linux-x86_64.tar.gz > /dev/null && sudo ln -s $TRAVIS_BUILD_DIR/$ARACHNI/bin/* /usr/local/bin/'
 notifications:
-  irc:
-    channels:
-      - "chat.freenode.net#gauntlt"
-    use_notice: true
+  slack: gauntlt:UEjUro5MQLFO1DwuETgUxb7u

data/README.md

@@ -8,15 +8,24 @@ usable by devs, ops and security.
 
 ## PROJECT STATUS
 
-Gauntlt is under active development and we welcome community feedback and
-contributions.  Please file issues via github and follow the project on
-twitter: [@gauntlt](https://twitter.com/gauntlt).
+As of 2018, Gauntlt is re-launching development efforts and building a commmunity
+of practice. Join us on the [gauntlt slack channel](http://bit.ly/2EU9yGh). We are
+hoping to extend gauntlt functionality, add attack adapters and buildup a library
+of sharable attacks that fit everyone's needs. This isn't just for ruby developers,
+we need feedback and contributions from security experts and people with experience
+running gauntlt in build pipelines. Join us!
 
-Have questions?  Ask us anything on the [gauntlt google group](http://bit.ly/gauntlt_group)
-or find us on irc at [#gauntlt](http://webchat.freenode.net/?channels=gauntlt) (irc.freenode.net).
+We welcome feedback and contributions.  Please file issues via
+github and follow the project on twitter: [@gauntlt](https://twitter.com/gauntlt).
+
+Have questions?  Feel free to open a ticket, but we would prefer you find us
+on the [gauntlt slack channel](http://bit.ly/2EU9yGh) (gauntlt.slack.com).
 
 ## GET STARTED
 
+You might want also take a look at [gauntlt-docker](https://github.com/gauntlt/gauntlt-docker)
+which has gauntlt and a few attack tools all grouped into one container.
+
 Note: if you are new to gauntlt, have a look at
 [gauntlt-starter-kit](https://github.com/gauntlt/gauntlt-starter-kit), it is
 the easiest way to get up and running.
@@ -89,11 +98,14 @@ example on gauntlt.org)
 
 Gauntlt includes attack adapters for the following tools:
 
+* [arachni] [arachni]
 * [curl] [curl]
+* [dirb] [dirb]
+* [Garmr] [garmr]
+* [heartbleed] [heartbleed]
 * [nmap] [nmap]
-* [sslyze] [sslyze]
 * [sqlmap] [sqlmap]
-* [Garmr] [garmr]
+* [sslyze] [sslyze]
 
 You will need to install each tool yourself before you can use it with gauntlt.
 However, if you try to use a tool that is not installed or that gauntlt cannot
@@ -153,7 +165,7 @@ Feature: Attack with kindness
 
 ## FOR DEVELOPERS
 
-NOTE: We currently use `ruby 1.9.3` and `JRuby 1.7.0` for development and testing.
+NOTE: We currently use `ruby 2.3.4` for development and testing.
 
 1. Clone the git repo and get the submodules
 
@@ -197,18 +209,19 @@ NOTE: We currently use `ruby 1.9.3` and `JRuby 1.7.0` for development and testin
 
 ## ROADMAP
 
-Gauntlt is under active development and we appreciate your suggestions and bug reports. We aim to be very responsive and friendly while adhering to a consistent design based on minimalism, simplicity and extensibility.
+Gauntlt has been steady for some time now, but we are working on some new features. Join us on slack for more info.
+
+We appreciate your suggestions and bug reports. We aim to be very responsive and friendly while adhering to a consistent design based on minimalism, simplicity and extensibility.
 
 ## LICENSE
 
 gauntlt is licensed under The MIT License. See the LICENSE file in the repo or visit [gauntlt.mit-license.org](http://gauntlt.mit-license.org/) for details.
 
+[arachni]: http://www.arachni-scanner.com/
 [curl]: http://curl.haxx.se
+[dirb]: http://dirb.sourceforge.net/
+[garmr]: https://github.com/mozilla/Garmr
+[heartbleed]: https://github.com/FiloSottile/Heartbleed
 [nmap]: http://nmap.org
 [sslyze]: https://github.com/iSECPartners/sslyze
 [sqlmap]: http://sqlmap.org
-[garmr]: https://github.com/mozilla/Garmr
-
-
-[![Bitdeli Badge](https://d2weczhvl823v0.cloudfront.net/gauntlt/gauntlt/trend.png)](https://bitdeli.com/free "Bitdeli Badge")
-

data/bin/gauntlt

@@ -28,6 +28,8 @@ EOS
 
   opt :format, "Available formats: html, json, junit, progress",
       :type => String
+  opt :outfile, "Pipe run results to file",
+      :type => String
 end
 
 opts[:path] = if ARGV.empty?
@@ -50,6 +52,6 @@ elsif opts[:allsteps]
   puts "\nGauntlt Attack Steps"
   puts all_step_defs[:gauntlt].sort
 else
-  Gauntlt.attack( opts[:path], opts[:tags].join(','), opts[:format] )
+  Gauntlt.attack( opts[:path], opts[:tags].join(','), opts[:format], opts[:outfile] )
 end
 

data/features/step_definitions/support_steps.rb

@@ -15,6 +15,6 @@ end
 
 Given /^the following attack files exist:$/ do |table|
   table.hashes.each do |hsh|
-    check_file_presence [hsh['filename']], true
+      be_exisiting_file [hsh['filename']], true
   end
 end

data/gauntlt.gemspec

@@ -16,16 +16,17 @@ Gem::Specification.new do |s|
   s.files.reject! { |fn| fn.include? "vendor" }
   s.files.reject! { |fn| fn.include? "examples" }
   s.files.reject! { |fn| fn.include? "ready_to_rumble" }
+  s.files.reject! { |fn| fn.include? "install_gauntlt_deps" }
   s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
   s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
   s.require_paths = ["lib"]
 
-  s.add_development_dependency 'rake', '~> 11.0.1'
-  s.add_development_dependency 'arachni', '= 1.4'
+  s.add_development_dependency 'rake', '~> 12.2', '>= 12.2.1'
 
+  s.add_runtime_dependency 'ffi', '= 1.9.18'
   s.add_runtime_dependency 'cucumber', '= 1.3.20'
-  s.add_runtime_dependency 'aruba', '= 0.5.4'
-  s.add_runtime_dependency 'nokogiri', '~> 1.6.5'
-  s.add_runtime_dependency 'trollop', '~> 2.1.2'
+  s.add_runtime_dependency 'aruba', '= 0.7.4'
+  s.add_runtime_dependency 'nokogiri', '~> 1.8', '>= 1.8.1'
+  s.add_runtime_dependency 'trollop', '~> 2.1', '>= 2.1.2'
 
 end

data/lib/gauntlt.rb

@@ -32,8 +32,8 @@ module Gauntlt
       end.sort
     end
 
-    def attack(path, tags=[], format="")
-      Attack.new(path, tags, format).run
+    def attack(path, tags=[], format="", outfile="")
+      Attack.new(path, tags, format, outfile).run
     end
 
     def stepdefs(path, tags=[])

data/lib/gauntlt/attack.rb

@@ -4,8 +4,8 @@ module Gauntlt
   class Attack
     attr_accessor :runtime
 
-    def initialize(path, tags=[], format="")
-      self.runtime = Runtime.new(path, tags, format)
+    def initialize(path, tags=[], format="", outfile="")
+      self.runtime = Runtime.new(path, tags, format, outfile)
     end
 
     def run

data/lib/gauntlt/attack_adapters/support/attack_step_helper.rb

@@ -7,17 +7,17 @@ module Gauntlt
       def gauntlt_attack_aliases
         @gauntlt_attack_aliases ||= {}
       end
-     
+
       def load_attack_alias(alias_name, *version)
         @attack_steps = import_attack_aliases
         @alias_versioned = ""
-	@alias_versioned << alias_name
+        @alias_versioned << alias_name
         if version.length > 0
             @alias_versioned << "-"
             @alias_versioned << version[0]
         end
 
-	print "Checking #{@alias_versioned} and #{alias_name}"
+        print "Checking #{@alias_versioned} and #{alias_name}"
 
         if @attack_steps.has_key?(@alias_versioned)
             @attack_steps[@alias_versioned]

data/lib/gauntlt/attack_aliases/arachni.json

@@ -26,5 +26,9 @@
   "arachni-xss_with_options" : { "command" : "arachni --checks=xss* --scope-directory-depth-limit=<depth> --scope-page-limit=<link_count> --scope-auto-redundant=<auto_redundant> <url>",
       "description" : "This is a scan for cross site scripting (xss) that runs all the xss modules in arachni.  This requires to specify several options for the scan. The arachni wiki has information on what these options represent but generally as you increase their values, the scan takes longer to run. \nThe wiki for arachni is available here > https://github.com/Arachni/arachni/wiki/Command-line-user-interface. \nThe depth option is described here: https://github.com/Arachni/arachni/wiki/Command-line-user-interface#wiki-depth \nThe link_count option is described here: https://github.com/Arachni/arachni/wiki/Command-line-user-interface#wiki-link-count \nThe auto_redundant option is described here: https://github.com/Arachni/arachni/wiki/Command-line-user-interface#wiki-auto-redundant",
       "requires" : [ "<url>", "<depth>", "<link_count>", "<auto_redundant>" ]
+    },
+    "arachni-allmediumandhigher" : { "command" : "arachni --checks=*,-interesting_responses,-webdav,-localstart_asp,-directory_listing,-private_ip,-form_upload,-cvs_svn_users,-captcha,-http_only_cookies,-html_objects,-emails,-cookie_set_for_parent_domain,-common_files,-allowed_methods <url>",
+      "description" : "This scan performs all checks except the checks that are low or informational only. We did leave in insecure_cookies even though this originally was an informational risk.",
+      "requires" : [ "<url>" ]
     }
 }

data/lib/gauntlt/attack_aliases/nmap.json

@@ -1,9 +1,42 @@
-{ "nmap-fast" : { "command" : "nmap -F <host>",
-      "description" : "This is a fast nmap scan that should run in 10 seconds or less on most networks.  It looks for the most common ports and services.",
-      "requires" : [ "<host>" ]
+{
+    "nmap-fast" : {
+        "command" : "nmap -F <host>",
+        "description" : "This is a fast nmap scan that should run in 10 seconds or less on most networks.  It looks for the most common ports and services.",
+        "requires" : [ "<host>" ]
     },
-  "nmap-single_port" : { "command" : "nmap -p<port> <host>",
-      "description" : "This checks a single port only",
-      "requires" : [ "<host>", "<port>" ]
+    "nmap-single_port" : {
+        "command" : "nmap -p<port> <host>",
+        "description" : "This checks a single port only",
+        "requires" : [ "<host>", "<port>" ]
+    },
+    "nmap-all_tcp" : {
+        "command" : "nmap -Pn -p 1-65534 <host>",
+        "description" : "This checks all TCP ports",
+        "requires" : [ "<host>" ]
+    },
+    "nmap-scan_hostnames" : {
+        "command" : "nmap -sL <host>/24",
+        "description" : "This runs an ARP scan, no port scan",
+        "requires" : [ "<host>" ]
+    },
+    "nmap-arp_scan_network_no_portscan" : {
+        "command" : "nmap -PR -sn <host>/24",
+        "description" : "This runs an ARP scan, no port scan",
+        "requires" : [ "<host>" ]
+    },
+    "nmap-arp_scan_network_with_portscan" : {
+        "command" : "nmap -PR <host>/24",
+        "description" : "This runs an ARP scan, with a port scan",
+        "requires" : [ "<host>" ]
+    },
+    "nmap-portscan_tcp_udp_top100" : {
+        "command" : "nmap -sTU --top-ports 100 <host>",
+        "description" : "This runs a TCP and UDP port scan, top 100",
+        "requires" : [ "<host>" ]
+    },
+    "nmap-portscan_tcp_udp_top1000" : {
+        "command" : "nmap -sTU --top-ports 1000 <host>",
+        "description" : "This runs a TCP and UDP port scan, top 1000",
+        "requires" : [ "<host>" ]
     }
 }

data/lib/gauntlt/runtime.rb

@@ -9,13 +9,14 @@ module Gauntlt
     class NoFilesFound < StandardError; end
     class ExecutionFailed < StandardError; end
 
-    attr_accessor :path, :attack_files, :tags, :format
+    attr_accessor :path, :attack_files, :tags, :format, :outfile
 
-    def initialize(path, tags=[], format="")
+    def initialize(path, tags=[], format="", outfile="")
       self.path         = path
       self.attack_files = self.class.attack_files_for(path)
       self.tags         = tags
       self.format       = format
+      self.outfile      = outfile
       raise NoFilesFound.new("No files found in path: #{path}") if attack_files.empty?
     end
 
@@ -23,7 +24,7 @@ module Gauntlt
       args =  attack_files + ['--strict', '--no-snippets', '--require', self.class.adapters_dir]
       args += ['--tags', tags] unless tags.empty?
       args += ['--format', format] unless format.nil?
-
+      args += ['--out', outfile] unless outfile.nil?
       Cucumber::Cli::Main.new(args)
     end
 

data/lib/gauntlt/version.rb

@@ -1,3 +1,3 @@
 module Gauntlt
-  VERSION = "1.0.12"
+  VERSION = "1.0.13"
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: gauntlt
 version: !ruby/object:Gem::Version
-  version: 1.0.12
+  version: 1.0.13
 platform: ruby
 authors:
 - James Wickett
@@ -9,36 +9,42 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-04-15 00:00:00.000000000 Z
+date: 2018-03-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 11.0.1
+        version: '12.2'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 12.2.1
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '12.2'
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 11.0.1
+        version: 12.2.1
 - !ruby/object:Gem::Dependency
-  name: arachni
+  name: ffi
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: '1.4'
-  type: :development
+        version: 1.9.18
+  type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: '1.4'
+        version: 1.9.18
 - !ruby/object:Gem::Dependency
   name: cucumber
   requirement: !ruby/object:Gem::Requirement
@@ -59,40 +65,52 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.5.4
+        version: 0.7.4
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.5.4
+        version: 0.7.4
 - !ruby/object:Gem::Dependency
   name: nokogiri
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.6.5
+        version: '1.8'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.8.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.8'
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 1.6.5
+        version: 1.8.1
 - !ruby/object:Gem::Dependency
   name: trollop
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.1'
+    - - ">="
       - !ruby/object:Gem::Version
         version: 2.1.2
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.1'
+    - - ">="
       - !ruby/object:Gem::Version
         version: 2.1.2
 description: Using standard Gherkin language to define security tests, gauntlt happily
@@ -105,9 +123,9 @@ executables:
 extensions: []
 extra_rdoc_files: []
 files:
-- .gitignore
-- .gitmodules
-- .travis.yml
+- ".gitignore"
+- ".gitmodules"
+- ".travis.yml"
 - Gemfile
 - LICENSE
 - README.md
@@ -117,7 +135,7 @@ files:
 - config/services.rb
 - config/warble.rb
 - features/attack.feature
-- features/attacks/arachni.feature
+- features/attacks/arachni.broken
 - features/attacks/curl.feature
 - features/attacks/dirb.feature
 - features/attacks/garmr.feature
@@ -137,7 +155,6 @@ files:
 - gauntlt.gemspec
 - gem_tasks/cucumber.rake
 - gem_tasks/test.rake
-- install_gauntlt_deps.sh
 - lib/gauntlt.rb
 - lib/gauntlt/attack.rb
 - lib/gauntlt/attack_adapters/arachni.rb
@@ -180,23 +197,23 @@ require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
-  - - '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.4.8
+rubygems_version: 2.6.14
 signing_key: 
 specification_version: 4
 summary: behaviour-driven security using cucumber
 test_files:
 - features/attack.feature
-- features/attacks/arachni.feature
+- features/attacks/arachni.broken
 - features/attacks/curl.feature
 - features/attacks/dirb.feature
 - features/attacks/garmr.feature

data/install_gauntlt_deps.sh

@@ -1,121 +0,0 @@
-#!/bin/bash
-
-# check for system variables
-if [ -z $HOME_FOLDER ]; then
-    HOME_FOLDER=$HOME
-    echo -e "INFO: setting \$HOME_FOLDER to $HOME";
-fi
-if [ -z $USER_NAME ]; then
-    USER_NAME=`whoami`
-    echo -e "INFO: setting \$USER_NAME to `whoami`";
-fi
-
-# install system dependencies
-apt-get update
-apt-get install -y build-essential git libxml2 libxml2-dev \
-    libxslt-dev libcurl4-openssl-dev libsqlite3-dev libyaml-dev zlib1g-dev \
-    python-dev python-pip python-setuptools curl nmap w3af-console wget
-
-
-# install Ruby rvm, ruby 2.3.0 w/ json patch
-# @see https://github.com/rbenv/ruby-build/issues/834
-gpg --keyserver hkp://keys.gnupg.net --recv-keys \
-    409B6B1796C275462A1703113804BB82D39DC0E3
-curl -sSL https://get.rvm.io | bash -s stable
-source /etc/profile.d/rvm.sh
-echo "source /etc/profile.d/rvm.sh" >> ~/.bashrc
-rvm use 2.3.0 --default --install --fuzzy
-
-# install gauntlt, from source
-GAUNTLT_DIR=`pwd` # user current working directory, wherever you install Gauntlt
-gem install bundler
-bundle update
-git submodule update --init --recursive --force
-
-
-
-# install sslyze
-if ! type "sslyze" > /dev/null 2>&1; then
-    cd $GAUNTLT_DIR/vendor/sslyze
-    pip install -r requirements.txt
-    ln -s `pwd`/sslyze_cli.py /usr/bin/sslyze
-fi
-
-
-
-# install sqlmap
-if ! type "sqlmap" > /dev/null 2>&1; then
-    cd $GAUNTLT_DIR/vendor/sqlmap
-    ln -s `pwd`/sqlmap.py /usr/bin/sqlmap
-fi
-
-
-
-# install Go, Heartbleed
-if ! type "Heartbleed" > /dev/null 2>&1; then
-    apt-get install -y golang
-    export GOPATH=$HOME_FOLDER/go
-    export PATH=$PATH:$GOROOT/bin:$GOPATH/bin
-    cat << 'EOF' >> $HOME_FOLDER/.bashrc
-
-# configure go pathways
-export GOPATH=$HOME/go
-export PATH=$PATH:$GOROOT/bin:$GOPATH/bin
-EOF
-    go get github.com/FiloSottile/Heartbleed
-fi
-
-
-# install dirb
-if ! type "dirb" > /dev/null 2>&1; then
-    cd $GAUNTLT_DIR/vendor
-    wget -q http://downloads.sourceforge.net/project/dirb/dirb/2.22/dirb222.tar.gz
-    tar -zxf dirb222.tar.gz
-    mv dirb222 dirb
-    chmod -R +x ./dirb
-    cd dirb
-    chown -R $(whoami) .
-    bash ./configure
-    make
-    ln -s `pwd`/dirb /usr/bin/dirb
-    cd $GAUNTLT_DIR/vendor/dirb/wordlists
-    export DIRB_WORDLISTS=`pwd`
-else
-    export DIRB_WORDLISTS=`locate dirb | grep "/dirb/wordlists$"`
-fi
-
-
-# install Garmr, from source
-if ! type "garmr" > /dev/null 2>&1; then
-    cd $GAUNTLT_DIR/vendor/Garmr
-    python setup.py install
-fi
-
-
-# install Arachni, from a gem
-if ! type "arachni" > /dev/null 2>&1; then
-    gem install arachni -v 1.0.6
-    gem install service_manager
-fi
-
-
-# start gruyere
-cd $GAUNTLT_DIR/vendor/gruyere
-bash ./manual_launch.sh
-
-# set the environmental variables
-export SSLYZE_PATH=`which sslyze`
-export SQLMAP_PATH=`which sqlmap`
-
-# save environmental variables to .bashrc
-cat << EOF >> $HOME_FOLDER/.bashrc
-
-# configure environmental variables for Gauntlt
-export DIRB_WORDLISTS=`locate dirb | grep "/dirb/wordlists$"`
-export SSLYZE_PATH=`which sslyze`
-export SQLMAP_PATH=`which sqlmap`
-EOF
-
-# chown the environment
-cd $GAUNTLT_DIR
-chown -R $USER_NAME ./