pwn 0.4.333
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.github/FUNDING.yml +1 -0
- data/.github/ISSUE_TEMPLATE/bug_report.md +38 -0
- data/.gitignore +62 -0
- data/.rubocop.yml +12 -0
- data/.rubocop_todo.yml +76 -0
- data/.ruby-gemset +1 -0
- data/.ruby-version +1 -0
- data/.travis.yml +24 -0
- data/CODE_OF_CONDUCT.md +46 -0
- data/CONTRIBUTING.md +10 -0
- data/Gemfile +75 -0
- data/LICENSE.txt +22 -0
- data/README.md +125 -0
- data/Rakefile +20 -0
- data/Vagrantfile +250 -0
- data/bin/pwn +74 -0
- data/bin/pwn_android_war_dialer +137 -0
- data/bin/pwn_arachni +132 -0
- data/bin/pwn_arachni_rest +174 -0
- data/bin/pwn_autoinc_version +50 -0
- data/bin/pwn_aws_describe_resources +728 -0
- data/bin/pwn_burp_suite_pro_active_scan +113 -0
- data/bin/pwn_char_base64_encoding +24 -0
- data/bin/pwn_char_dec_encoding +23 -0
- data/bin/pwn_char_hex_escaped_encoding +26 -0
- data/bin/pwn_char_html_entity_encoding +24 -0
- data/bin/pwn_char_unicode_escaped_encoding +23 -0
- data/bin/pwn_char_url_encoding +24 -0
- data/bin/pwn_defectdojo_engagement_create +158 -0
- data/bin/pwn_defectdojo_importscan +104 -0
- data/bin/pwn_defectdojo_reimportscan +104 -0
- data/bin/pwn_domain_reversewhois +89 -0
- data/bin/pwn_fuzz_net_app_proto +149 -0
- data/bin/pwn_ibm_appscan_enterprise +112 -0
- data/bin/pwn_jenkins_create_job +68 -0
- data/bin/pwn_jenkins_create_view +68 -0
- data/bin/pwn_jenkins_install_plugin +91 -0
- data/bin/pwn_jenkins_thinBackup_aws_s3 +123 -0
- data/bin/pwn_jenkins_update_plugins +87 -0
- data/bin/pwn_jenkins_useradd +86 -0
- data/bin/pwn_mail_agent +127 -0
- data/bin/pwn_msf_postgres_login +28 -0
- data/bin/pwn_nessus_cloud_vulnscan +103 -0
- data/bin/pwn_nexpose +52 -0
- data/bin/pwn_openvas_vulnscan +102 -0
- data/bin/pwn_owasp_zap_active_scan +134 -0
- data/bin/pwn_pastebin_sample_filter +61 -0
- data/bin/pwn_perimeter_recon +318 -0
- data/bin/pwn_sast +161 -0
- data/bin/pwn_serial_check_voicemail +66 -0
- data/bin/pwn_serial_qualcomm_commands +16 -0
- data/bin/pwn_simple_http_server +46 -0
- data/bin/pwn_web_cache_deception +233 -0
- data/bin/pwn_www_checkip +62 -0
- data/bin/pwn_xss_dom_vectors +169 -0
- data/build_pwn_gem.sh +33 -0
- data/documentation/CSI_Contributors_and_Users.png +0 -0
- data/documentation/CSI_Driver_Arch.png +0 -0
- data/documentation/fax-spectrogram.png +0 -0
- data/documentation/fax-waveform.png +0 -0
- data/documentation/pwn_android_war_dialer_session.png +0 -0
- data/documentation/pwn_wallpaper.jpg +0 -0
- data/documentation/ringing-spectrogram.png +0 -0
- data/documentation/ringing-waveform.png +0 -0
- data/etc/systemd/msfrpcd.service +12 -0
- data/etc/systemd/openvas.service +14 -0
- data/etc/userland/aws/apache2/jenkins_443.conf +90 -0
- data/etc/userland/aws/apache2/jenkins_80.conf +7 -0
- data/etc/userland/aws/apache2/openvas_443.conf +87 -0
- data/etc/userland/aws/apache2/openvas_80.conf +7 -0
- data/etc/userland/aws/apache2/sast_443.conf +87 -0
- data/etc/userland/aws/apache2/sast_80.conf +9 -0
- data/etc/userland/aws/apache2/vagrant.yaml.EXAMPLE +9 -0
- data/etc/userland/aws/arachni/navigation-REST.instruct.EXAMPLE +29 -0
- data/etc/userland/aws/arachni/navigation.instruct.EXAMPLE +3 -0
- data/etc/userland/aws/burpsuite/navigation.instruct.EXAMPLE +3 -0
- data/etc/userland/aws/burpsuite/vagrant.yaml.EXAMPLE +2 -0
- data/etc/userland/aws/defectdojo/vagrant.yaml.EXAMPLE +3 -0
- data/etc/userland/aws/jenkins/inject_build_envs.sh +15 -0
- data/etc/userland/aws/jenkins/jenkins +81 -0
- data/etc/userland/aws/jenkins/jobs/pipeline-pwntemplate.xml +298 -0
- data/etc/userland/aws/jenkins/jobs/pipeline-selfupdate.xml +462 -0
- data/etc/userland/aws/jenkins/jobs/pwntemplate-DOMAIN-arachni.xml +35 -0
- data/etc/userland/aws/jenkins/jobs/pwntemplate-DOMAIN-burpsuite.xml +44 -0
- data/etc/userland/aws/jenkins/jobs/pwntemplate-DOMAIN-owasp_zap.xml +35 -0
- data/etc/userland/aws/jenkins/jobs/pwntemplate-DOMAIN-ssllabs-scan.xml +45 -0
- data/etc/userland/aws/jenkins/jobs/pwntemplate-GITREPO_BRANCH-sast.xml +71 -0
- data/etc/userland/aws/jenkins/jobs/pwntemplate-NETWORKRANGE-nmap_discovery_scan_tcp_udp_65k.xml +56 -0
- data/etc/userland/aws/jenkins/jobs/pwntemplate-NETWORKRANGE-nmap_xml_results_searchsploit.xml +59 -0
- data/etc/userland/aws/jenkins/jobs/pwntemplate-NETWORKRANGE-openvas.xml +45 -0
- data/etc/userland/aws/jenkins/jobs/selfupdate-exploit-db.xml +43 -0
- data/etc/userland/aws/jenkins/jobs/selfupdate-gem.xml +42 -0
- data/etc/userland/aws/jenkins/jobs/selfupdate-jenkins_plugins.xml +42 -0
- data/etc/userland/aws/jenkins/jobs/selfupdate-metasploit.xml +42 -0
- data/etc/userland/aws/jenkins/jobs/selfupdate-nmap_all_live_hosts.xml +42 -0
- data/etc/userland/aws/jenkins/jobs/selfupdate-openvas_sync.xml +42 -0
- data/etc/userland/aws/jenkins/jobs/selfupdate-openvas_wrappers.xml +42 -0
- data/etc/userland/aws/jenkins/jobs/selfupdate-os.xml +42 -0
- data/etc/userland/aws/jenkins/jobs/selfupdate-pwn.xml +42 -0
- data/etc/userland/aws/jenkins/jobs/selfupdate-rvm.xml +42 -0
- data/etc/userland/aws/jenkins/jobs/selfupdate-ssllabs-scan.xml +42 -0
- data/etc/userland/aws/jenkins/jobs/selfupdate-wpscan.xml +42 -0
- data/etc/userland/aws/jenkins/jobs_userland/.gitkeep +0 -0
- data/etc/userland/aws/jenkins/log_parser_rules/arachni.rules +5 -0
- data/etc/userland/aws/jenkins/log_parser_rules/sast.rules +2 -0
- data/etc/userland/aws/jenkins/log_parser_rules/self_update.rules +14 -0
- data/etc/userland/aws/jenkins/log_parser_rules/ssllabs-scan.rules +8 -0
- data/etc/userland/aws/jenkins/log_parser_rules/system_maintenance.rules +9 -0
- data/etc/userland/aws/jenkins/log_parser_rules/wpscan.rules +2 -0
- data/etc/userland/aws/jenkins/vagrant.yaml.EXAMPLE +8 -0
- data/etc/userland/aws/letsencrypt/vagrant.yaml.EXAMPLE +5 -0
- data/etc/userland/aws/metasploit/vagrant.yaml.EXAMPLE +4 -0
- data/etc/userland/aws/nessus/vagrant.yaml.EXAMPLE +2 -0
- data/etc/userland/aws/openvas/vagrant.yaml.EXAMPLE +2 -0
- data/etc/userland/aws/owasp_zap/navigation.instruct.EXAMPLE +3 -0
- data/etc/userland/aws/postgres/vagrant.yaml.EXAMPLE +2 -0
- data/etc/userland/aws/recon-ng/vagrant.yaml.EXAMPLE +52 -0
- data/etc/userland/aws/vagrant.yaml.EXAMPLE +35 -0
- data/etc/userland/docker/apache2/jenkins_443.conf +90 -0
- data/etc/userland/docker/apache2/jenkins_80.conf +7 -0
- data/etc/userland/docker/apache2/openvas_443.conf +87 -0
- data/etc/userland/docker/apache2/openvas_80.conf +7 -0
- data/etc/userland/docker/apache2/sast_443.conf +87 -0
- data/etc/userland/docker/apache2/sast_80.conf +9 -0
- data/etc/userland/docker/apache2/vagrant.yaml.EXAMPLE +9 -0
- data/etc/userland/docker/arachni/navigation-REST.instruct.EXAMPLE +29 -0
- data/etc/userland/docker/arachni/navigation.instruct.EXAMPLE +3 -0
- data/etc/userland/docker/burpsuite/navigation.instruct.EXAMPLE +3 -0
- data/etc/userland/docker/burpsuite/vagrant.yaml.EXAMPLE +2 -0
- data/etc/userland/docker/defectdojo/vagrant.yaml.EXAMPLE +3 -0
- data/etc/userland/docker/jenkins/inject_build_envs.sh +15 -0
- data/etc/userland/docker/jenkins/jenkins +81 -0
- data/etc/userland/docker/jenkins/jobs/pipeline-pwntemplate.xml +298 -0
- data/etc/userland/docker/jenkins/jobs/pipeline-selfupdate.xml +462 -0
- data/etc/userland/docker/jenkins/jobs/pwntemplate-DOMAIN-arachni.xml +35 -0
- data/etc/userland/docker/jenkins/jobs/pwntemplate-DOMAIN-burpsuite.xml +44 -0
- data/etc/userland/docker/jenkins/jobs/pwntemplate-DOMAIN-owasp_zap.xml +35 -0
- data/etc/userland/docker/jenkins/jobs/pwntemplate-DOMAIN-ssllabs-scan.xml +45 -0
- data/etc/userland/docker/jenkins/jobs/pwntemplate-GITREPO_BRANCH-sast.xml +71 -0
- data/etc/userland/docker/jenkins/jobs/pwntemplate-NETWORKRANGE-nmap_discovery_scan_tcp_udp_65k.xml +56 -0
- data/etc/userland/docker/jenkins/jobs/pwntemplate-NETWORKRANGE-nmap_xml_results_searchsploit.xml +59 -0
- data/etc/userland/docker/jenkins/jobs/pwntemplate-NETWORKRANGE-openvas.xml +45 -0
- data/etc/userland/docker/jenkins/jobs/selfupdate-exploit-db.xml +43 -0
- data/etc/userland/docker/jenkins/jobs/selfupdate-gem.xml +42 -0
- data/etc/userland/docker/jenkins/jobs/selfupdate-jenkins_plugins.xml +42 -0
- data/etc/userland/docker/jenkins/jobs/selfupdate-metasploit.xml +42 -0
- data/etc/userland/docker/jenkins/jobs/selfupdate-nmap_all_live_hosts.xml +42 -0
- data/etc/userland/docker/jenkins/jobs/selfupdate-openvas_sync.xml +42 -0
- data/etc/userland/docker/jenkins/jobs/selfupdate-openvas_wrappers.xml +42 -0
- data/etc/userland/docker/jenkins/jobs/selfupdate-os.xml +42 -0
- data/etc/userland/docker/jenkins/jobs/selfupdate-pwn.xml +42 -0
- data/etc/userland/docker/jenkins/jobs/selfupdate-rvm.xml +42 -0
- data/etc/userland/docker/jenkins/jobs/selfupdate-ssllabs-scan.xml +42 -0
- data/etc/userland/docker/jenkins/jobs/selfupdate-wpscan.xml +42 -0
- data/etc/userland/docker/jenkins/jobs_userland/.gitkeep +0 -0
- data/etc/userland/docker/jenkins/log_parser_rules/arachni.rules +5 -0
- data/etc/userland/docker/jenkins/log_parser_rules/sast.rules +2 -0
- data/etc/userland/docker/jenkins/log_parser_rules/self_update.rules +14 -0
- data/etc/userland/docker/jenkins/log_parser_rules/ssllabs-scan.rules +8 -0
- data/etc/userland/docker/jenkins/log_parser_rules/system_maintenance.rules +9 -0
- data/etc/userland/docker/jenkins/log_parser_rules/wpscan.rules +2 -0
- data/etc/userland/docker/jenkins/vagrant.yaml.EXAMPLE +8 -0
- data/etc/userland/docker/letsencrypt/vagrant.yaml.EXAMPLE +5 -0
- data/etc/userland/docker/metasploit/vagrant.yaml.EXAMPLE +4 -0
- data/etc/userland/docker/nessus/vagrant.yaml.EXAMPLE +2 -0
- data/etc/userland/docker/openvas/vagrant.yaml.EXAMPLE +2 -0
- data/etc/userland/docker/owasp_zap/navigation.instruct.EXAMPLE +3 -0
- data/etc/userland/docker/postgres/vagrant.yaml.EXAMPLE +2 -0
- data/etc/userland/docker/recon-ng/vagrant.yaml.EXAMPLE +52 -0
- data/etc/userland/qemu/apache2/jenkins_443.conf +90 -0
- data/etc/userland/qemu/apache2/jenkins_80.conf +7 -0
- data/etc/userland/qemu/apache2/openvas_443.conf +87 -0
- data/etc/userland/qemu/apache2/openvas_80.conf +7 -0
- data/etc/userland/qemu/apache2/sast_443.conf +87 -0
- data/etc/userland/qemu/apache2/sast_80.conf +9 -0
- data/etc/userland/qemu/apache2/vagrant.yaml.EXAMPLE +9 -0
- data/etc/userland/qemu/arachni/navigation-REST.instruct.EXAMPLE +29 -0
- data/etc/userland/qemu/arachni/navigation.instruct.EXAMPLE +3 -0
- data/etc/userland/qemu/burpsuite/navigation.instruct.EXAMPLE +3 -0
- data/etc/userland/qemu/burpsuite/vagrant.yaml.EXAMPLE +2 -0
- data/etc/userland/qemu/defectdojo/vagrant.yaml.EXAMPLE +3 -0
- data/etc/userland/qemu/jenkins/inject_build_envs.sh +15 -0
- data/etc/userland/qemu/jenkins/jenkins +81 -0
- data/etc/userland/qemu/jenkins/jobs/pipeline-pwntemplate.xml +298 -0
- data/etc/userland/qemu/jenkins/jobs/pipeline-selfupdate.xml +462 -0
- data/etc/userland/qemu/jenkins/jobs/pwntemplate-DOMAIN-arachni.xml +35 -0
- data/etc/userland/qemu/jenkins/jobs/pwntemplate-DOMAIN-burpsuite.xml +44 -0
- data/etc/userland/qemu/jenkins/jobs/pwntemplate-DOMAIN-owasp_zap.xml +35 -0
- data/etc/userland/qemu/jenkins/jobs/pwntemplate-DOMAIN-ssllabs-scan.xml +45 -0
- data/etc/userland/qemu/jenkins/jobs/pwntemplate-GITREPO_BRANCH-sast.xml +71 -0
- data/etc/userland/qemu/jenkins/jobs/pwntemplate-NETWORKRANGE-nmap_discovery_scan_tcp_udp_65k.xml +56 -0
- data/etc/userland/qemu/jenkins/jobs/pwntemplate-NETWORKRANGE-nmap_xml_results_searchsploit.xml +59 -0
- data/etc/userland/qemu/jenkins/jobs/pwntemplate-NETWORKRANGE-openvas.xml +45 -0
- data/etc/userland/qemu/jenkins/jobs/selfupdate-exploit-db.xml +43 -0
- data/etc/userland/qemu/jenkins/jobs/selfupdate-gem.xml +42 -0
- data/etc/userland/qemu/jenkins/jobs/selfupdate-jenkins_plugins.xml +42 -0
- data/etc/userland/qemu/jenkins/jobs/selfupdate-metasploit.xml +42 -0
- data/etc/userland/qemu/jenkins/jobs/selfupdate-nmap_all_live_hosts.xml +42 -0
- data/etc/userland/qemu/jenkins/jobs/selfupdate-openvas_sync.xml +42 -0
- data/etc/userland/qemu/jenkins/jobs/selfupdate-openvas_wrappers.xml +42 -0
- data/etc/userland/qemu/jenkins/jobs/selfupdate-os.xml +42 -0
- data/etc/userland/qemu/jenkins/jobs/selfupdate-pwn.xml +42 -0
- data/etc/userland/qemu/jenkins/jobs/selfupdate-rvm.xml +42 -0
- data/etc/userland/qemu/jenkins/jobs/selfupdate-ssllabs-scan.xml +42 -0
- data/etc/userland/qemu/jenkins/jobs/selfupdate-wpscan.xml +42 -0
- data/etc/userland/qemu/jenkins/jobs_userland/.gitkeep +0 -0
- data/etc/userland/qemu/jenkins/log_parser_rules/arachni.rules +5 -0
- data/etc/userland/qemu/jenkins/log_parser_rules/sast.rules +2 -0
- data/etc/userland/qemu/jenkins/log_parser_rules/self_update.rules +14 -0
- data/etc/userland/qemu/jenkins/log_parser_rules/ssllabs-scan.rules +8 -0
- data/etc/userland/qemu/jenkins/log_parser_rules/system_maintenance.rules +9 -0
- data/etc/userland/qemu/jenkins/log_parser_rules/wpscan.rules +2 -0
- data/etc/userland/qemu/jenkins/vagrant.yaml.EXAMPLE +8 -0
- data/etc/userland/qemu/letsencrypt/vagrant.yaml.EXAMPLE +5 -0
- data/etc/userland/qemu/metasploit/vagrant.yaml.EXAMPLE +4 -0
- data/etc/userland/qemu/nessus/vagrant.yaml.EXAMPLE +2 -0
- data/etc/userland/qemu/openvas/vagrant.yaml.EXAMPLE +2 -0
- data/etc/userland/qemu/owasp_zap/navigation.instruct.EXAMPLE +3 -0
- data/etc/userland/qemu/postgres/vagrant.yaml.EXAMPLE +2 -0
- data/etc/userland/qemu/recon-ng/vagrant.yaml.EXAMPLE +52 -0
- data/etc/userland/ruby-gem/apache2/jenkins_443.conf +90 -0
- data/etc/userland/ruby-gem/apache2/jenkins_80.conf +7 -0
- data/etc/userland/ruby-gem/apache2/openvas_443.conf +87 -0
- data/etc/userland/ruby-gem/apache2/openvas_80.conf +7 -0
- data/etc/userland/ruby-gem/apache2/sast_443.conf +87 -0
- data/etc/userland/ruby-gem/apache2/sast_80.conf +9 -0
- data/etc/userland/ruby-gem/apache2/vagrant.yaml.EXAMPLE +9 -0
- data/etc/userland/ruby-gem/arachni/navigation-REST.instruct.EXAMPLE +29 -0
- data/etc/userland/ruby-gem/arachni/navigation.instruct.EXAMPLE +3 -0
- data/etc/userland/ruby-gem/burpsuite/navigation.instruct.EXAMPLE +3 -0
- data/etc/userland/ruby-gem/burpsuite/vagrant.yaml.EXAMPLE +2 -0
- data/etc/userland/ruby-gem/defectdojo/vagrant.yaml.EXAMPLE +3 -0
- data/etc/userland/ruby-gem/jenkins/inject_build_envs.sh +15 -0
- data/etc/userland/ruby-gem/jenkins/jenkins +81 -0
- data/etc/userland/ruby-gem/jenkins/jobs/pipeline-pwntemplate.xml +298 -0
- data/etc/userland/ruby-gem/jenkins/jobs/pipeline-selfupdate.xml +462 -0
- data/etc/userland/ruby-gem/jenkins/jobs/pwntemplate-DOMAIN-arachni.xml +35 -0
- data/etc/userland/ruby-gem/jenkins/jobs/pwntemplate-DOMAIN-burpsuite.xml +44 -0
- data/etc/userland/ruby-gem/jenkins/jobs/pwntemplate-DOMAIN-owasp_zap.xml +35 -0
- data/etc/userland/ruby-gem/jenkins/jobs/pwntemplate-DOMAIN-ssllabs-scan.xml +45 -0
- data/etc/userland/ruby-gem/jenkins/jobs/pwntemplate-GITREPO_BRANCH-sast.xml +71 -0
- data/etc/userland/ruby-gem/jenkins/jobs/pwntemplate-NETWORKRANGE-nmap_discovery_scan_tcp_udp_65k.xml +56 -0
- data/etc/userland/ruby-gem/jenkins/jobs/pwntemplate-NETWORKRANGE-nmap_xml_results_searchsploit.xml +59 -0
- data/etc/userland/ruby-gem/jenkins/jobs/pwntemplate-NETWORKRANGE-openvas.xml +45 -0
- data/etc/userland/ruby-gem/jenkins/jobs/selfupdate-exploit-db.xml +43 -0
- data/etc/userland/ruby-gem/jenkins/jobs/selfupdate-gem.xml +42 -0
- data/etc/userland/ruby-gem/jenkins/jobs/selfupdate-jenkins_plugins.xml +42 -0
- data/etc/userland/ruby-gem/jenkins/jobs/selfupdate-metasploit.xml +42 -0
- data/etc/userland/ruby-gem/jenkins/jobs/selfupdate-nmap_all_live_hosts.xml +42 -0
- data/etc/userland/ruby-gem/jenkins/jobs/selfupdate-openvas_sync.xml +42 -0
- data/etc/userland/ruby-gem/jenkins/jobs/selfupdate-openvas_wrappers.xml +42 -0
- data/etc/userland/ruby-gem/jenkins/jobs/selfupdate-os.xml +42 -0
- data/etc/userland/ruby-gem/jenkins/jobs/selfupdate-pwn.xml +42 -0
- data/etc/userland/ruby-gem/jenkins/jobs/selfupdate-rvm.xml +42 -0
- data/etc/userland/ruby-gem/jenkins/jobs/selfupdate-ssllabs-scan.xml +42 -0
- data/etc/userland/ruby-gem/jenkins/jobs/selfupdate-wpscan.xml +42 -0
- data/etc/userland/ruby-gem/jenkins/jobs_userland/.gitkeep +0 -0
- data/etc/userland/ruby-gem/jenkins/log_parser_rules/arachni.rules +5 -0
- data/etc/userland/ruby-gem/jenkins/log_parser_rules/sast.rules +2 -0
- data/etc/userland/ruby-gem/jenkins/log_parser_rules/self_update.rules +14 -0
- data/etc/userland/ruby-gem/jenkins/log_parser_rules/ssllabs-scan.rules +8 -0
- data/etc/userland/ruby-gem/jenkins/log_parser_rules/system_maintenance.rules +9 -0
- data/etc/userland/ruby-gem/jenkins/log_parser_rules/wpscan.rules +2 -0
- data/etc/userland/ruby-gem/jenkins/vagrant.yaml.EXAMPLE +8 -0
- data/etc/userland/ruby-gem/letsencrypt/vagrant.yaml.EXAMPLE +5 -0
- data/etc/userland/ruby-gem/metasploit/vagrant.yaml.EXAMPLE +4 -0
- data/etc/userland/ruby-gem/nessus/vagrant.yaml.EXAMPLE +2 -0
- data/etc/userland/ruby-gem/openvas/vagrant.yaml.EXAMPLE +2 -0
- data/etc/userland/ruby-gem/owasp_zap/navigation.instruct.EXAMPLE +3 -0
- data/etc/userland/ruby-gem/postgres/vagrant.yaml.EXAMPLE +2 -0
- data/etc/userland/ruby-gem/recon-ng/vagrant.yaml.EXAMPLE +52 -0
- data/etc/userland/virtualbox/apache2/jenkins_443.conf +90 -0
- data/etc/userland/virtualbox/apache2/jenkins_80.conf +7 -0
- data/etc/userland/virtualbox/apache2/openvas_443.conf +87 -0
- data/etc/userland/virtualbox/apache2/openvas_80.conf +7 -0
- data/etc/userland/virtualbox/apache2/sast_443.conf +87 -0
- data/etc/userland/virtualbox/apache2/sast_80.conf +9 -0
- data/etc/userland/virtualbox/apache2/vagrant.yaml.EXAMPLE +9 -0
- data/etc/userland/virtualbox/arachni/navigation-REST.instruct.EXAMPLE +29 -0
- data/etc/userland/virtualbox/arachni/navigation.instruct.EXAMPLE +3 -0
- data/etc/userland/virtualbox/burpsuite/navigation.instruct.EXAMPLE +3 -0
- data/etc/userland/virtualbox/burpsuite/vagrant.yaml.EXAMPLE +2 -0
- data/etc/userland/virtualbox/defectdojo/vagrant.yaml.EXAMPLE +3 -0
- data/etc/userland/virtualbox/jenkins/inject_build_envs.sh +15 -0
- data/etc/userland/virtualbox/jenkins/jenkins +81 -0
- data/etc/userland/virtualbox/jenkins/jobs/pipeline-pwntemplate.xml +298 -0
- data/etc/userland/virtualbox/jenkins/jobs/pipeline-selfupdate.xml +462 -0
- data/etc/userland/virtualbox/jenkins/jobs/pwntemplate-DOMAIN-arachni.xml +35 -0
- data/etc/userland/virtualbox/jenkins/jobs/pwntemplate-DOMAIN-burpsuite.xml +44 -0
- data/etc/userland/virtualbox/jenkins/jobs/pwntemplate-DOMAIN-owasp_zap.xml +35 -0
- data/etc/userland/virtualbox/jenkins/jobs/pwntemplate-DOMAIN-ssllabs-scan.xml +45 -0
- data/etc/userland/virtualbox/jenkins/jobs/pwntemplate-GITREPO_BRANCH-sast.xml +71 -0
- data/etc/userland/virtualbox/jenkins/jobs/pwntemplate-NETWORKRANGE-nmap_discovery_scan_tcp_udp_65k.xml +56 -0
- data/etc/userland/virtualbox/jenkins/jobs/pwntemplate-NETWORKRANGE-nmap_xml_results_searchsploit.xml +59 -0
- data/etc/userland/virtualbox/jenkins/jobs/pwntemplate-NETWORKRANGE-openvas.xml +45 -0
- data/etc/userland/virtualbox/jenkins/jobs/selfupdate-exploit-db.xml +43 -0
- data/etc/userland/virtualbox/jenkins/jobs/selfupdate-gem.xml +42 -0
- data/etc/userland/virtualbox/jenkins/jobs/selfupdate-jenkins_plugins.xml +42 -0
- data/etc/userland/virtualbox/jenkins/jobs/selfupdate-metasploit.xml +42 -0
- data/etc/userland/virtualbox/jenkins/jobs/selfupdate-nmap_all_live_hosts.xml +42 -0
- data/etc/userland/virtualbox/jenkins/jobs/selfupdate-openvas_sync.xml +42 -0
- data/etc/userland/virtualbox/jenkins/jobs/selfupdate-openvas_wrappers.xml +42 -0
- data/etc/userland/virtualbox/jenkins/jobs/selfupdate-os.xml +42 -0
- data/etc/userland/virtualbox/jenkins/jobs/selfupdate-pwn.xml +42 -0
- data/etc/userland/virtualbox/jenkins/jobs/selfupdate-rvm.xml +42 -0
- data/etc/userland/virtualbox/jenkins/jobs/selfupdate-ssllabs-scan.xml +42 -0
- data/etc/userland/virtualbox/jenkins/jobs/selfupdate-wpscan.xml +42 -0
- data/etc/userland/virtualbox/jenkins/jobs_userland/.gitkeep +0 -0
- data/etc/userland/virtualbox/jenkins/log_parser_rules/arachni.rules +5 -0
- data/etc/userland/virtualbox/jenkins/log_parser_rules/sast.rules +2 -0
- data/etc/userland/virtualbox/jenkins/log_parser_rules/self_update.rules +14 -0
- data/etc/userland/virtualbox/jenkins/log_parser_rules/ssllabs-scan.rules +8 -0
- data/etc/userland/virtualbox/jenkins/log_parser_rules/system_maintenance.rules +9 -0
- data/etc/userland/virtualbox/jenkins/log_parser_rules/wpscan.rules +2 -0
- data/etc/userland/virtualbox/jenkins/vagrant.yaml.EXAMPLE +8 -0
- data/etc/userland/virtualbox/letsencrypt/vagrant.yaml.EXAMPLE +5 -0
- data/etc/userland/virtualbox/metasploit/vagrant.yaml.EXAMPLE +4 -0
- data/etc/userland/virtualbox/nessus/vagrant.yaml.EXAMPLE +2 -0
- data/etc/userland/virtualbox/openvas/vagrant.yaml.EXAMPLE +2 -0
- data/etc/userland/virtualbox/owasp_zap/navigation.instruct.EXAMPLE +3 -0
- data/etc/userland/virtualbox/postgres/vagrant.yaml.EXAMPLE +2 -0
- data/etc/userland/virtualbox/recon-ng/vagrant.yaml.EXAMPLE +52 -0
- data/etc/userland/virtualbox/vagrant.yaml.EXAMPLE +4 -0
- data/etc/userland/vmware/apache2/jenkins_443.conf +90 -0
- data/etc/userland/vmware/apache2/jenkins_80.conf +7 -0
- data/etc/userland/vmware/apache2/openvas_443.conf +87 -0
- data/etc/userland/vmware/apache2/openvas_80.conf +7 -0
- data/etc/userland/vmware/apache2/sast_443.conf +87 -0
- data/etc/userland/vmware/apache2/sast_80.conf +9 -0
- data/etc/userland/vmware/apache2/vagrant.yaml.EXAMPLE +9 -0
- data/etc/userland/vmware/arachni/navigation-REST.instruct.EXAMPLE +29 -0
- data/etc/userland/vmware/arachni/navigation.instruct.EXAMPLE +3 -0
- data/etc/userland/vmware/burpsuite/navigation.instruct.EXAMPLE +3 -0
- data/etc/userland/vmware/burpsuite/vagrant.yaml.EXAMPLE +2 -0
- data/etc/userland/vmware/defectdojo/vagrant.yaml.EXAMPLE +3 -0
- data/etc/userland/vmware/jenkins/inject_build_envs.sh +15 -0
- data/etc/userland/vmware/jenkins/jenkins +81 -0
- data/etc/userland/vmware/jenkins/jobs/pipeline-pwntemplate.xml +298 -0
- data/etc/userland/vmware/jenkins/jobs/pipeline-selfupdate.xml +462 -0
- data/etc/userland/vmware/jenkins/jobs/pwntemplate-DOMAIN-arachni.xml +35 -0
- data/etc/userland/vmware/jenkins/jobs/pwntemplate-DOMAIN-burpsuite.xml +44 -0
- data/etc/userland/vmware/jenkins/jobs/pwntemplate-DOMAIN-owasp_zap.xml +35 -0
- data/etc/userland/vmware/jenkins/jobs/pwntemplate-DOMAIN-ssllabs-scan.xml +45 -0
- data/etc/userland/vmware/jenkins/jobs/pwntemplate-GITREPO_BRANCH-sast.xml +71 -0
- data/etc/userland/vmware/jenkins/jobs/pwntemplate-NETWORKRANGE-nmap_discovery_scan_tcp_udp_65k.xml +56 -0
- data/etc/userland/vmware/jenkins/jobs/pwntemplate-NETWORKRANGE-nmap_xml_results_searchsploit.xml +59 -0
- data/etc/userland/vmware/jenkins/jobs/pwntemplate-NETWORKRANGE-openvas.xml +45 -0
- data/etc/userland/vmware/jenkins/jobs/selfupdate-exploit-db.xml +43 -0
- data/etc/userland/vmware/jenkins/jobs/selfupdate-gem.xml +42 -0
- data/etc/userland/vmware/jenkins/jobs/selfupdate-jenkins_plugins.xml +42 -0
- data/etc/userland/vmware/jenkins/jobs/selfupdate-metasploit.xml +42 -0
- data/etc/userland/vmware/jenkins/jobs/selfupdate-nmap_all_live_hosts.xml +42 -0
- data/etc/userland/vmware/jenkins/jobs/selfupdate-openvas_sync.xml +42 -0
- data/etc/userland/vmware/jenkins/jobs/selfupdate-openvas_wrappers.xml +42 -0
- data/etc/userland/vmware/jenkins/jobs/selfupdate-os.xml +42 -0
- data/etc/userland/vmware/jenkins/jobs/selfupdate-pwn.xml +42 -0
- data/etc/userland/vmware/jenkins/jobs/selfupdate-rvm.xml +42 -0
- data/etc/userland/vmware/jenkins/jobs/selfupdate-ssllabs-scan.xml +42 -0
- data/etc/userland/vmware/jenkins/jobs/selfupdate-wpscan.xml +42 -0
- data/etc/userland/vmware/jenkins/jobs_userland/.gitkeep +0 -0
- data/etc/userland/vmware/jenkins/log_parser_rules/arachni.rules +5 -0
- data/etc/userland/vmware/jenkins/log_parser_rules/sast.rules +2 -0
- data/etc/userland/vmware/jenkins/log_parser_rules/self_update.rules +14 -0
- data/etc/userland/vmware/jenkins/log_parser_rules/ssllabs-scan.rules +8 -0
- data/etc/userland/vmware/jenkins/log_parser_rules/system_maintenance.rules +9 -0
- data/etc/userland/vmware/jenkins/log_parser_rules/wpscan.rules +2 -0
- data/etc/userland/vmware/jenkins/vagrant.yaml.EXAMPLE +8 -0
- data/etc/userland/vmware/letsencrypt/vagrant.yaml.EXAMPLE +5 -0
- data/etc/userland/vmware/metasploit/vagrant.yaml.EXAMPLE +4 -0
- data/etc/userland/vmware/nessus/vagrant.yaml.EXAMPLE +2 -0
- data/etc/userland/vmware/openvas/vagrant.yaml.EXAMPLE +2 -0
- data/etc/userland/vmware/owasp_zap/navigation.instruct.EXAMPLE +3 -0
- data/etc/userland/vmware/postgres/vagrant.yaml.EXAMPLE +2 -0
- data/etc/userland/vmware/recon-ng/vagrant.yaml.EXAMPLE +52 -0
- data/etc/userland/vmware/vagrant.yaml.EXAMPLE +5 -0
- data/find_latest_gem_versions_per_Gemfile.sh +11 -0
- data/git_commit_test_reinit_gem.sh +22 -0
- data/install.sh +180 -0
- data/lib/pwn/aws/acm.rb +92 -0
- data/lib/pwn/aws/api_gateway.rb +92 -0
- data/lib/pwn/aws/app_stream.rb +92 -0
- data/lib/pwn/aws/application_auto_scaling.rb +92 -0
- data/lib/pwn/aws/application_discovery_service.rb +92 -0
- data/lib/pwn/aws/auto_scaling.rb +92 -0
- data/lib/pwn/aws/batch.rb +92 -0
- data/lib/pwn/aws/budgets.rb +92 -0
- data/lib/pwn/aws/cloud_formation.rb +92 -0
- data/lib/pwn/aws/cloud_front.rb +92 -0
- data/lib/pwn/aws/cloud_hsm.rb +92 -0
- data/lib/pwn/aws/cloud_search.rb +92 -0
- data/lib/pwn/aws/cloud_search_domain.rb +92 -0
- data/lib/pwn/aws/cloud_trail.rb +92 -0
- data/lib/pwn/aws/cloud_watch.rb +92 -0
- data/lib/pwn/aws/cloud_watch_events.rb +92 -0
- data/lib/pwn/aws/cloud_watch_logs.rb +92 -0
- data/lib/pwn/aws/code_build.rb +92 -0
- data/lib/pwn/aws/code_commit.rb +92 -0
- data/lib/pwn/aws/code_deploy.rb +92 -0
- data/lib/pwn/aws/code_pipeline.rb +92 -0
- data/lib/pwn/aws/cognito_identity.rb +92 -0
- data/lib/pwn/aws/cognito_identity_provider.rb +92 -0
- data/lib/pwn/aws/cognito_sync.rb +92 -0
- data/lib/pwn/aws/config_service.rb +92 -0
- data/lib/pwn/aws/data_pipleline.rb +92 -0
- data/lib/pwn/aws/database_migration_service.rb +92 -0
- data/lib/pwn/aws/device_farm.rb +92 -0
- data/lib/pwn/aws/direct_connect.rb +92 -0
- data/lib/pwn/aws/directory_service.rb +92 -0
- data/lib/pwn/aws/dynamo_db.rb +92 -0
- data/lib/pwn/aws/dynamo_db_streams.rb +92 -0
- data/lib/pwn/aws/ec2.rb +92 -0
- data/lib/pwn/aws/ecr.rb +92 -0
- data/lib/pwn/aws/ecs.rb +92 -0
- data/lib/pwn/aws/efs.rb +92 -0
- data/lib/pwn/aws/elasti_cache.rb +92 -0
- data/lib/pwn/aws/elastic_beanstalk.rb +89 -0
- data/lib/pwn/aws/elastic_load_balancing.rb +92 -0
- data/lib/pwn/aws/elastic_load_balancing_v2.rb +92 -0
- data/lib/pwn/aws/elastic_transcoder.rb +92 -0
- data/lib/pwn/aws/elasticsearch_service.rb +92 -0
- data/lib/pwn/aws/emr.rb +92 -0
- data/lib/pwn/aws/firehose.rb +92 -0
- data/lib/pwn/aws/game_lift.rb +92 -0
- data/lib/pwn/aws/glacier.rb +92 -0
- data/lib/pwn/aws/health.rb +92 -0
- data/lib/pwn/aws/iam.rb +92 -0
- data/lib/pwn/aws/import_export.rb +92 -0
- data/lib/pwn/aws/inspector.rb +92 -0
- data/lib/pwn/aws/iot.rb +92 -0
- data/lib/pwn/aws/iot_data_plane.rb +92 -0
- data/lib/pwn/aws/kinesis.rb +92 -0
- data/lib/pwn/aws/kinesis_analytics.rb +92 -0
- data/lib/pwn/aws/kms.rb +92 -0
- data/lib/pwn/aws/lambda.rb +92 -0
- data/lib/pwn/aws/lambda_preview.rb +92 -0
- data/lib/pwn/aws/lex.rb +92 -0
- data/lib/pwn/aws/lightsail.rb +92 -0
- data/lib/pwn/aws/machine_learning.rb +92 -0
- data/lib/pwn/aws/marketplace_commerce_analytics.rb +92 -0
- data/lib/pwn/aws/marketplace_metering.rb +92 -0
- data/lib/pwn/aws/ops_works.rb +92 -0
- data/lib/pwn/aws/ops_works_cm.rb +92 -0
- data/lib/pwn/aws/pinpoint.rb +92 -0
- data/lib/pwn/aws/polly.rb +92 -0
- data/lib/pwn/aws/rds.rb +92 -0
- data/lib/pwn/aws/redshift.rb +92 -0
- data/lib/pwn/aws/rekognition.rb +92 -0
- data/lib/pwn/aws/route53.rb +92 -0
- data/lib/pwn/aws/route53_domains.rb +92 -0
- data/lib/pwn/aws/s3.rb +92 -0
- data/lib/pwn/aws/service_catalog.rb +92 -0
- data/lib/pwn/aws/ses.rb +92 -0
- data/lib/pwn/aws/shield.rb +92 -0
- data/lib/pwn/aws/simple_db.rb +92 -0
- data/lib/pwn/aws/sms.rb +92 -0
- data/lib/pwn/aws/snowball.rb +92 -0
- data/lib/pwn/aws/sns.rb +92 -0
- data/lib/pwn/aws/sqs.rb +92 -0
- data/lib/pwn/aws/ssm.rb +92 -0
- data/lib/pwn/aws/states.rb +92 -0
- data/lib/pwn/aws/storage_gateway.rb +92 -0
- data/lib/pwn/aws/sts.rb +63 -0
- data/lib/pwn/aws/support.rb +92 -0
- data/lib/pwn/aws/swf.rb +92 -0
- data/lib/pwn/aws/waf.rb +92 -0
- data/lib/pwn/aws/waf_regional.rb +92 -0
- data/lib/pwn/aws/workspaces.rb +92 -0
- data/lib/pwn/aws/x_ray.rb +92 -0
- data/lib/pwn/aws.rb +105 -0
- data/lib/pwn/ffi.rb +16 -0
- data/lib/pwn/plugins/android.rb +1616 -0
- data/lib/pwn/plugins/ansible_vault.rb +75 -0
- data/lib/pwn/plugins/authentication_helper.rb +79 -0
- data/lib/pwn/plugins/basic_auth.rb +63 -0
- data/lib/pwn/plugins/beef.rb +309 -0
- data/lib/pwn/plugins/burp_suite.rb +340 -0
- data/lib/pwn/plugins/bus_pirate.rb +150 -0
- data/lib/pwn/plugins/char.rb +459 -0
- data/lib/pwn/plugins/credit_card.rb +53 -0
- data/lib/pwn/plugins/dao_ldap.rb +131 -0
- data/lib/pwn/plugins/dao_mongo.rb +96 -0
- data/lib/pwn/plugins/dao_postgres.rb +224 -0
- data/lib/pwn/plugins/dao_sqlite3.rb +125 -0
- data/lib/pwn/plugins/defect_dojo.rb +759 -0
- data/lib/pwn/plugins/detect_os.rb +40 -0
- data/lib/pwn/plugins/ein.rb +141 -0
- data/lib/pwn/plugins/file_fu.rb +73 -0
- data/lib/pwn/plugins/fuzz.rb +206 -0
- data/lib/pwn/plugins/git.rb +166 -0
- data/lib/pwn/plugins/hacker_one.rb +152 -0
- data/lib/pwn/plugins/http_intercept_helper.rb +122 -0
- data/lib/pwn/plugins/ibm_appscan.rb +927 -0
- data/lib/pwn/plugins/ip_info.rb +100 -0
- data/lib/pwn/plugins/jenkins.rb +545 -0
- data/lib/pwn/plugins/json_pathify.rb +46 -0
- data/lib/pwn/plugins/mail_agent.rb +344 -0
- data/lib/pwn/plugins/metasploit.rb +151 -0
- data/lib/pwn/plugins/nessus_cloud.rb +325 -0
- data/lib/pwn/plugins/nexpose_vuln_scan.rb +356 -0
- data/lib/pwn/plugins/nmap_it.rb +99 -0
- data/lib/pwn/plugins/oauth2.rb +67 -0
- data/lib/pwn/plugins/ocr.rb +43 -0
- data/lib/pwn/plugins/openvas.rb +308 -0
- data/lib/pwn/plugins/owasp_zap.rb +550 -0
- data/lib/pwn/plugins/packet.rb +1271 -0
- data/lib/pwn/plugins/pdf_parse.rb +53 -0
- data/lib/pwn/plugins/pony.rb +282 -0
- data/lib/pwn/plugins/pwn_logger.rb +46 -0
- data/lib/pwn/plugins/rabbit_mq_hole.rb +66 -0
- data/lib/pwn/plugins/rfidler.rb +58 -0
- data/lib/pwn/plugins/serial.rb +268 -0
- data/lib/pwn/plugins/shodan.rb +566 -0
- data/lib/pwn/plugins/slack_client.rb +104 -0
- data/lib/pwn/plugins/sock.rb +156 -0
- data/lib/pwn/plugins/son_micro_rfid.rb +432 -0
- data/lib/pwn/plugins/spider.rb +80 -0
- data/lib/pwn/plugins/ssn.rb +52 -0
- data/lib/pwn/plugins/thread_pool.rb +71 -0
- data/lib/pwn/plugins/transparent_browser.rb +337 -0
- data/lib/pwn/plugins/twitter_api.rb +148 -0
- data/lib/pwn/plugins/uri_scheme.rb +328 -0
- data/lib/pwn/plugins/vsphere.rb +82 -0
- data/lib/pwn/plugins.rb +66 -0
- data/lib/pwn/reports/fuzz.rb +270 -0
- data/lib/pwn/reports/sast.rb +306 -0
- data/lib/pwn/reports.rb +21 -0
- data/lib/pwn/sast/amqp_connect_as_guest.rb +140 -0
- data/lib/pwn/sast/apache_file_system_util_api.rb +137 -0
- data/lib/pwn/sast/aws.rb +142 -0
- data/lib/pwn/sast/banned_function_calls_c.rb +265 -0
- data/lib/pwn/sast/base64.rb +143 -0
- data/lib/pwn/sast/beef_hook.rb +137 -0
- data/lib/pwn/sast/cmd_execution_java.rb +142 -0
- data/lib/pwn/sast/cmd_execution_python.rb +144 -0
- data/lib/pwn/sast/cmd_execution_ruby.rb +152 -0
- data/lib/pwn/sast/cmd_execution_scala.rb +142 -0
- data/lib/pwn/sast/csrf.rb +136 -0
- data/lib/pwn/sast/deserial_java.rb +135 -0
- data/lib/pwn/sast/emoticon.rb +145 -0
- data/lib/pwn/sast/eval.rb +140 -0
- data/lib/pwn/sast/factory.rb +135 -0
- data/lib/pwn/sast/file_permission.rb +142 -0
- data/lib/pwn/sast/inner_html.rb +140 -0
- data/lib/pwn/sast/keystore.rb +137 -0
- data/lib/pwn/sast/location_hash.rb +140 -0
- data/lib/pwn/sast/log4j.rb +140 -0
- data/lib/pwn/sast/logger.rb +155 -0
- data/lib/pwn/sast/outer_html.rb +140 -0
- data/lib/pwn/sast/password.rb +140 -0
- data/lib/pwn/sast/pom_version.rb +144 -0
- data/lib/pwn/sast/port.rb +147 -0
- data/lib/pwn/sast/private_key.rb +140 -0
- data/lib/pwn/sast/redirect.rb +142 -0
- data/lib/pwn/sast/redos.rb +147 -0
- data/lib/pwn/sast/shell.rb +148 -0
- data/lib/pwn/sast/sql.rb +144 -0
- data/lib/pwn/sast/ssl.rb +137 -0
- data/lib/pwn/sast/sudo.rb +140 -0
- data/lib/pwn/sast/task_tag.rb +154 -0
- data/lib/pwn/sast/throw_errors.rb +139 -0
- data/lib/pwn/sast/token.rb +137 -0
- data/lib/pwn/sast/version.rb +137 -0
- data/lib/pwn/sast/window_location_hash.rb +139 -0
- data/lib/pwn/sast.rb +53 -0
- data/lib/pwn/version.rb +5 -0
- data/lib/pwn/www/app_cobalt_io.rb +168 -0
- data/lib/pwn/www/bing.rb +119 -0
- data/lib/pwn/www/bug_crowd.rb +165 -0
- data/lib/pwn/www/checkip.rb +101 -0
- data/lib/pwn/www/duckduckgo.rb +141 -0
- data/lib/pwn/www/facebook.rb +153 -0
- data/lib/pwn/www/google.rb +145 -0
- data/lib/pwn/www/hacker_one.rb +153 -0
- data/lib/pwn/www/linkedin.rb +153 -0
- data/lib/pwn/www/pandora.rb +153 -0
- data/lib/pwn/www/pastebin.rb +114 -0
- data/lib/pwn/www/paypal.rb +235 -0
- data/lib/pwn/www/synack.rb +165 -0
- data/lib/pwn/www/torch.rb +138 -0
- data/lib/pwn/www/twitter.rb +165 -0
- data/lib/pwn/www/uber.rb +153 -0
- data/lib/pwn/www/upwork.rb +153 -0
- data/lib/pwn/www/youtube.rb +119 -0
- data/lib/pwn/www.rb +33 -0
- data/lib/pwn.rb +24 -0
- data/packer/daemons/msfrpcd.rb +64 -0
- data/packer/daemons/openvas.rb +51 -0
- data/packer/deploy_docker_containers.sh +9 -0
- data/packer/deploy_packer_box.sh +87 -0
- data/packer/docker/kali_rolling_docker_pwn_fuzz_net_app_proto.json +44 -0
- data/packer/docker/kali_rolling_docker_pwn_prototyper.json +48 -0
- data/packer/docker/kali_rolling_docker_pwn_sast.json +44 -0
- data/packer/docker/kali_rolling_docker_pwn_transparent_browser.json +46 -0
- data/packer/docker/kali_rolling_docker_pwn_www_checkip.json +34 -0
- data/packer/http/kali_rolling_preseed.cfg +81 -0
- data/packer/kali_rolling_aws_ami.json +135 -0
- data/packer/kali_rolling_qemu_kvm.json +155 -0
- data/packer/kali_rolling_virtualbox.json +182 -0
- data/packer/kali_rolling_vmware.json +163 -0
- data/packer/packer_secrets.json.EXAMPLE +9 -0
- data/packer/provisioners/PayloadsAllTheThings.sh +5 -0
- data/packer/provisioners/SecLists.sh +5 -0
- data/packer/provisioners/afl.sh +28 -0
- data/packer/provisioners/aliases.rb +18 -0
- data/packer/provisioners/amass.sh +5 -0
- data/packer/provisioners/android.sh +18 -0
- data/packer/provisioners/ansible.sh +5 -0
- data/packer/provisioners/apache2.sh +24 -0
- data/packer/provisioners/arachni.sh +28 -0
- data/packer/provisioners/awscli.sh +5 -0
- data/packer/provisioners/bashrc.sh +13 -0
- data/packer/provisioners/beef.rb +23 -0
- data/packer/provisioners/burpsuite.sh +23 -0
- data/packer/provisioners/chrome.sh +11 -0
- data/packer/provisioners/coreutils.sh +6 -0
- data/packer/provisioners/curl.sh +6 -0
- data/packer/provisioners/docker.sh +43 -0
- data/packer/provisioners/docker_bashrc.sh +2 -0
- data/packer/provisioners/docker_rvm.sh +22 -0
- data/packer/provisioners/eyewitness.sh +5 -0
- data/packer/provisioners/ffmpeg.sh +6 -0
- data/packer/provisioners/firefox.sh +7 -0
- data/packer/provisioners/fuzzdb.sh +5 -0
- data/packer/provisioners/gdb.sh +5 -0
- data/packer/provisioners/geckodriver.sh +9 -0
- data/packer/provisioners/ghidra.sh +5 -0
- data/packer/provisioners/git.sh +6 -0
- data/packer/provisioners/init_image.sh +103 -0
- data/packer/provisioners/install_vagrant_ssh_key.sh +15 -0
- data/packer/provisioners/jenkins.sh +62 -0
- data/packer/provisioners/metasploit.rb +59 -0
- data/packer/provisioners/nmap_all_live_hosts.sh +8 -0
- data/packer/provisioners/openvas.sh +23 -0
- data/packer/provisioners/openvas_wrappers.sh +4 -0
- data/packer/provisioners/openvpn.sh +7 -0
- data/packer/provisioners/peda.sh +4 -0
- data/packer/provisioners/phantomjs.rb +28 -0
- data/packer/provisioners/phantomjs_wrapper.sh +22 -0
- data/packer/provisioners/post_install.sh +41 -0
- data/packer/provisioners/postgresql.sh +49 -0
- data/packer/provisioners/preeny.sh +8 -0
- data/packer/provisioners/pwn.sh +89 -0
- data/packer/provisioners/pwntools.sh +13 -0
- data/packer/provisioners/radamsa.sh +7 -0
- data/packer/provisioners/rc.local.sh +16 -0
- data/packer/provisioners/reboot_os.sh +7 -0
- data/packer/provisioners/ruby.sh +36 -0
- data/packer/provisioners/rvm.sh +30 -0
- data/packer/provisioners/scapy.sh +5 -0
- data/packer/provisioners/scout2.sh +5 -0
- data/packer/provisioners/sox.sh +5 -0
- data/packer/provisioners/ssllabs-scan.sh +9 -0
- data/packer/provisioners/strace.sh +5 -0
- data/packer/provisioners/sublist3r.sh +5 -0
- data/packer/provisioners/terminator.sh +5 -0
- data/packer/provisioners/toggle_tor.sh +2 -0
- data/packer/provisioners/tor.sh +5 -0
- data/packer/provisioners/twinkle.sh +6 -0
- data/packer/provisioners/update_os.sh +108 -0
- data/packer/provisioners/upload_globals.sh +55 -0
- data/packer/provisioners/vim.sh +19 -0
- data/packer/provisioners/virtualbox_guest_additions.sh +20 -0
- data/packer/provisioners/vmware_tools.sh +8 -0
- data/packer/provisioners/wpscan.rb +23 -0
- data/packer/provisioners/xrdp.sh +22 -0
- data/packer/provisioners/zzuf.sh +5 -0
- data/pwn.gemspec +34 -0
- data/reinstall_pwn_gemset.sh +31 -0
- data/spec/lib/pwn/aws/acm_spec.rb +15 -0
- data/spec/lib/pwn/aws/api_gateway_spec.rb +15 -0
- data/spec/lib/pwn/aws/app_stream_spec.rb +15 -0
- data/spec/lib/pwn/aws/application_auto_scaling_spec.rb +15 -0
- data/spec/lib/pwn/aws/application_discovery_service_spec.rb +15 -0
- data/spec/lib/pwn/aws/auto_scaling_spec.rb +15 -0
- data/spec/lib/pwn/aws/batch_spec.rb +15 -0
- data/spec/lib/pwn/aws/budgets_spec.rb +15 -0
- data/spec/lib/pwn/aws/cloud_formation_spec.rb +15 -0
- data/spec/lib/pwn/aws/cloud_front_spec.rb +15 -0
- data/spec/lib/pwn/aws/cloud_hsm_spec.rb +15 -0
- data/spec/lib/pwn/aws/cloud_search_domain_spec.rb +15 -0
- data/spec/lib/pwn/aws/cloud_search_spec.rb +15 -0
- data/spec/lib/pwn/aws/cloud_trail_spec.rb +15 -0
- data/spec/lib/pwn/aws/cloud_watch_events_spec.rb +15 -0
- data/spec/lib/pwn/aws/cloud_watch_logs_spec.rb +15 -0
- data/spec/lib/pwn/aws/cloud_watch_spec.rb +15 -0
- data/spec/lib/pwn/aws/code_build_spec.rb +15 -0
- data/spec/lib/pwn/aws/code_commit_spec.rb +15 -0
- data/spec/lib/pwn/aws/code_deploy_spec.rb +15 -0
- data/spec/lib/pwn/aws/code_pipeline_spec.rb +15 -0
- data/spec/lib/pwn/aws/cognito_identity_provider_spec.rb +15 -0
- data/spec/lib/pwn/aws/cognito_identity_spec.rb +15 -0
- data/spec/lib/pwn/aws/cognito_sync_spec.rb +15 -0
- data/spec/lib/pwn/aws/config_service_spec.rb +15 -0
- data/spec/lib/pwn/aws/data_pipleline_spec.rb +15 -0
- data/spec/lib/pwn/aws/database_migration_service_spec.rb +15 -0
- data/spec/lib/pwn/aws/device_farm_spec.rb +15 -0
- data/spec/lib/pwn/aws/direct_connect_spec.rb +15 -0
- data/spec/lib/pwn/aws/directory_service_spec.rb +15 -0
- data/spec/lib/pwn/aws/dynamo_db_spec.rb +15 -0
- data/spec/lib/pwn/aws/dynamo_db_streams_spec.rb +15 -0
- data/spec/lib/pwn/aws/ec2_spec.rb +15 -0
- data/spec/lib/pwn/aws/ecr_spec.rb +15 -0
- data/spec/lib/pwn/aws/ecs_spec.rb +15 -0
- data/spec/lib/pwn/aws/efs_spec.rb +15 -0
- data/spec/lib/pwn/aws/elasti_cache_spec.rb +15 -0
- data/spec/lib/pwn/aws/elastic_beanstalk_spec.rb +15 -0
- data/spec/lib/pwn/aws/elastic_load_balancing_spec.rb +15 -0
- data/spec/lib/pwn/aws/elastic_load_balancing_v2_spec.rb +15 -0
- data/spec/lib/pwn/aws/elastic_transcoder_spec.rb +15 -0
- data/spec/lib/pwn/aws/elasticsearch_service_spec.rb +15 -0
- data/spec/lib/pwn/aws/emr_spec.rb +15 -0
- data/spec/lib/pwn/aws/firehose_spec.rb +15 -0
- data/spec/lib/pwn/aws/game_lift_spec.rb +15 -0
- data/spec/lib/pwn/aws/glacier_spec.rb +15 -0
- data/spec/lib/pwn/aws/health_spec.rb +15 -0
- data/spec/lib/pwn/aws/iam_spec.rb +15 -0
- data/spec/lib/pwn/aws/import_export_spec.rb +15 -0
- data/spec/lib/pwn/aws/inspector_spec.rb +15 -0
- data/spec/lib/pwn/aws/iot_data_plane_spec.rb +15 -0
- data/spec/lib/pwn/aws/iot_spec.rb +15 -0
- data/spec/lib/pwn/aws/kinesis_analytics_spec.rb +15 -0
- data/spec/lib/pwn/aws/kinesis_spec.rb +15 -0
- data/spec/lib/pwn/aws/kms_spec.rb +15 -0
- data/spec/lib/pwn/aws/lambda_preview_spec.rb +15 -0
- data/spec/lib/pwn/aws/lambda_spec.rb +15 -0
- data/spec/lib/pwn/aws/lex_spec.rb +15 -0
- data/spec/lib/pwn/aws/lightsail_spec.rb +15 -0
- data/spec/lib/pwn/aws/machine_learning_spec.rb +15 -0
- data/spec/lib/pwn/aws/marketplace_commerce_analytics_spec.rb +15 -0
- data/spec/lib/pwn/aws/marketplace_metering_spec.rb +15 -0
- data/spec/lib/pwn/aws/ops_works_cm_spec.rb +15 -0
- data/spec/lib/pwn/aws/ops_works_spec.rb +15 -0
- data/spec/lib/pwn/aws/pinpoint_spec.rb +15 -0
- data/spec/lib/pwn/aws/polly_spec.rb +15 -0
- data/spec/lib/pwn/aws/rds_spec.rb +15 -0
- data/spec/lib/pwn/aws/redshift_spec.rb +15 -0
- data/spec/lib/pwn/aws/rekognition_spec.rb +15 -0
- data/spec/lib/pwn/aws/route53_domains_spec.rb +15 -0
- data/spec/lib/pwn/aws/route53_spec.rb +15 -0
- data/spec/lib/pwn/aws/s3_spec.rb +15 -0
- data/spec/lib/pwn/aws/service_catalog_spec.rb +15 -0
- data/spec/lib/pwn/aws/ses_spec.rb +15 -0
- data/spec/lib/pwn/aws/shield_spec.rb +15 -0
- data/spec/lib/pwn/aws/simple_db_spec.rb +15 -0
- data/spec/lib/pwn/aws/sms_spec.rb +15 -0
- data/spec/lib/pwn/aws/snowball_spec.rb +15 -0
- data/spec/lib/pwn/aws/sns_spec.rb +15 -0
- data/spec/lib/pwn/aws/sqs_spec.rb +15 -0
- data/spec/lib/pwn/aws/ssm_spec.rb +15 -0
- data/spec/lib/pwn/aws/states_spec.rb +15 -0
- data/spec/lib/pwn/aws/storage_gateway_spec.rb +15 -0
- data/spec/lib/pwn/aws/sts_spec.rb +15 -0
- data/spec/lib/pwn/aws/support_spec.rb +15 -0
- data/spec/lib/pwn/aws/swf_spec.rb +15 -0
- data/spec/lib/pwn/aws/waf_regional_spec.rb +15 -0
- data/spec/lib/pwn/aws/waf_spec.rb +15 -0
- data/spec/lib/pwn/aws/workspaces_spec.rb +15 -0
- data/spec/lib/pwn/aws/x_ray_spec.rb +15 -0
- data/spec/lib/pwn/aws_spec.rb +10 -0
- data/spec/lib/pwn/ffi_spec.rb +10 -0
- data/spec/lib/pwn/plugins/android_spec.rb +15 -0
- data/spec/lib/pwn/plugins/authentication_helper_spec.rb +15 -0
- data/spec/lib/pwn/plugins/basic_auth_spec.rb +15 -0
- data/spec/lib/pwn/plugins/beef_spec.rb +15 -0
- data/spec/lib/pwn/plugins/burp_suite_spec.rb +15 -0
- data/spec/lib/pwn/plugins/bus_pirate_spec.rb +15 -0
- data/spec/lib/pwn/plugins/char_spec.rb +15 -0
- data/spec/lib/pwn/plugins/credit_card_spec.rb +15 -0
- data/spec/lib/pwn/plugins/dao_ldap_spec.rb +15 -0
- data/spec/lib/pwn/plugins/dao_mongo_spec.rb +15 -0
- data/spec/lib/pwn/plugins/dao_postgres_spec.rb +15 -0
- data/spec/lib/pwn/plugins/dao_sqlite3_spec.rb +15 -0
- data/spec/lib/pwn/plugins/defect_dojo_spec.rb +15 -0
- data/spec/lib/pwn/plugins/detect_os_spec.rb +15 -0
- data/spec/lib/pwn/plugins/ein_spec.rb +15 -0
- data/spec/lib/pwn/plugins/file_fu_spec.rb +15 -0
- data/spec/lib/pwn/plugins/fuzz_spec.rb +15 -0
- data/spec/lib/pwn/plugins/git_spec.rb +15 -0
- data/spec/lib/pwn/plugins/hacker_one_spec.rb +15 -0
- data/spec/lib/pwn/plugins/ibm_appscan_spec.rb +15 -0
- data/spec/lib/pwn/plugins/ip_info_spec.rb +15 -0
- data/spec/lib/pwn/plugins/jenkins_spec.rb +15 -0
- data/spec/lib/pwn/plugins/json_pathify_spec.rb +15 -0
- data/spec/lib/pwn/plugins/mail_agent_spec.rb +15 -0
- data/spec/lib/pwn/plugins/metasploit_spec.rb +15 -0
- data/spec/lib/pwn/plugins/nessus_cloud_spec.rb +15 -0
- data/spec/lib/pwn/plugins/nexpose_vuln_scan_spec.rb +15 -0
- data/spec/lib/pwn/plugins/nmap_it_spec.rb +15 -0
- data/spec/lib/pwn/plugins/oauth2_spec.rb +15 -0
- data/spec/lib/pwn/plugins/ocr_spec.rb +15 -0
- data/spec/lib/pwn/plugins/openvas_spec.rb +15 -0
- data/spec/lib/pwn/plugins/owasp_zap_spec.rb +15 -0
- data/spec/lib/pwn/plugins/packet_spec.rb +15 -0
- data/spec/lib/pwn/plugins/pdf_parse_spec.rb +15 -0
- data/spec/lib/pwn/plugins/pony_spec.rb +15 -0
- data/spec/lib/pwn/plugins/rabbit_mq_hole_spec.rb +15 -0
- data/spec/lib/pwn/plugins/rfidler_spec.rb +15 -0
- data/spec/lib/pwn/plugins/serial_spec.rb +15 -0
- data/spec/lib/pwn/plugins/shodan_spec.rb +15 -0
- data/spec/lib/pwn/plugins/slack_client_spec.rb +15 -0
- data/spec/lib/pwn/plugins/sock_spec.rb +15 -0
- data/spec/lib/pwn/plugins/son_micro_rfid_spec.rb +15 -0
- data/spec/lib/pwn/plugins/spider_spec.rb +15 -0
- data/spec/lib/pwn/plugins/ssn_spec.rb +15 -0
- data/spec/lib/pwn/plugins/thread_pool_spec.rb +15 -0
- data/spec/lib/pwn/plugins/transparent_browser_spec.rb +15 -0
- data/spec/lib/pwn/plugins/twitter_api_spec.rb +15 -0
- data/spec/lib/pwn/plugins/uri_scheme_spec.rb +15 -0
- data/spec/lib/pwn/plugins/vsphere_spec.rb +15 -0
- data/spec/lib/pwn/plugins_spec.rb +10 -0
- data/spec/lib/pwn/reports/fuzz_spec.rb +15 -0
- data/spec/lib/pwn/reports/sast_spec.rb +15 -0
- data/spec/lib/pwn/reports_spec.rb +10 -0
- data/spec/lib/pwn/sast/amqp_connect_as_guest_spec.rb +25 -0
- data/spec/lib/pwn/sast/apache_file_system_util_api_spec.rb +25 -0
- data/spec/lib/pwn/sast/aws_spec.rb +25 -0
- data/spec/lib/pwn/sast/banned_function_calls_c_spec.rb +25 -0
- data/spec/lib/pwn/sast/base64_spec.rb +25 -0
- data/spec/lib/pwn/sast/beef_hook_spec.rb +25 -0
- data/spec/lib/pwn/sast/cmd_execution_java_spec.rb +25 -0
- data/spec/lib/pwn/sast/cmd_execution_python_spec.rb +25 -0
- data/spec/lib/pwn/sast/cmd_execution_ruby_spec.rb +25 -0
- data/spec/lib/pwn/sast/cmd_execution_scala_spec.rb +25 -0
- data/spec/lib/pwn/sast/csrf_spec.rb +25 -0
- data/spec/lib/pwn/sast/deserial_java_spec.rb +25 -0
- data/spec/lib/pwn/sast/emoticon_spec.rb +25 -0
- data/spec/lib/pwn/sast/eval_spec.rb +25 -0
- data/spec/lib/pwn/sast/factory_spec.rb +25 -0
- data/spec/lib/pwn/sast/file_permission_spec.rb +25 -0
- data/spec/lib/pwn/sast/inner_html_spec.rb +25 -0
- data/spec/lib/pwn/sast/keystore_spec.rb +25 -0
- data/spec/lib/pwn/sast/location_hash_spec.rb +25 -0
- data/spec/lib/pwn/sast/log4j_spec.rb +25 -0
- data/spec/lib/pwn/sast/logger_spec.rb +25 -0
- data/spec/lib/pwn/sast/password_spec.rb +25 -0
- data/spec/lib/pwn/sast/pom_version_spec.rb +25 -0
- data/spec/lib/pwn/sast/port_spec.rb +25 -0
- data/spec/lib/pwn/sast/private_key_spec.rb +25 -0
- data/spec/lib/pwn/sast/redirect_spec.rb +25 -0
- data/spec/lib/pwn/sast/redos_spec.rb +25 -0
- data/spec/lib/pwn/sast/shell_spec.rb +25 -0
- data/spec/lib/pwn/sast/sql_spec.rb +25 -0
- data/spec/lib/pwn/sast/ssl_spec.rb +25 -0
- data/spec/lib/pwn/sast/sudo_spec.rb +25 -0
- data/spec/lib/pwn/sast/task_tag_spec.rb +25 -0
- data/spec/lib/pwn/sast/throw_errors_spec.rb +25 -0
- data/spec/lib/pwn/sast/token_spec.rb +25 -0
- data/spec/lib/pwn/sast/version_spec.rb +25 -0
- data/spec/lib/pwn/sast/window_location_hash_spec.rb +25 -0
- data/spec/lib/pwn/sast_spec.rb +10 -0
- data/spec/lib/pwn/www/app_cobalt_io_spec.rb +15 -0
- data/spec/lib/pwn/www/bing_spec.rb +15 -0
- data/spec/lib/pwn/www/bug_crowd.rb +15 -0
- data/spec/lib/pwn/www/checkip_spec.rb +15 -0
- data/spec/lib/pwn/www/duckduckgo_spec.rb +15 -0
- data/spec/lib/pwn/www/facebook_spec.rb +15 -0
- data/spec/lib/pwn/www/google_spec.rb +15 -0
- data/spec/lib/pwn/www/hacker_one_spec.rb +15 -0
- data/spec/lib/pwn/www/linkedin_spec.rb +15 -0
- data/spec/lib/pwn/www/pandora_spec.rb +15 -0
- data/spec/lib/pwn/www/pastebin_spec.rb +15 -0
- data/spec/lib/pwn/www/paypal_spec.rb +15 -0
- data/spec/lib/pwn/www/synack_spec.rb +15 -0
- data/spec/lib/pwn/www/torch_spec.rb +15 -0
- data/spec/lib/pwn/www/twitter_spec.rb +15 -0
- data/spec/lib/pwn/www/uber_spec.rb +15 -0
- data/spec/lib/pwn/www/upwork_spec.rb +15 -0
- data/spec/lib/pwn/www/youtube_spec.rb +15 -0
- data/spec/lib/pwn/www_spec.rb +10 -0
- data/spec/lib/pwn_spec.rb +10 -0
- data/spec/spec_helper.rb +3 -0
- data/third_party/.gitkeep +0 -0
- data/update_pwn.sh +15 -0
- data/upgrade_ruby.sh +46 -0
- data/vagrant/provisioners/apache2.sh +76 -0
- data/vagrant/provisioners/beef.rb +30 -0
- data/vagrant/provisioners/burpsuite_pro.rb +37 -0
- data/vagrant/provisioners/exploit-db.sh +2 -0
- data/vagrant/provisioners/gem.sh +4 -0
- data/vagrant/provisioners/init_env.sh +22 -0
- data/vagrant/provisioners/jenkins.sh +87 -0
- data/vagrant/provisioners/jenkins_ssh-keygen.rb +86 -0
- data/vagrant/provisioners/kali_customize.rb +130 -0
- data/vagrant/provisioners/letsencrypt.rb +35 -0
- data/vagrant/provisioners/metasploit.rb +25 -0
- data/vagrant/provisioners/nmap_all_live_hosts.sh +2 -0
- data/vagrant/provisioners/openvas.sh +23 -0
- data/vagrant/provisioners/openvas_wrappers.sh +2 -0
- data/vagrant/provisioners/post_install.sh +14 -0
- data/vagrant/provisioners/postgres.sh +22 -0
- data/vagrant/provisioners/pwn.sh +15 -0
- data/vagrant/provisioners/rvm.sh +18 -0
- data/vagrant/provisioners/ssllabs-scan.sh +10 -0
- data/vagrant/provisioners/toggle_tor.sh +2 -0
- data/vagrant/provisioners/update_jenkins_plugins.rb +30 -0
- data/vagrant/provisioners/update_os.sh +108 -0
- data/vagrant/provisioners/upload_globals.sh +55 -0
- data/vagrant/provisioners/userland_fdisk.sh +22 -0
- data/vagrant/provisioners/userland_lvm.sh +5 -0
- data/vagrant/provisioners/wpscan.rb +25 -0
- data/vagrant_rsync_third_party.lst +1 -0
- data/vagrant_rsync_userland_template.lst +8 -0
- metadata +1245 -0
@@ -0,0 +1,325 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'json'
|
4
|
+
|
5
|
+
module PWN
|
6
|
+
module Plugins
|
7
|
+
# This plugin is used for interacting w/ the Tenable.io REST API (i.e. Nessus Cloud)
|
8
|
+
module NessusCloud
|
9
|
+
@@logger = PWN::Plugins::PWNLogger.create
|
10
|
+
|
11
|
+
# Supported Method Parameters::
|
12
|
+
# nessus_cloud_rest_call(
|
13
|
+
# nessus_obj: 'required nessus_obj returned from #start method',
|
14
|
+
# rest_call: 'required rest call to make per the schema',
|
15
|
+
# http_method: 'optional HTTP method (defaults to GET)
|
16
|
+
# http_body: 'optional HTTP body sent in HTTP methods that support it e.g. POST'
|
17
|
+
# )
|
18
|
+
|
19
|
+
private_class_method def self.nessus_cloud_rest_call(opts = {})
|
20
|
+
nessus_obj = opts[:nessus_obj]
|
21
|
+
rest_call = opts[:rest_call].to_s.scrub
|
22
|
+
http_method = if opts[:http_method].nil?
|
23
|
+
:get
|
24
|
+
else
|
25
|
+
opts[:http_method].to_s.scrub.to_sym
|
26
|
+
end
|
27
|
+
params = opts[:params]
|
28
|
+
http_body = opts[:http_body].to_s.scrub
|
29
|
+
access_key = nessus_obj[:access_key]
|
30
|
+
secret_key = nessus_obj[:secret_key]
|
31
|
+
base_nessus_cloud_api_uri = 'https://cloud.tenable.com'
|
32
|
+
|
33
|
+
rest_client = PWN::Plugins::TransparentBrowser.open(browser_type: :rest)::Request
|
34
|
+
|
35
|
+
case http_method
|
36
|
+
when :get
|
37
|
+
response = rest_client.execute(
|
38
|
+
method: :get,
|
39
|
+
url: "#{base_nessus_cloud_api_uri}/#{rest_call}",
|
40
|
+
headers: {
|
41
|
+
x_apikeys: "accessKey=#{access_key}; secretKey=#{secret_key}",
|
42
|
+
accept: 'application/json',
|
43
|
+
content_type: 'application/json; charset=UTF-8',
|
44
|
+
params: params
|
45
|
+
},
|
46
|
+
verify_ssl: false
|
47
|
+
)
|
48
|
+
|
49
|
+
when :post
|
50
|
+
response = rest_client.execute(
|
51
|
+
method: :post,
|
52
|
+
url: "#{base_nessus_cloud_api_uri}/#{rest_call}",
|
53
|
+
headers: {
|
54
|
+
x_apikeys: "accessKey=#{access_key}; secretKey=#{secret_key}",
|
55
|
+
accept: 'application/json',
|
56
|
+
content_type: 'application/json; charset=UTF-8'
|
57
|
+
},
|
58
|
+
payload: http_body,
|
59
|
+
verify_ssl: false
|
60
|
+
)
|
61
|
+
|
62
|
+
else
|
63
|
+
raise @@logger.error("Unsupported HTTP Method #{http_method} for #{self} Plugin")
|
64
|
+
end
|
65
|
+
|
66
|
+
sleep 3
|
67
|
+
|
68
|
+
response
|
69
|
+
rescue StandardError, SystemExit, Interrupt => e
|
70
|
+
raise e
|
71
|
+
end
|
72
|
+
|
73
|
+
# Supported Method Parameters::
|
74
|
+
# PWN::Plugins::NessusCloud.login(
|
75
|
+
# access_key: 'required - API access key (will prompt if blank)',
|
76
|
+
# secret_key: 'required - API secret key (will prompt if blank)'
|
77
|
+
# )
|
78
|
+
|
79
|
+
public_class_method def self.login(opts = {})
|
80
|
+
access_key = opts[:access_key]
|
81
|
+
access_key = PWN::Plugins::AuthenticationHelper.mask_password(prompt: 'Access Key') if opts[:access_key].nil?
|
82
|
+
|
83
|
+
secret_key = opts[:secret_key]
|
84
|
+
secret_key = PWN::Plugins::AuthenticationHelper.mask_password(prompt: 'Secret Key') if opts[:secret_key].nil?
|
85
|
+
|
86
|
+
nessus_obj = {}
|
87
|
+
nessus_obj[:access_key] = access_key
|
88
|
+
nessus_obj[:secret_key] = secret_key
|
89
|
+
|
90
|
+
nessus_obj
|
91
|
+
rescue StandardError, SystemExit, Interrupt => e
|
92
|
+
raise e
|
93
|
+
end
|
94
|
+
|
95
|
+
# Supported Method Parameters::
|
96
|
+
# PWN::Plugins::NessusCloud.list_scans(
|
97
|
+
# nessus_obj: 'required - nessus_obj returned from #login method'
|
98
|
+
# )
|
99
|
+
|
100
|
+
public_class_method def self.list_scans(opts = {})
|
101
|
+
nessus_obj = opts[:nessus_obj]
|
102
|
+
|
103
|
+
scans_resp = nessus_cloud_rest_call(
|
104
|
+
nessus_obj: nessus_obj,
|
105
|
+
rest_call: 'scans'
|
106
|
+
).body
|
107
|
+
|
108
|
+
JSON.parse(scans_resp, symbolize_names: true)
|
109
|
+
rescue StandardError, SystemExit, Interrupt => e
|
110
|
+
raise e
|
111
|
+
end
|
112
|
+
|
113
|
+
# Supported Method Parameters::
|
114
|
+
# PWN::Plugins::NessusCloud.launch_scan(
|
115
|
+
# nessus_obj: 'required - nessus_obj returned from #login method',
|
116
|
+
# scan_id: 'required - scan id to launch'
|
117
|
+
# )
|
118
|
+
|
119
|
+
public_class_method def self.launch_scan(opts = {})
|
120
|
+
nessus_obj = opts[:nessus_obj]
|
121
|
+
scan_id = opts[:scan_id]
|
122
|
+
|
123
|
+
launch_scan_resp = nessus_cloud_rest_call(
|
124
|
+
http_method: :post,
|
125
|
+
nessus_obj: nessus_obj,
|
126
|
+
rest_call: "scans/#{scan_id}/launch"
|
127
|
+
).body
|
128
|
+
|
129
|
+
JSON.parse(launch_scan_resp, symbolize_names: true)
|
130
|
+
rescue StandardError, SystemExit, Interrupt => e
|
131
|
+
raise e
|
132
|
+
end
|
133
|
+
|
134
|
+
# Supported Method Parameters::
|
135
|
+
# PWN::Plugins::NessusCloud.get_scan_status(
|
136
|
+
# nessus_obj: 'required - nessus_obj returned from #login method',
|
137
|
+
# scan_id: 'required - scan id to retrieve status'
|
138
|
+
# )
|
139
|
+
|
140
|
+
public_class_method def self.get_scan_status(opts = {})
|
141
|
+
nessus_obj = opts[:nessus_obj]
|
142
|
+
scan_id = opts[:scan_id]
|
143
|
+
|
144
|
+
scan_status_resp = nessus_cloud_rest_call(
|
145
|
+
nessus_obj: nessus_obj,
|
146
|
+
rest_call: "scans/#{scan_id}/latest-status"
|
147
|
+
).body
|
148
|
+
|
149
|
+
JSON.parse(scan_status_resp, symbolize_names: true)
|
150
|
+
rescue StandardError, SystemExit, Interrupt => e
|
151
|
+
raise e
|
152
|
+
end
|
153
|
+
|
154
|
+
# Supported Method Parameters::
|
155
|
+
# PWN::Plugins::NessusCloud.tag(
|
156
|
+
# nessus_obj: 'required - nessus_obj returned from #login method',
|
157
|
+
# category: 'required - category name to create or use',
|
158
|
+
# value: 'required - value name to create or use',
|
159
|
+
# desc: 'optional - _value_ description'
|
160
|
+
# )
|
161
|
+
|
162
|
+
public_class_method def self.tag(opts = {})
|
163
|
+
nessus_obj = opts[:nessus_obj]
|
164
|
+
category = opts[:category]
|
165
|
+
value = opts[:value]
|
166
|
+
desc = opts[:desc]
|
167
|
+
|
168
|
+
http_body = {
|
169
|
+
category_name: category,
|
170
|
+
value: value
|
171
|
+
}.to_json
|
172
|
+
|
173
|
+
tag_resp = nessus_cloud_rest_call(
|
174
|
+
http_method: :post,
|
175
|
+
nessus_obj: nessus_obj,
|
176
|
+
rest_call: 'tags/values',
|
177
|
+
http_body: http_body
|
178
|
+
).body
|
179
|
+
|
180
|
+
JSON.parse(tag_resp, symbolize_names: true)
|
181
|
+
rescue StandardError, SystemExit, Interrupt => e
|
182
|
+
raise e
|
183
|
+
end
|
184
|
+
|
185
|
+
# Supported Method Parameters::
|
186
|
+
# PWN::Plugins::NessusCloud.get_scan_history(
|
187
|
+
# nessus_obj: 'required - nessus_obj returned from #login method'
|
188
|
+
# scan_id: 'required - scan id to launch'
|
189
|
+
# )
|
190
|
+
|
191
|
+
public_class_method def self.get_scan_history(opts = {})
|
192
|
+
nessus_obj = opts[:nessus_obj]
|
193
|
+
scan_id = opts[:scan_id]
|
194
|
+
|
195
|
+
scan_hist_resp = nessus_cloud_rest_call(
|
196
|
+
nessus_obj: nessus_obj,
|
197
|
+
rest_call: "scans/#{scan_id}/history"
|
198
|
+
).body
|
199
|
+
|
200
|
+
JSON.parse(scan_hist_resp, symbolize_names: true)
|
201
|
+
rescue StandardError, SystemExit, Interrupt => e
|
202
|
+
raise e
|
203
|
+
end
|
204
|
+
|
205
|
+
# Supported Method Parameters::
|
206
|
+
# PWN::Plugins::NessusCloud.export_scan_results(
|
207
|
+
# nessus_obj: 'required - nessus_obj returned from #login method',
|
208
|
+
# scan_id: 'required - scan id to export',
|
209
|
+
# path_to_export: 'required - filename to export results',
|
210
|
+
# history_id: 'optional - defaults to last scan',
|
211
|
+
# format: 'optional - :csv|:db|:html|:nessus|:pdf (defaults to :csv')
|
212
|
+
# )
|
213
|
+
|
214
|
+
public_class_method def self.export_scan_results(opts = {})
|
215
|
+
nessus_obj = opts[:nessus_obj]
|
216
|
+
scan_id = opts[:scan_id]
|
217
|
+
path_to_export = opts[:path_to_export]
|
218
|
+
if opts[:history_id]
|
219
|
+
history_id = opts[:history_id]
|
220
|
+
else
|
221
|
+
scan_history_resp = get_scan_history(
|
222
|
+
nessus_obj: nessus_obj,
|
223
|
+
scan_id: scan_id
|
224
|
+
)
|
225
|
+
|
226
|
+
if scan_history_resp[:history].empty?
|
227
|
+
puts 'No scan history found.'
|
228
|
+
raise 'Has at least one scan completed?'
|
229
|
+
else
|
230
|
+
history_id = scan_history_resp[:history].last[:id]
|
231
|
+
end
|
232
|
+
end
|
233
|
+
|
234
|
+
format = :csv
|
235
|
+
format = opts[:format].to_s.to_sym if opts[:format]
|
236
|
+
|
237
|
+
http_body = {
|
238
|
+
scan_id: scan_id,
|
239
|
+
history_id: history_id,
|
240
|
+
format: format
|
241
|
+
}.to_json
|
242
|
+
|
243
|
+
export_scan_resp = nessus_cloud_rest_call(
|
244
|
+
http_method: :post,
|
245
|
+
nessus_obj: nessus_obj,
|
246
|
+
rest_call: "scans/#{scan_id}/export",
|
247
|
+
http_body: http_body
|
248
|
+
).body
|
249
|
+
|
250
|
+
file_id = JSON.parse(
|
251
|
+
export_scan_resp,
|
252
|
+
symbolize_names: true
|
253
|
+
)[:file]
|
254
|
+
|
255
|
+
download_export_resp = nessus_cloud_rest_call(
|
256
|
+
nessus_obj: nessus_obj,
|
257
|
+
rest_call: "scans/#{scan_id}/export/#{file_id}/download"
|
258
|
+
).body
|
259
|
+
|
260
|
+
File.open(path_to_export, 'wb') do |f|
|
261
|
+
f.puts download_export_resp
|
262
|
+
end
|
263
|
+
|
264
|
+
path_to_export
|
265
|
+
rescue StandardError, SystemExit, Interrupt => e
|
266
|
+
raise e
|
267
|
+
end
|
268
|
+
|
269
|
+
# Author(s):: Jacob Hoopes <jake.hoopes@gmail.com>
|
270
|
+
|
271
|
+
public_class_method def self.authors
|
272
|
+
"AUTHOR(S):
|
273
|
+
Jacob Hoopes <jake.hoopes@gmail.com>
|
274
|
+
"
|
275
|
+
end
|
276
|
+
|
277
|
+
# Display Usage for this Module
|
278
|
+
|
279
|
+
public_class_method def self.help
|
280
|
+
puts "USAGE:
|
281
|
+
nessus_obj = #{self}.login(
|
282
|
+
access_key: 'required - API access key (will prompt if blank)',
|
283
|
+
secret_key: 'required - API secret key (will prompt if blank)'
|
284
|
+
)
|
285
|
+
|
286
|
+
#{self}.list_scans(
|
287
|
+
nessus_obj: 'required - nessus_obj returned from #login method'
|
288
|
+
)
|
289
|
+
|
290
|
+
#{self}.launch_scan(
|
291
|
+
nessus_obj: 'required - nessus_obj returned from #login method',
|
292
|
+
scan_id: 'required - scan id to launch'
|
293
|
+
)
|
294
|
+
|
295
|
+
#{self}.get_scan_status(
|
296
|
+
nessus_obj: 'required - nessus_obj returned from #login method',
|
297
|
+
scan_id: 'required - scan id to retrieve status'
|
298
|
+
)
|
299
|
+
|
300
|
+
#{self}.tag(
|
301
|
+
nessus_obj: 'required - nessus_obj returned from #login method',
|
302
|
+
category: 'required - category name to create or use',
|
303
|
+
value: 'required - value name to create or use',
|
304
|
+
desc: 'optional - _value_ description'
|
305
|
+
)
|
306
|
+
|
307
|
+
#{self}.get_scan_history(
|
308
|
+
nessus_obj: 'required - nessus_obj returned from #login method'
|
309
|
+
scan_id: 'required - scan id to launch'
|
310
|
+
)
|
311
|
+
|
312
|
+
#{self}.export_scan_results(
|
313
|
+
nessus_obj: 'required - nessus_obj returned from #login method',
|
314
|
+
scan_id: 'required - scan id to export',
|
315
|
+
path_to_export: 'required - filename to export results',
|
316
|
+
history_id: 'optional - defaults to last scan',
|
317
|
+
format: 'optional - :csv|:db|:html|:nessus|:pdf (defaults to :csv')
|
318
|
+
)
|
319
|
+
|
320
|
+
#{self}.authors
|
321
|
+
"
|
322
|
+
end
|
323
|
+
end
|
324
|
+
end
|
325
|
+
end
|
@@ -0,0 +1,356 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'nexpose'
|
4
|
+
require 'ipaddr'
|
5
|
+
|
6
|
+
module PWN
|
7
|
+
module Plugins
|
8
|
+
# This plugin is used for interacting w/ Nexpose using the Nexpose API.
|
9
|
+
module NexposeVulnScan
|
10
|
+
@@logger = PWN::Plugins::PWNLogger.create
|
11
|
+
|
12
|
+
# Supported Method Parameters::
|
13
|
+
# PWN::Plugins::NexposeVulnScan.login(
|
14
|
+
# console_ip: 'required host/ip of Nexpose Console (server)',
|
15
|
+
# username: 'required username',
|
16
|
+
# password: 'optional password (will prompt if nil)'
|
17
|
+
# )
|
18
|
+
|
19
|
+
public_class_method def self.login(opts = {})
|
20
|
+
console_ip = opts[:console_ip]
|
21
|
+
username = opts[:username].to_s
|
22
|
+
|
23
|
+
password = if opts[:password].nil?
|
24
|
+
PWN::Plugins::AuthenticationHelper.mask_password
|
25
|
+
else
|
26
|
+
opts[:password].to_s
|
27
|
+
end
|
28
|
+
|
29
|
+
nsc_obj = Nexpose::Connection.new(console_ip, username, password)
|
30
|
+
nsc_obj.login
|
31
|
+
config = Nexpose::Console.load(nsc_obj)
|
32
|
+
config.session_timeout = 21_600
|
33
|
+
# config.save(nsc_obj) # This will change the global sesion timeout config in the console
|
34
|
+
nsc_obj
|
35
|
+
rescue StandardError => e
|
36
|
+
raise e
|
37
|
+
end
|
38
|
+
|
39
|
+
# Supported Method Parameters::
|
40
|
+
# PWN::Plugins::NexposeVulnScan.list_all_individual_site_assets(
|
41
|
+
# nsc_obj: 'required nsc_obj returned from login method',
|
42
|
+
# site_name: 'required Nexpose site name to update (case-sensitive)'
|
43
|
+
# )
|
44
|
+
|
45
|
+
public_class_method def self.list_all_individual_site_assets(opts = {})
|
46
|
+
nsc_obj = opts[:nsc_obj]
|
47
|
+
site_name = opts[:site_name]
|
48
|
+
|
49
|
+
site_id = -1
|
50
|
+
nsc_obj.list_sites.each do |site|
|
51
|
+
site_id = site.id if site.name == site_name
|
52
|
+
end
|
53
|
+
|
54
|
+
all_individual_site_assets_arr = []
|
55
|
+
if site_id > -1
|
56
|
+
@@logger.info("Listing All Assets from #{site_name} (site id: #{site_id}):")
|
57
|
+
nsc_obj.filter(Nexpose::Search::Field::SITE_ID, Nexpose::Search::Operator::IN, site_id).each do |asset|
|
58
|
+
@@logger.info("#{asset.id}|#{asset.ip}|#{asset.last_scan}")
|
59
|
+
all_individual_site_assets_arr.push(asset.ip)
|
60
|
+
end
|
61
|
+
else
|
62
|
+
@@logger.error("Site: #{site_name} Not Found. Please check the spelling and try again.")
|
63
|
+
end
|
64
|
+
|
65
|
+
all_individual_site_assets_arr
|
66
|
+
rescue StandardError => e
|
67
|
+
raise e
|
68
|
+
end
|
69
|
+
|
70
|
+
# Supported Method Parameters::
|
71
|
+
# PWN::Plugins::NexposeVulnScan.update_site_assets(
|
72
|
+
# nsc_obj: 'required nsc_obj returned from login method',
|
73
|
+
# site_name: 'required Nexpose site name to update (case-sensitive),
|
74
|
+
# assets: 'required array of hashes containing called :ip => values being IP address (All IPs not included in the :assets parameter will be removed from Nexpose)'
|
75
|
+
# )
|
76
|
+
|
77
|
+
public_class_method def self.update_site_assets(opts = {})
|
78
|
+
nsc_obj = opts[:nsc_obj]
|
79
|
+
site_name = opts[:site_name]
|
80
|
+
assets = opts[:assets]
|
81
|
+
|
82
|
+
nsc_obj.list_sites.each do |site|
|
83
|
+
next unless site.name == site_name
|
84
|
+
|
85
|
+
# Load Site
|
86
|
+
site_id = site.id
|
87
|
+
refresh_site = Nexpose::Site.load(nsc_obj, site_id)
|
88
|
+
|
89
|
+
# Obtain Current List of Assets for Given Site & Remove Old List of Assets from Given Site (if applicable)
|
90
|
+
@@logger.info('Removing the Following Assets:')
|
91
|
+
current_site_assets = nsc_obj.filter(Nexpose::Search::Field::SITE_ID, Nexpose::Search::Operator::IN, site_id)
|
92
|
+
new_site_assets = []
|
93
|
+
assets.each { |ip_host_hash| new_site_assets.push(ip_host_hash[:ip].to_s.scrub.strip.chomp) }
|
94
|
+
current_site_assets.each do |current_site_asset|
|
95
|
+
next if new_site_assets.include?(current_site_asset.ip)
|
96
|
+
|
97
|
+
@@logger.info("Removing #{current_site_asset.ip}")
|
98
|
+
# refresh_site.remove_included_asset(current_asset) # This should work and be less invasive but no worky :(
|
99
|
+
nsc_obj.delete_asset(current_site_asset.id) # So we completely remove the asset from Nexpose altogether :/
|
100
|
+
end
|
101
|
+
@@logger.info('Complete.')
|
102
|
+
|
103
|
+
# Add New List of Assets to Given Site
|
104
|
+
@@logger.info("Adding the Following Assets to #{site.name} (site id: #{site_id}):")
|
105
|
+
assets.each do |ip_host_hash|
|
106
|
+
current_ip = IPAddr.new(ip_host_hash[:ip].to_s.scrub.strip.chomp)
|
107
|
+
unless current_ip.to_s.match?('255') # || current_ip =~ /^[224-239]/ # Multicast?
|
108
|
+
# TODO: try to reverse DNS word to see if an IP s available as well
|
109
|
+
@@logger.info("Adding #{current_ip}")
|
110
|
+
refresh_site.include_asset(current_ip)
|
111
|
+
end
|
112
|
+
rescue StandardError
|
113
|
+
next
|
114
|
+
end
|
115
|
+
refresh_site.save(nsc_obj)
|
116
|
+
@@logger.info('Complete.')
|
117
|
+
end
|
118
|
+
|
119
|
+
nsc_obj
|
120
|
+
rescue StandardError => e
|
121
|
+
raise e
|
122
|
+
end
|
123
|
+
|
124
|
+
# Supported Method Parameters::
|
125
|
+
# PWN::Plugins::NexposeVulnScan.delete_site_assets_older_than(
|
126
|
+
# nsc_obj: 'required nsc_obj returned from login method',
|
127
|
+
# site_name: 'required Nexpose site name to update (case-sensitive),
|
128
|
+
# days: 'required assets to remove older than number of days in this parameter'
|
129
|
+
# )
|
130
|
+
|
131
|
+
public_class_method def self.delete_site_assets_older_than(opts = {})
|
132
|
+
nsc_obj = opts[:nsc_obj]
|
133
|
+
site_name = opts[:site_name]
|
134
|
+
days = opts[:days].to_i
|
135
|
+
|
136
|
+
site_id = -1
|
137
|
+
nsc_obj.list_sites.each do |site|
|
138
|
+
site_id = site.id if site.name == site_name
|
139
|
+
end
|
140
|
+
|
141
|
+
if site_id > -1
|
142
|
+
@@logger.info("Removing the Following Assets from #{site.name} (site id: #{site_id}) Older than #{days} Days:")
|
143
|
+
nsc_obj.filter(Nexpose::Search::Field::SCAN_DATE, Nexpose::Search::Operator::EARLIER_THAN, days).each do |asset|
|
144
|
+
if asset.site_id == site_id
|
145
|
+
@@logger.info("#{asset.id}|#{asset.ip}|#{asset.last_scan}")
|
146
|
+
nsc_obj.delete_asset(asset.id)
|
147
|
+
end
|
148
|
+
end
|
149
|
+
else
|
150
|
+
@@logger.error("Site: #{site_name} Not Found. Please check the spelling and try again.")
|
151
|
+
end
|
152
|
+
|
153
|
+
nsc_obj
|
154
|
+
rescue StandardError => e
|
155
|
+
raise e
|
156
|
+
end
|
157
|
+
|
158
|
+
# Supported Method Parameters::
|
159
|
+
# PWN::Plugins::NexposeVulnScan.scan_site_by_name(
|
160
|
+
# nsc_obj: 'required nsc_obj returned from login method',
|
161
|
+
# site_name: 'required Nexpose site name to scan (case-sensitive),
|
162
|
+
# poll_interval: 'optional poll interval to check the completion status of the scan (defaults to 3 minutes)
|
163
|
+
# )
|
164
|
+
|
165
|
+
public_class_method def self.scan_site_by_name(opts = {})
|
166
|
+
nsc_obj = opts[:nsc_obj]
|
167
|
+
site_name = opts[:site_name].to_s
|
168
|
+
site_id = nil
|
169
|
+
|
170
|
+
poll_interval = if opts[:poll_interval].nil?
|
171
|
+
60
|
172
|
+
else
|
173
|
+
opts[:poll_interval].to_i
|
174
|
+
end
|
175
|
+
|
176
|
+
# Find the site and kick off the scan
|
177
|
+
nsc_obj.list_sites.each do |site|
|
178
|
+
next unless site.name == site_name
|
179
|
+
|
180
|
+
nsc_obj.scan_site(site.id)
|
181
|
+
@@logger.info("Scan Started for #{site_name} @ #{Time.now.strftime('%Y-%m-%d %H:%M:%S')}")
|
182
|
+
site_id = site.id
|
183
|
+
end
|
184
|
+
|
185
|
+
# Periodically check the status of the scan
|
186
|
+
raise @logger.error("Site name: #{site_name} does not exist as a site in Nexpose. Please check your spelling and try again.") if site_id == ''
|
187
|
+
|
188
|
+
@@logger.info("Info: Checking status for an interval of #{poll_interval} seconds until completion.")
|
189
|
+
loop do
|
190
|
+
scan_status = nil
|
191
|
+
nsc_obj.scan_activity.each { |scan| scan_status = scan.status if scan.site_id == site_id }
|
192
|
+
if scan_status == 'running'
|
193
|
+
print '~' # Seeing progress is good :)
|
194
|
+
sleep poll_interval # Sleep and check the status again...
|
195
|
+
else
|
196
|
+
@@logger.info("Scan Completed for #{site_name} @ #{Time.now.strftime('%Y-%m-%d %H:%M:%S')}")
|
197
|
+
break
|
198
|
+
end
|
199
|
+
end
|
200
|
+
|
201
|
+
nsc_obj
|
202
|
+
rescue StandardError => e
|
203
|
+
raise e
|
204
|
+
end
|
205
|
+
|
206
|
+
# Supported Method Parameters::
|
207
|
+
# PWN::Plugins::NexposeVulnScan.generate_report_via_existing_config(
|
208
|
+
# nsc_obj: 'required nsc_obj returned from login method',
|
209
|
+
# config_id: 'relevant r.config_id returned when invoking the block nsc_obj.reports.each {|r| puts "#{r.name} => #{r.config_id}"}',
|
210
|
+
# )
|
211
|
+
|
212
|
+
public_class_method def self.generate_report_via_existing_config(opts = {})
|
213
|
+
nsc_obj = opts[:nsc_obj]
|
214
|
+
config_id = opts[:config_id].to_i
|
215
|
+
|
216
|
+
existing_report_config = Nexpose::ReportConfig.load(nsc_obj, config_id)
|
217
|
+
existing_report_config.generate(nsc_obj)
|
218
|
+
|
219
|
+
nsc_obj
|
220
|
+
rescue StandardError => e
|
221
|
+
raise e
|
222
|
+
end
|
223
|
+
|
224
|
+
# Supported Method Parameters::
|
225
|
+
# PWN::Plugins::NexposeVulnScan.download_recurring_report(
|
226
|
+
# nsc_obj: 'required nsc_obj returned from login method',
|
227
|
+
# report_names: 'required array of report name/types to generate e.g. ["report.html", "report.pdf", "report.xml"]',
|
228
|
+
# poll_interval: 'optional poll interval to check the completion status of report generation (defaults to 60 seconds)
|
229
|
+
# )
|
230
|
+
|
231
|
+
public_class_method def self.download_recurring_report(opts = {})
|
232
|
+
nsc_obj = opts[:nsc_obj]
|
233
|
+
report_names = opts[:report_names].to_s.scrub.split(',')
|
234
|
+
@@logger.info("Generating #{report_names.count} Report(s): #{report_names.inspect}...")
|
235
|
+
|
236
|
+
poll_interval = if opts[:poll_interval].nil?
|
237
|
+
60
|
238
|
+
else
|
239
|
+
opts[:poll_interval].to_i
|
240
|
+
end
|
241
|
+
|
242
|
+
report_arr = []
|
243
|
+
report_status_arr = []
|
244
|
+
until report_status_arr.count == report_names.count
|
245
|
+
nsc_obj.reports.each do |report|
|
246
|
+
report_names.each do |requested_report|
|
247
|
+
this_report_name = requested_report.to_s.strip.chomp.delete('"')
|
248
|
+
next unless report.name == this_report_name
|
249
|
+
|
250
|
+
@@logger.info("Generating Recurring Report: #{report.name} @ #{Time.now.strftime('%Y-%m-%d %H:%M:%S')}..Current Report Status: #{report.status}")
|
251
|
+
if report.status == 'Failed'
|
252
|
+
@@logger.info("Report Generation for #{report.name} failed...re-generating now...")
|
253
|
+
# Re-generate report from pre-existing config.
|
254
|
+
nsc_obj = generate_report_via_existing_config(nsc_obj: nsc_obj, config_id: report.config_id)
|
255
|
+
end
|
256
|
+
|
257
|
+
report_hash = {}
|
258
|
+
report_hash[:report_name] = report.name
|
259
|
+
report_hash[:report_status] = report.status
|
260
|
+
report_hash[:report_uri] = report.uri
|
261
|
+
report_arr.push(report_hash)
|
262
|
+
report_status_arr = report_arr.uniq.select { |this_report| this_report[:report_status] == 'Generated' }
|
263
|
+
end
|
264
|
+
end
|
265
|
+
# TODO: Ensure report_names are available within nsc_obj.reports (thus making it worthwhile to loop vs saying report !found).
|
266
|
+
@@logger.info("Total Reports Generated So Far: #{report_status_arr.count}...")
|
267
|
+
sleep poll_interval # Sleep and check the status again...
|
268
|
+
end
|
269
|
+
|
270
|
+
# @@logger.info(report_arr.inspect)
|
271
|
+
# @@logger.info(report_status_arr.inspect)
|
272
|
+
report_status_arr.each do |report_hash|
|
273
|
+
this_file_extention = File.extname(report_hash[:report_uri])
|
274
|
+
@@logger.info("\nDownloading #{report_hash[:report_name]}#{this_file_extention} from #{report_hash[:report_uri]}...")
|
275
|
+
nsc_obj.download(report_hash[:report_uri], "#{report_hash[:report_name]}#{this_file_extention}")
|
276
|
+
end
|
277
|
+
@@logger.info('complete.')
|
278
|
+
|
279
|
+
nsc_obj
|
280
|
+
rescue StandardError => e
|
281
|
+
raise e
|
282
|
+
end
|
283
|
+
|
284
|
+
# Supported Method Parameters::
|
285
|
+
# PWN::Plugins::NexposeVulnScan.logout(
|
286
|
+
# nsc_obj: 'required nsc_obj returned from login method'
|
287
|
+
# )
|
288
|
+
|
289
|
+
public_class_method def self.logout(opts = {})
|
290
|
+
nsc_obj = opts[:nsc_obj]
|
291
|
+
|
292
|
+
# config = Nexpose::Console.load(nsc_obj)
|
293
|
+
# config.session_timeout = 600 # This is the default session timeout in the console
|
294
|
+
# config.save(nsc_obj) # This will change the global sesion timeout config in the console
|
295
|
+
nsc_obj.logout
|
296
|
+
'logged out'
|
297
|
+
rescue StandardError => e
|
298
|
+
raise e
|
299
|
+
end
|
300
|
+
|
301
|
+
# Author(s):: Jacob Hoopes <jake.hoopes@gmail.com>
|
302
|
+
|
303
|
+
public_class_method def self.authors
|
304
|
+
"AUTHOR(S):
|
305
|
+
Jacob Hoopes <jake.hoopes@gmail.com>
|
306
|
+
"
|
307
|
+
end
|
308
|
+
|
309
|
+
# Display Usage for this Module
|
310
|
+
|
311
|
+
public_class_method def self.help
|
312
|
+
puts "USAGE:
|
313
|
+
nsc_obj = #{self}.login(
|
314
|
+
console_ip: 'required host/ip of Nexpose Console (server)',
|
315
|
+
username: 'required username',
|
316
|
+
password: 'optional password (will prompt if nil)'
|
317
|
+
)
|
318
|
+
puts nsc_obj.public_methods
|
319
|
+
|
320
|
+
all_individual_site_assets_arr = #{self}.list_all_individual_site_assets(
|
321
|
+
nsc_obj: 'required nsc_obj returned from login method',
|
322
|
+
site_name: 'required Nexpose site name to update (case-sensitive)'
|
323
|
+
)
|
324
|
+
|
325
|
+
nsc_obj = #{self}.update_site_assets(
|
326
|
+
nsc_obj: 'required nsc_obj returned from login method',
|
327
|
+
site_name: 'required Nexpose site name to update (case-sensitive),
|
328
|
+
assets: 'required array of hashes containing called :ip => values being IP address (All IPs not included in the :assets parameter will be removed from Nexpose)'
|
329
|
+
)
|
330
|
+
|
331
|
+
nsc_obj = #{self}.delete_site_assets_older_than(
|
332
|
+
nsc_obj: 'required nsc_obj returned from login method',
|
333
|
+
site_name: 'required Nexpose site name to update (case-sensitive),
|
334
|
+
days: 'required assets to remove older than number of days in this parameter'
|
335
|
+
)
|
336
|
+
|
337
|
+
nsc_obj = #{self}.scan_site_by_name(
|
338
|
+
nsc_obj: 'required nsc_obj returned from login method',
|
339
|
+
site_name: 'required Nexpose site name to scan (case-sensitive),
|
340
|
+
poll_interval: 'optional poll interval to check the completion status of the scan (defaults to 60 seconds)
|
341
|
+
)
|
342
|
+
|
343
|
+
#{self}.download_recurring_report(
|
344
|
+
nsc_obj: 'required nsc_obj returned from login method',
|
345
|
+
report_names: 'required array of report name/types to generate e.g. ['report.html', 'report.pdf', 'report.xml']',
|
346
|
+
poll_interval: 'optional poll interval to check the completion status of report generation (defaults to 60 seconds)
|
347
|
+
)
|
348
|
+
|
349
|
+
#{self}.logout(nsc_obj: 'required nsc_obj returned from login method')
|
350
|
+
|
351
|
+
#{self}.authors
|
352
|
+
"
|
353
|
+
end
|
354
|
+
end
|
355
|
+
end
|
356
|
+
end
|