pwn 0.4.333

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (904) hide show
  1. checksums.yaml +7 -0
  2. data/.github/FUNDING.yml +1 -0
  3. data/.github/ISSUE_TEMPLATE/bug_report.md +38 -0
  4. data/.gitignore +62 -0
  5. data/.rubocop.yml +12 -0
  6. data/.rubocop_todo.yml +76 -0
  7. data/.ruby-gemset +1 -0
  8. data/.ruby-version +1 -0
  9. data/.travis.yml +24 -0
  10. data/CODE_OF_CONDUCT.md +46 -0
  11. data/CONTRIBUTING.md +10 -0
  12. data/Gemfile +75 -0
  13. data/LICENSE.txt +22 -0
  14. data/README.md +125 -0
  15. data/Rakefile +20 -0
  16. data/Vagrantfile +250 -0
  17. data/bin/pwn +74 -0
  18. data/bin/pwn_android_war_dialer +137 -0
  19. data/bin/pwn_arachni +132 -0
  20. data/bin/pwn_arachni_rest +174 -0
  21. data/bin/pwn_autoinc_version +50 -0
  22. data/bin/pwn_aws_describe_resources +728 -0
  23. data/bin/pwn_burp_suite_pro_active_scan +113 -0
  24. data/bin/pwn_char_base64_encoding +24 -0
  25. data/bin/pwn_char_dec_encoding +23 -0
  26. data/bin/pwn_char_hex_escaped_encoding +26 -0
  27. data/bin/pwn_char_html_entity_encoding +24 -0
  28. data/bin/pwn_char_unicode_escaped_encoding +23 -0
  29. data/bin/pwn_char_url_encoding +24 -0
  30. data/bin/pwn_defectdojo_engagement_create +158 -0
  31. data/bin/pwn_defectdojo_importscan +104 -0
  32. data/bin/pwn_defectdojo_reimportscan +104 -0
  33. data/bin/pwn_domain_reversewhois +89 -0
  34. data/bin/pwn_fuzz_net_app_proto +149 -0
  35. data/bin/pwn_ibm_appscan_enterprise +112 -0
  36. data/bin/pwn_jenkins_create_job +68 -0
  37. data/bin/pwn_jenkins_create_view +68 -0
  38. data/bin/pwn_jenkins_install_plugin +91 -0
  39. data/bin/pwn_jenkins_thinBackup_aws_s3 +123 -0
  40. data/bin/pwn_jenkins_update_plugins +87 -0
  41. data/bin/pwn_jenkins_useradd +86 -0
  42. data/bin/pwn_mail_agent +127 -0
  43. data/bin/pwn_msf_postgres_login +28 -0
  44. data/bin/pwn_nessus_cloud_vulnscan +103 -0
  45. data/bin/pwn_nexpose +52 -0
  46. data/bin/pwn_openvas_vulnscan +102 -0
  47. data/bin/pwn_owasp_zap_active_scan +134 -0
  48. data/bin/pwn_pastebin_sample_filter +61 -0
  49. data/bin/pwn_perimeter_recon +318 -0
  50. data/bin/pwn_sast +161 -0
  51. data/bin/pwn_serial_check_voicemail +66 -0
  52. data/bin/pwn_serial_qualcomm_commands +16 -0
  53. data/bin/pwn_simple_http_server +46 -0
  54. data/bin/pwn_web_cache_deception +233 -0
  55. data/bin/pwn_www_checkip +62 -0
  56. data/bin/pwn_xss_dom_vectors +169 -0
  57. data/build_pwn_gem.sh +33 -0
  58. data/documentation/CSI_Contributors_and_Users.png +0 -0
  59. data/documentation/CSI_Driver_Arch.png +0 -0
  60. data/documentation/fax-spectrogram.png +0 -0
  61. data/documentation/fax-waveform.png +0 -0
  62. data/documentation/pwn_android_war_dialer_session.png +0 -0
  63. data/documentation/pwn_wallpaper.jpg +0 -0
  64. data/documentation/ringing-spectrogram.png +0 -0
  65. data/documentation/ringing-waveform.png +0 -0
  66. data/etc/systemd/msfrpcd.service +12 -0
  67. data/etc/systemd/openvas.service +14 -0
  68. data/etc/userland/aws/apache2/jenkins_443.conf +90 -0
  69. data/etc/userland/aws/apache2/jenkins_80.conf +7 -0
  70. data/etc/userland/aws/apache2/openvas_443.conf +87 -0
  71. data/etc/userland/aws/apache2/openvas_80.conf +7 -0
  72. data/etc/userland/aws/apache2/sast_443.conf +87 -0
  73. data/etc/userland/aws/apache2/sast_80.conf +9 -0
  74. data/etc/userland/aws/apache2/vagrant.yaml.EXAMPLE +9 -0
  75. data/etc/userland/aws/arachni/navigation-REST.instruct.EXAMPLE +29 -0
  76. data/etc/userland/aws/arachni/navigation.instruct.EXAMPLE +3 -0
  77. data/etc/userland/aws/burpsuite/navigation.instruct.EXAMPLE +3 -0
  78. data/etc/userland/aws/burpsuite/vagrant.yaml.EXAMPLE +2 -0
  79. data/etc/userland/aws/defectdojo/vagrant.yaml.EXAMPLE +3 -0
  80. data/etc/userland/aws/jenkins/inject_build_envs.sh +15 -0
  81. data/etc/userland/aws/jenkins/jenkins +81 -0
  82. data/etc/userland/aws/jenkins/jobs/pipeline-pwntemplate.xml +298 -0
  83. data/etc/userland/aws/jenkins/jobs/pipeline-selfupdate.xml +462 -0
  84. data/etc/userland/aws/jenkins/jobs/pwntemplate-DOMAIN-arachni.xml +35 -0
  85. data/etc/userland/aws/jenkins/jobs/pwntemplate-DOMAIN-burpsuite.xml +44 -0
  86. data/etc/userland/aws/jenkins/jobs/pwntemplate-DOMAIN-owasp_zap.xml +35 -0
  87. data/etc/userland/aws/jenkins/jobs/pwntemplate-DOMAIN-ssllabs-scan.xml +45 -0
  88. data/etc/userland/aws/jenkins/jobs/pwntemplate-GITREPO_BRANCH-sast.xml +71 -0
  89. data/etc/userland/aws/jenkins/jobs/pwntemplate-NETWORKRANGE-nmap_discovery_scan_tcp_udp_65k.xml +56 -0
  90. data/etc/userland/aws/jenkins/jobs/pwntemplate-NETWORKRANGE-nmap_xml_results_searchsploit.xml +59 -0
  91. data/etc/userland/aws/jenkins/jobs/pwntemplate-NETWORKRANGE-openvas.xml +45 -0
  92. data/etc/userland/aws/jenkins/jobs/selfupdate-exploit-db.xml +43 -0
  93. data/etc/userland/aws/jenkins/jobs/selfupdate-gem.xml +42 -0
  94. data/etc/userland/aws/jenkins/jobs/selfupdate-jenkins_plugins.xml +42 -0
  95. data/etc/userland/aws/jenkins/jobs/selfupdate-metasploit.xml +42 -0
  96. data/etc/userland/aws/jenkins/jobs/selfupdate-nmap_all_live_hosts.xml +42 -0
  97. data/etc/userland/aws/jenkins/jobs/selfupdate-openvas_sync.xml +42 -0
  98. data/etc/userland/aws/jenkins/jobs/selfupdate-openvas_wrappers.xml +42 -0
  99. data/etc/userland/aws/jenkins/jobs/selfupdate-os.xml +42 -0
  100. data/etc/userland/aws/jenkins/jobs/selfupdate-pwn.xml +42 -0
  101. data/etc/userland/aws/jenkins/jobs/selfupdate-rvm.xml +42 -0
  102. data/etc/userland/aws/jenkins/jobs/selfupdate-ssllabs-scan.xml +42 -0
  103. data/etc/userland/aws/jenkins/jobs/selfupdate-wpscan.xml +42 -0
  104. data/etc/userland/aws/jenkins/jobs_userland/.gitkeep +0 -0
  105. data/etc/userland/aws/jenkins/log_parser_rules/arachni.rules +5 -0
  106. data/etc/userland/aws/jenkins/log_parser_rules/sast.rules +2 -0
  107. data/etc/userland/aws/jenkins/log_parser_rules/self_update.rules +14 -0
  108. data/etc/userland/aws/jenkins/log_parser_rules/ssllabs-scan.rules +8 -0
  109. data/etc/userland/aws/jenkins/log_parser_rules/system_maintenance.rules +9 -0
  110. data/etc/userland/aws/jenkins/log_parser_rules/wpscan.rules +2 -0
  111. data/etc/userland/aws/jenkins/vagrant.yaml.EXAMPLE +8 -0
  112. data/etc/userland/aws/letsencrypt/vagrant.yaml.EXAMPLE +5 -0
  113. data/etc/userland/aws/metasploit/vagrant.yaml.EXAMPLE +4 -0
  114. data/etc/userland/aws/nessus/vagrant.yaml.EXAMPLE +2 -0
  115. data/etc/userland/aws/openvas/vagrant.yaml.EXAMPLE +2 -0
  116. data/etc/userland/aws/owasp_zap/navigation.instruct.EXAMPLE +3 -0
  117. data/etc/userland/aws/postgres/vagrant.yaml.EXAMPLE +2 -0
  118. data/etc/userland/aws/recon-ng/vagrant.yaml.EXAMPLE +52 -0
  119. data/etc/userland/aws/vagrant.yaml.EXAMPLE +35 -0
  120. data/etc/userland/docker/apache2/jenkins_443.conf +90 -0
  121. data/etc/userland/docker/apache2/jenkins_80.conf +7 -0
  122. data/etc/userland/docker/apache2/openvas_443.conf +87 -0
  123. data/etc/userland/docker/apache2/openvas_80.conf +7 -0
  124. data/etc/userland/docker/apache2/sast_443.conf +87 -0
  125. data/etc/userland/docker/apache2/sast_80.conf +9 -0
  126. data/etc/userland/docker/apache2/vagrant.yaml.EXAMPLE +9 -0
  127. data/etc/userland/docker/arachni/navigation-REST.instruct.EXAMPLE +29 -0
  128. data/etc/userland/docker/arachni/navigation.instruct.EXAMPLE +3 -0
  129. data/etc/userland/docker/burpsuite/navigation.instruct.EXAMPLE +3 -0
  130. data/etc/userland/docker/burpsuite/vagrant.yaml.EXAMPLE +2 -0
  131. data/etc/userland/docker/defectdojo/vagrant.yaml.EXAMPLE +3 -0
  132. data/etc/userland/docker/jenkins/inject_build_envs.sh +15 -0
  133. data/etc/userland/docker/jenkins/jenkins +81 -0
  134. data/etc/userland/docker/jenkins/jobs/pipeline-pwntemplate.xml +298 -0
  135. data/etc/userland/docker/jenkins/jobs/pipeline-selfupdate.xml +462 -0
  136. data/etc/userland/docker/jenkins/jobs/pwntemplate-DOMAIN-arachni.xml +35 -0
  137. data/etc/userland/docker/jenkins/jobs/pwntemplate-DOMAIN-burpsuite.xml +44 -0
  138. data/etc/userland/docker/jenkins/jobs/pwntemplate-DOMAIN-owasp_zap.xml +35 -0
  139. data/etc/userland/docker/jenkins/jobs/pwntemplate-DOMAIN-ssllabs-scan.xml +45 -0
  140. data/etc/userland/docker/jenkins/jobs/pwntemplate-GITREPO_BRANCH-sast.xml +71 -0
  141. data/etc/userland/docker/jenkins/jobs/pwntemplate-NETWORKRANGE-nmap_discovery_scan_tcp_udp_65k.xml +56 -0
  142. data/etc/userland/docker/jenkins/jobs/pwntemplate-NETWORKRANGE-nmap_xml_results_searchsploit.xml +59 -0
  143. data/etc/userland/docker/jenkins/jobs/pwntemplate-NETWORKRANGE-openvas.xml +45 -0
  144. data/etc/userland/docker/jenkins/jobs/selfupdate-exploit-db.xml +43 -0
  145. data/etc/userland/docker/jenkins/jobs/selfupdate-gem.xml +42 -0
  146. data/etc/userland/docker/jenkins/jobs/selfupdate-jenkins_plugins.xml +42 -0
  147. data/etc/userland/docker/jenkins/jobs/selfupdate-metasploit.xml +42 -0
  148. data/etc/userland/docker/jenkins/jobs/selfupdate-nmap_all_live_hosts.xml +42 -0
  149. data/etc/userland/docker/jenkins/jobs/selfupdate-openvas_sync.xml +42 -0
  150. data/etc/userland/docker/jenkins/jobs/selfupdate-openvas_wrappers.xml +42 -0
  151. data/etc/userland/docker/jenkins/jobs/selfupdate-os.xml +42 -0
  152. data/etc/userland/docker/jenkins/jobs/selfupdate-pwn.xml +42 -0
  153. data/etc/userland/docker/jenkins/jobs/selfupdate-rvm.xml +42 -0
  154. data/etc/userland/docker/jenkins/jobs/selfupdate-ssllabs-scan.xml +42 -0
  155. data/etc/userland/docker/jenkins/jobs/selfupdate-wpscan.xml +42 -0
  156. data/etc/userland/docker/jenkins/jobs_userland/.gitkeep +0 -0
  157. data/etc/userland/docker/jenkins/log_parser_rules/arachni.rules +5 -0
  158. data/etc/userland/docker/jenkins/log_parser_rules/sast.rules +2 -0
  159. data/etc/userland/docker/jenkins/log_parser_rules/self_update.rules +14 -0
  160. data/etc/userland/docker/jenkins/log_parser_rules/ssllabs-scan.rules +8 -0
  161. data/etc/userland/docker/jenkins/log_parser_rules/system_maintenance.rules +9 -0
  162. data/etc/userland/docker/jenkins/log_parser_rules/wpscan.rules +2 -0
  163. data/etc/userland/docker/jenkins/vagrant.yaml.EXAMPLE +8 -0
  164. data/etc/userland/docker/letsencrypt/vagrant.yaml.EXAMPLE +5 -0
  165. data/etc/userland/docker/metasploit/vagrant.yaml.EXAMPLE +4 -0
  166. data/etc/userland/docker/nessus/vagrant.yaml.EXAMPLE +2 -0
  167. data/etc/userland/docker/openvas/vagrant.yaml.EXAMPLE +2 -0
  168. data/etc/userland/docker/owasp_zap/navigation.instruct.EXAMPLE +3 -0
  169. data/etc/userland/docker/postgres/vagrant.yaml.EXAMPLE +2 -0
  170. data/etc/userland/docker/recon-ng/vagrant.yaml.EXAMPLE +52 -0
  171. data/etc/userland/qemu/apache2/jenkins_443.conf +90 -0
  172. data/etc/userland/qemu/apache2/jenkins_80.conf +7 -0
  173. data/etc/userland/qemu/apache2/openvas_443.conf +87 -0
  174. data/etc/userland/qemu/apache2/openvas_80.conf +7 -0
  175. data/etc/userland/qemu/apache2/sast_443.conf +87 -0
  176. data/etc/userland/qemu/apache2/sast_80.conf +9 -0
  177. data/etc/userland/qemu/apache2/vagrant.yaml.EXAMPLE +9 -0
  178. data/etc/userland/qemu/arachni/navigation-REST.instruct.EXAMPLE +29 -0
  179. data/etc/userland/qemu/arachni/navigation.instruct.EXAMPLE +3 -0
  180. data/etc/userland/qemu/burpsuite/navigation.instruct.EXAMPLE +3 -0
  181. data/etc/userland/qemu/burpsuite/vagrant.yaml.EXAMPLE +2 -0
  182. data/etc/userland/qemu/defectdojo/vagrant.yaml.EXAMPLE +3 -0
  183. data/etc/userland/qemu/jenkins/inject_build_envs.sh +15 -0
  184. data/etc/userland/qemu/jenkins/jenkins +81 -0
  185. data/etc/userland/qemu/jenkins/jobs/pipeline-pwntemplate.xml +298 -0
  186. data/etc/userland/qemu/jenkins/jobs/pipeline-selfupdate.xml +462 -0
  187. data/etc/userland/qemu/jenkins/jobs/pwntemplate-DOMAIN-arachni.xml +35 -0
  188. data/etc/userland/qemu/jenkins/jobs/pwntemplate-DOMAIN-burpsuite.xml +44 -0
  189. data/etc/userland/qemu/jenkins/jobs/pwntemplate-DOMAIN-owasp_zap.xml +35 -0
  190. data/etc/userland/qemu/jenkins/jobs/pwntemplate-DOMAIN-ssllabs-scan.xml +45 -0
  191. data/etc/userland/qemu/jenkins/jobs/pwntemplate-GITREPO_BRANCH-sast.xml +71 -0
  192. data/etc/userland/qemu/jenkins/jobs/pwntemplate-NETWORKRANGE-nmap_discovery_scan_tcp_udp_65k.xml +56 -0
  193. data/etc/userland/qemu/jenkins/jobs/pwntemplate-NETWORKRANGE-nmap_xml_results_searchsploit.xml +59 -0
  194. data/etc/userland/qemu/jenkins/jobs/pwntemplate-NETWORKRANGE-openvas.xml +45 -0
  195. data/etc/userland/qemu/jenkins/jobs/selfupdate-exploit-db.xml +43 -0
  196. data/etc/userland/qemu/jenkins/jobs/selfupdate-gem.xml +42 -0
  197. data/etc/userland/qemu/jenkins/jobs/selfupdate-jenkins_plugins.xml +42 -0
  198. data/etc/userland/qemu/jenkins/jobs/selfupdate-metasploit.xml +42 -0
  199. data/etc/userland/qemu/jenkins/jobs/selfupdate-nmap_all_live_hosts.xml +42 -0
  200. data/etc/userland/qemu/jenkins/jobs/selfupdate-openvas_sync.xml +42 -0
  201. data/etc/userland/qemu/jenkins/jobs/selfupdate-openvas_wrappers.xml +42 -0
  202. data/etc/userland/qemu/jenkins/jobs/selfupdate-os.xml +42 -0
  203. data/etc/userland/qemu/jenkins/jobs/selfupdate-pwn.xml +42 -0
  204. data/etc/userland/qemu/jenkins/jobs/selfupdate-rvm.xml +42 -0
  205. data/etc/userland/qemu/jenkins/jobs/selfupdate-ssllabs-scan.xml +42 -0
  206. data/etc/userland/qemu/jenkins/jobs/selfupdate-wpscan.xml +42 -0
  207. data/etc/userland/qemu/jenkins/jobs_userland/.gitkeep +0 -0
  208. data/etc/userland/qemu/jenkins/log_parser_rules/arachni.rules +5 -0
  209. data/etc/userland/qemu/jenkins/log_parser_rules/sast.rules +2 -0
  210. data/etc/userland/qemu/jenkins/log_parser_rules/self_update.rules +14 -0
  211. data/etc/userland/qemu/jenkins/log_parser_rules/ssllabs-scan.rules +8 -0
  212. data/etc/userland/qemu/jenkins/log_parser_rules/system_maintenance.rules +9 -0
  213. data/etc/userland/qemu/jenkins/log_parser_rules/wpscan.rules +2 -0
  214. data/etc/userland/qemu/jenkins/vagrant.yaml.EXAMPLE +8 -0
  215. data/etc/userland/qemu/letsencrypt/vagrant.yaml.EXAMPLE +5 -0
  216. data/etc/userland/qemu/metasploit/vagrant.yaml.EXAMPLE +4 -0
  217. data/etc/userland/qemu/nessus/vagrant.yaml.EXAMPLE +2 -0
  218. data/etc/userland/qemu/openvas/vagrant.yaml.EXAMPLE +2 -0
  219. data/etc/userland/qemu/owasp_zap/navigation.instruct.EXAMPLE +3 -0
  220. data/etc/userland/qemu/postgres/vagrant.yaml.EXAMPLE +2 -0
  221. data/etc/userland/qemu/recon-ng/vagrant.yaml.EXAMPLE +52 -0
  222. data/etc/userland/ruby-gem/apache2/jenkins_443.conf +90 -0
  223. data/etc/userland/ruby-gem/apache2/jenkins_80.conf +7 -0
  224. data/etc/userland/ruby-gem/apache2/openvas_443.conf +87 -0
  225. data/etc/userland/ruby-gem/apache2/openvas_80.conf +7 -0
  226. data/etc/userland/ruby-gem/apache2/sast_443.conf +87 -0
  227. data/etc/userland/ruby-gem/apache2/sast_80.conf +9 -0
  228. data/etc/userland/ruby-gem/apache2/vagrant.yaml.EXAMPLE +9 -0
  229. data/etc/userland/ruby-gem/arachni/navigation-REST.instruct.EXAMPLE +29 -0
  230. data/etc/userland/ruby-gem/arachni/navigation.instruct.EXAMPLE +3 -0
  231. data/etc/userland/ruby-gem/burpsuite/navigation.instruct.EXAMPLE +3 -0
  232. data/etc/userland/ruby-gem/burpsuite/vagrant.yaml.EXAMPLE +2 -0
  233. data/etc/userland/ruby-gem/defectdojo/vagrant.yaml.EXAMPLE +3 -0
  234. data/etc/userland/ruby-gem/jenkins/inject_build_envs.sh +15 -0
  235. data/etc/userland/ruby-gem/jenkins/jenkins +81 -0
  236. data/etc/userland/ruby-gem/jenkins/jobs/pipeline-pwntemplate.xml +298 -0
  237. data/etc/userland/ruby-gem/jenkins/jobs/pipeline-selfupdate.xml +462 -0
  238. data/etc/userland/ruby-gem/jenkins/jobs/pwntemplate-DOMAIN-arachni.xml +35 -0
  239. data/etc/userland/ruby-gem/jenkins/jobs/pwntemplate-DOMAIN-burpsuite.xml +44 -0
  240. data/etc/userland/ruby-gem/jenkins/jobs/pwntemplate-DOMAIN-owasp_zap.xml +35 -0
  241. data/etc/userland/ruby-gem/jenkins/jobs/pwntemplate-DOMAIN-ssllabs-scan.xml +45 -0
  242. data/etc/userland/ruby-gem/jenkins/jobs/pwntemplate-GITREPO_BRANCH-sast.xml +71 -0
  243. data/etc/userland/ruby-gem/jenkins/jobs/pwntemplate-NETWORKRANGE-nmap_discovery_scan_tcp_udp_65k.xml +56 -0
  244. data/etc/userland/ruby-gem/jenkins/jobs/pwntemplate-NETWORKRANGE-nmap_xml_results_searchsploit.xml +59 -0
  245. data/etc/userland/ruby-gem/jenkins/jobs/pwntemplate-NETWORKRANGE-openvas.xml +45 -0
  246. data/etc/userland/ruby-gem/jenkins/jobs/selfupdate-exploit-db.xml +43 -0
  247. data/etc/userland/ruby-gem/jenkins/jobs/selfupdate-gem.xml +42 -0
  248. data/etc/userland/ruby-gem/jenkins/jobs/selfupdate-jenkins_plugins.xml +42 -0
  249. data/etc/userland/ruby-gem/jenkins/jobs/selfupdate-metasploit.xml +42 -0
  250. data/etc/userland/ruby-gem/jenkins/jobs/selfupdate-nmap_all_live_hosts.xml +42 -0
  251. data/etc/userland/ruby-gem/jenkins/jobs/selfupdate-openvas_sync.xml +42 -0
  252. data/etc/userland/ruby-gem/jenkins/jobs/selfupdate-openvas_wrappers.xml +42 -0
  253. data/etc/userland/ruby-gem/jenkins/jobs/selfupdate-os.xml +42 -0
  254. data/etc/userland/ruby-gem/jenkins/jobs/selfupdate-pwn.xml +42 -0
  255. data/etc/userland/ruby-gem/jenkins/jobs/selfupdate-rvm.xml +42 -0
  256. data/etc/userland/ruby-gem/jenkins/jobs/selfupdate-ssllabs-scan.xml +42 -0
  257. data/etc/userland/ruby-gem/jenkins/jobs/selfupdate-wpscan.xml +42 -0
  258. data/etc/userland/ruby-gem/jenkins/jobs_userland/.gitkeep +0 -0
  259. data/etc/userland/ruby-gem/jenkins/log_parser_rules/arachni.rules +5 -0
  260. data/etc/userland/ruby-gem/jenkins/log_parser_rules/sast.rules +2 -0
  261. data/etc/userland/ruby-gem/jenkins/log_parser_rules/self_update.rules +14 -0
  262. data/etc/userland/ruby-gem/jenkins/log_parser_rules/ssllabs-scan.rules +8 -0
  263. data/etc/userland/ruby-gem/jenkins/log_parser_rules/system_maintenance.rules +9 -0
  264. data/etc/userland/ruby-gem/jenkins/log_parser_rules/wpscan.rules +2 -0
  265. data/etc/userland/ruby-gem/jenkins/vagrant.yaml.EXAMPLE +8 -0
  266. data/etc/userland/ruby-gem/letsencrypt/vagrant.yaml.EXAMPLE +5 -0
  267. data/etc/userland/ruby-gem/metasploit/vagrant.yaml.EXAMPLE +4 -0
  268. data/etc/userland/ruby-gem/nessus/vagrant.yaml.EXAMPLE +2 -0
  269. data/etc/userland/ruby-gem/openvas/vagrant.yaml.EXAMPLE +2 -0
  270. data/etc/userland/ruby-gem/owasp_zap/navigation.instruct.EXAMPLE +3 -0
  271. data/etc/userland/ruby-gem/postgres/vagrant.yaml.EXAMPLE +2 -0
  272. data/etc/userland/ruby-gem/recon-ng/vagrant.yaml.EXAMPLE +52 -0
  273. data/etc/userland/virtualbox/apache2/jenkins_443.conf +90 -0
  274. data/etc/userland/virtualbox/apache2/jenkins_80.conf +7 -0
  275. data/etc/userland/virtualbox/apache2/openvas_443.conf +87 -0
  276. data/etc/userland/virtualbox/apache2/openvas_80.conf +7 -0
  277. data/etc/userland/virtualbox/apache2/sast_443.conf +87 -0
  278. data/etc/userland/virtualbox/apache2/sast_80.conf +9 -0
  279. data/etc/userland/virtualbox/apache2/vagrant.yaml.EXAMPLE +9 -0
  280. data/etc/userland/virtualbox/arachni/navigation-REST.instruct.EXAMPLE +29 -0
  281. data/etc/userland/virtualbox/arachni/navigation.instruct.EXAMPLE +3 -0
  282. data/etc/userland/virtualbox/burpsuite/navigation.instruct.EXAMPLE +3 -0
  283. data/etc/userland/virtualbox/burpsuite/vagrant.yaml.EXAMPLE +2 -0
  284. data/etc/userland/virtualbox/defectdojo/vagrant.yaml.EXAMPLE +3 -0
  285. data/etc/userland/virtualbox/jenkins/inject_build_envs.sh +15 -0
  286. data/etc/userland/virtualbox/jenkins/jenkins +81 -0
  287. data/etc/userland/virtualbox/jenkins/jobs/pipeline-pwntemplate.xml +298 -0
  288. data/etc/userland/virtualbox/jenkins/jobs/pipeline-selfupdate.xml +462 -0
  289. data/etc/userland/virtualbox/jenkins/jobs/pwntemplate-DOMAIN-arachni.xml +35 -0
  290. data/etc/userland/virtualbox/jenkins/jobs/pwntemplate-DOMAIN-burpsuite.xml +44 -0
  291. data/etc/userland/virtualbox/jenkins/jobs/pwntemplate-DOMAIN-owasp_zap.xml +35 -0
  292. data/etc/userland/virtualbox/jenkins/jobs/pwntemplate-DOMAIN-ssllabs-scan.xml +45 -0
  293. data/etc/userland/virtualbox/jenkins/jobs/pwntemplate-GITREPO_BRANCH-sast.xml +71 -0
  294. data/etc/userland/virtualbox/jenkins/jobs/pwntemplate-NETWORKRANGE-nmap_discovery_scan_tcp_udp_65k.xml +56 -0
  295. data/etc/userland/virtualbox/jenkins/jobs/pwntemplate-NETWORKRANGE-nmap_xml_results_searchsploit.xml +59 -0
  296. data/etc/userland/virtualbox/jenkins/jobs/pwntemplate-NETWORKRANGE-openvas.xml +45 -0
  297. data/etc/userland/virtualbox/jenkins/jobs/selfupdate-exploit-db.xml +43 -0
  298. data/etc/userland/virtualbox/jenkins/jobs/selfupdate-gem.xml +42 -0
  299. data/etc/userland/virtualbox/jenkins/jobs/selfupdate-jenkins_plugins.xml +42 -0
  300. data/etc/userland/virtualbox/jenkins/jobs/selfupdate-metasploit.xml +42 -0
  301. data/etc/userland/virtualbox/jenkins/jobs/selfupdate-nmap_all_live_hosts.xml +42 -0
  302. data/etc/userland/virtualbox/jenkins/jobs/selfupdate-openvas_sync.xml +42 -0
  303. data/etc/userland/virtualbox/jenkins/jobs/selfupdate-openvas_wrappers.xml +42 -0
  304. data/etc/userland/virtualbox/jenkins/jobs/selfupdate-os.xml +42 -0
  305. data/etc/userland/virtualbox/jenkins/jobs/selfupdate-pwn.xml +42 -0
  306. data/etc/userland/virtualbox/jenkins/jobs/selfupdate-rvm.xml +42 -0
  307. data/etc/userland/virtualbox/jenkins/jobs/selfupdate-ssllabs-scan.xml +42 -0
  308. data/etc/userland/virtualbox/jenkins/jobs/selfupdate-wpscan.xml +42 -0
  309. data/etc/userland/virtualbox/jenkins/jobs_userland/.gitkeep +0 -0
  310. data/etc/userland/virtualbox/jenkins/log_parser_rules/arachni.rules +5 -0
  311. data/etc/userland/virtualbox/jenkins/log_parser_rules/sast.rules +2 -0
  312. data/etc/userland/virtualbox/jenkins/log_parser_rules/self_update.rules +14 -0
  313. data/etc/userland/virtualbox/jenkins/log_parser_rules/ssllabs-scan.rules +8 -0
  314. data/etc/userland/virtualbox/jenkins/log_parser_rules/system_maintenance.rules +9 -0
  315. data/etc/userland/virtualbox/jenkins/log_parser_rules/wpscan.rules +2 -0
  316. data/etc/userland/virtualbox/jenkins/vagrant.yaml.EXAMPLE +8 -0
  317. data/etc/userland/virtualbox/letsencrypt/vagrant.yaml.EXAMPLE +5 -0
  318. data/etc/userland/virtualbox/metasploit/vagrant.yaml.EXAMPLE +4 -0
  319. data/etc/userland/virtualbox/nessus/vagrant.yaml.EXAMPLE +2 -0
  320. data/etc/userland/virtualbox/openvas/vagrant.yaml.EXAMPLE +2 -0
  321. data/etc/userland/virtualbox/owasp_zap/navigation.instruct.EXAMPLE +3 -0
  322. data/etc/userland/virtualbox/postgres/vagrant.yaml.EXAMPLE +2 -0
  323. data/etc/userland/virtualbox/recon-ng/vagrant.yaml.EXAMPLE +52 -0
  324. data/etc/userland/virtualbox/vagrant.yaml.EXAMPLE +4 -0
  325. data/etc/userland/vmware/apache2/jenkins_443.conf +90 -0
  326. data/etc/userland/vmware/apache2/jenkins_80.conf +7 -0
  327. data/etc/userland/vmware/apache2/openvas_443.conf +87 -0
  328. data/etc/userland/vmware/apache2/openvas_80.conf +7 -0
  329. data/etc/userland/vmware/apache2/sast_443.conf +87 -0
  330. data/etc/userland/vmware/apache2/sast_80.conf +9 -0
  331. data/etc/userland/vmware/apache2/vagrant.yaml.EXAMPLE +9 -0
  332. data/etc/userland/vmware/arachni/navigation-REST.instruct.EXAMPLE +29 -0
  333. data/etc/userland/vmware/arachni/navigation.instruct.EXAMPLE +3 -0
  334. data/etc/userland/vmware/burpsuite/navigation.instruct.EXAMPLE +3 -0
  335. data/etc/userland/vmware/burpsuite/vagrant.yaml.EXAMPLE +2 -0
  336. data/etc/userland/vmware/defectdojo/vagrant.yaml.EXAMPLE +3 -0
  337. data/etc/userland/vmware/jenkins/inject_build_envs.sh +15 -0
  338. data/etc/userland/vmware/jenkins/jenkins +81 -0
  339. data/etc/userland/vmware/jenkins/jobs/pipeline-pwntemplate.xml +298 -0
  340. data/etc/userland/vmware/jenkins/jobs/pipeline-selfupdate.xml +462 -0
  341. data/etc/userland/vmware/jenkins/jobs/pwntemplate-DOMAIN-arachni.xml +35 -0
  342. data/etc/userland/vmware/jenkins/jobs/pwntemplate-DOMAIN-burpsuite.xml +44 -0
  343. data/etc/userland/vmware/jenkins/jobs/pwntemplate-DOMAIN-owasp_zap.xml +35 -0
  344. data/etc/userland/vmware/jenkins/jobs/pwntemplate-DOMAIN-ssllabs-scan.xml +45 -0
  345. data/etc/userland/vmware/jenkins/jobs/pwntemplate-GITREPO_BRANCH-sast.xml +71 -0
  346. data/etc/userland/vmware/jenkins/jobs/pwntemplate-NETWORKRANGE-nmap_discovery_scan_tcp_udp_65k.xml +56 -0
  347. data/etc/userland/vmware/jenkins/jobs/pwntemplate-NETWORKRANGE-nmap_xml_results_searchsploit.xml +59 -0
  348. data/etc/userland/vmware/jenkins/jobs/pwntemplate-NETWORKRANGE-openvas.xml +45 -0
  349. data/etc/userland/vmware/jenkins/jobs/selfupdate-exploit-db.xml +43 -0
  350. data/etc/userland/vmware/jenkins/jobs/selfupdate-gem.xml +42 -0
  351. data/etc/userland/vmware/jenkins/jobs/selfupdate-jenkins_plugins.xml +42 -0
  352. data/etc/userland/vmware/jenkins/jobs/selfupdate-metasploit.xml +42 -0
  353. data/etc/userland/vmware/jenkins/jobs/selfupdate-nmap_all_live_hosts.xml +42 -0
  354. data/etc/userland/vmware/jenkins/jobs/selfupdate-openvas_sync.xml +42 -0
  355. data/etc/userland/vmware/jenkins/jobs/selfupdate-openvas_wrappers.xml +42 -0
  356. data/etc/userland/vmware/jenkins/jobs/selfupdate-os.xml +42 -0
  357. data/etc/userland/vmware/jenkins/jobs/selfupdate-pwn.xml +42 -0
  358. data/etc/userland/vmware/jenkins/jobs/selfupdate-rvm.xml +42 -0
  359. data/etc/userland/vmware/jenkins/jobs/selfupdate-ssllabs-scan.xml +42 -0
  360. data/etc/userland/vmware/jenkins/jobs/selfupdate-wpscan.xml +42 -0
  361. data/etc/userland/vmware/jenkins/jobs_userland/.gitkeep +0 -0
  362. data/etc/userland/vmware/jenkins/log_parser_rules/arachni.rules +5 -0
  363. data/etc/userland/vmware/jenkins/log_parser_rules/sast.rules +2 -0
  364. data/etc/userland/vmware/jenkins/log_parser_rules/self_update.rules +14 -0
  365. data/etc/userland/vmware/jenkins/log_parser_rules/ssllabs-scan.rules +8 -0
  366. data/etc/userland/vmware/jenkins/log_parser_rules/system_maintenance.rules +9 -0
  367. data/etc/userland/vmware/jenkins/log_parser_rules/wpscan.rules +2 -0
  368. data/etc/userland/vmware/jenkins/vagrant.yaml.EXAMPLE +8 -0
  369. data/etc/userland/vmware/letsencrypt/vagrant.yaml.EXAMPLE +5 -0
  370. data/etc/userland/vmware/metasploit/vagrant.yaml.EXAMPLE +4 -0
  371. data/etc/userland/vmware/nessus/vagrant.yaml.EXAMPLE +2 -0
  372. data/etc/userland/vmware/openvas/vagrant.yaml.EXAMPLE +2 -0
  373. data/etc/userland/vmware/owasp_zap/navigation.instruct.EXAMPLE +3 -0
  374. data/etc/userland/vmware/postgres/vagrant.yaml.EXAMPLE +2 -0
  375. data/etc/userland/vmware/recon-ng/vagrant.yaml.EXAMPLE +52 -0
  376. data/etc/userland/vmware/vagrant.yaml.EXAMPLE +5 -0
  377. data/find_latest_gem_versions_per_Gemfile.sh +11 -0
  378. data/git_commit_test_reinit_gem.sh +22 -0
  379. data/install.sh +180 -0
  380. data/lib/pwn/aws/acm.rb +92 -0
  381. data/lib/pwn/aws/api_gateway.rb +92 -0
  382. data/lib/pwn/aws/app_stream.rb +92 -0
  383. data/lib/pwn/aws/application_auto_scaling.rb +92 -0
  384. data/lib/pwn/aws/application_discovery_service.rb +92 -0
  385. data/lib/pwn/aws/auto_scaling.rb +92 -0
  386. data/lib/pwn/aws/batch.rb +92 -0
  387. data/lib/pwn/aws/budgets.rb +92 -0
  388. data/lib/pwn/aws/cloud_formation.rb +92 -0
  389. data/lib/pwn/aws/cloud_front.rb +92 -0
  390. data/lib/pwn/aws/cloud_hsm.rb +92 -0
  391. data/lib/pwn/aws/cloud_search.rb +92 -0
  392. data/lib/pwn/aws/cloud_search_domain.rb +92 -0
  393. data/lib/pwn/aws/cloud_trail.rb +92 -0
  394. data/lib/pwn/aws/cloud_watch.rb +92 -0
  395. data/lib/pwn/aws/cloud_watch_events.rb +92 -0
  396. data/lib/pwn/aws/cloud_watch_logs.rb +92 -0
  397. data/lib/pwn/aws/code_build.rb +92 -0
  398. data/lib/pwn/aws/code_commit.rb +92 -0
  399. data/lib/pwn/aws/code_deploy.rb +92 -0
  400. data/lib/pwn/aws/code_pipeline.rb +92 -0
  401. data/lib/pwn/aws/cognito_identity.rb +92 -0
  402. data/lib/pwn/aws/cognito_identity_provider.rb +92 -0
  403. data/lib/pwn/aws/cognito_sync.rb +92 -0
  404. data/lib/pwn/aws/config_service.rb +92 -0
  405. data/lib/pwn/aws/data_pipleline.rb +92 -0
  406. data/lib/pwn/aws/database_migration_service.rb +92 -0
  407. data/lib/pwn/aws/device_farm.rb +92 -0
  408. data/lib/pwn/aws/direct_connect.rb +92 -0
  409. data/lib/pwn/aws/directory_service.rb +92 -0
  410. data/lib/pwn/aws/dynamo_db.rb +92 -0
  411. data/lib/pwn/aws/dynamo_db_streams.rb +92 -0
  412. data/lib/pwn/aws/ec2.rb +92 -0
  413. data/lib/pwn/aws/ecr.rb +92 -0
  414. data/lib/pwn/aws/ecs.rb +92 -0
  415. data/lib/pwn/aws/efs.rb +92 -0
  416. data/lib/pwn/aws/elasti_cache.rb +92 -0
  417. data/lib/pwn/aws/elastic_beanstalk.rb +89 -0
  418. data/lib/pwn/aws/elastic_load_balancing.rb +92 -0
  419. data/lib/pwn/aws/elastic_load_balancing_v2.rb +92 -0
  420. data/lib/pwn/aws/elastic_transcoder.rb +92 -0
  421. data/lib/pwn/aws/elasticsearch_service.rb +92 -0
  422. data/lib/pwn/aws/emr.rb +92 -0
  423. data/lib/pwn/aws/firehose.rb +92 -0
  424. data/lib/pwn/aws/game_lift.rb +92 -0
  425. data/lib/pwn/aws/glacier.rb +92 -0
  426. data/lib/pwn/aws/health.rb +92 -0
  427. data/lib/pwn/aws/iam.rb +92 -0
  428. data/lib/pwn/aws/import_export.rb +92 -0
  429. data/lib/pwn/aws/inspector.rb +92 -0
  430. data/lib/pwn/aws/iot.rb +92 -0
  431. data/lib/pwn/aws/iot_data_plane.rb +92 -0
  432. data/lib/pwn/aws/kinesis.rb +92 -0
  433. data/lib/pwn/aws/kinesis_analytics.rb +92 -0
  434. data/lib/pwn/aws/kms.rb +92 -0
  435. data/lib/pwn/aws/lambda.rb +92 -0
  436. data/lib/pwn/aws/lambda_preview.rb +92 -0
  437. data/lib/pwn/aws/lex.rb +92 -0
  438. data/lib/pwn/aws/lightsail.rb +92 -0
  439. data/lib/pwn/aws/machine_learning.rb +92 -0
  440. data/lib/pwn/aws/marketplace_commerce_analytics.rb +92 -0
  441. data/lib/pwn/aws/marketplace_metering.rb +92 -0
  442. data/lib/pwn/aws/ops_works.rb +92 -0
  443. data/lib/pwn/aws/ops_works_cm.rb +92 -0
  444. data/lib/pwn/aws/pinpoint.rb +92 -0
  445. data/lib/pwn/aws/polly.rb +92 -0
  446. data/lib/pwn/aws/rds.rb +92 -0
  447. data/lib/pwn/aws/redshift.rb +92 -0
  448. data/lib/pwn/aws/rekognition.rb +92 -0
  449. data/lib/pwn/aws/route53.rb +92 -0
  450. data/lib/pwn/aws/route53_domains.rb +92 -0
  451. data/lib/pwn/aws/s3.rb +92 -0
  452. data/lib/pwn/aws/service_catalog.rb +92 -0
  453. data/lib/pwn/aws/ses.rb +92 -0
  454. data/lib/pwn/aws/shield.rb +92 -0
  455. data/lib/pwn/aws/simple_db.rb +92 -0
  456. data/lib/pwn/aws/sms.rb +92 -0
  457. data/lib/pwn/aws/snowball.rb +92 -0
  458. data/lib/pwn/aws/sns.rb +92 -0
  459. data/lib/pwn/aws/sqs.rb +92 -0
  460. data/lib/pwn/aws/ssm.rb +92 -0
  461. data/lib/pwn/aws/states.rb +92 -0
  462. data/lib/pwn/aws/storage_gateway.rb +92 -0
  463. data/lib/pwn/aws/sts.rb +63 -0
  464. data/lib/pwn/aws/support.rb +92 -0
  465. data/lib/pwn/aws/swf.rb +92 -0
  466. data/lib/pwn/aws/waf.rb +92 -0
  467. data/lib/pwn/aws/waf_regional.rb +92 -0
  468. data/lib/pwn/aws/workspaces.rb +92 -0
  469. data/lib/pwn/aws/x_ray.rb +92 -0
  470. data/lib/pwn/aws.rb +105 -0
  471. data/lib/pwn/ffi.rb +16 -0
  472. data/lib/pwn/plugins/android.rb +1616 -0
  473. data/lib/pwn/plugins/ansible_vault.rb +75 -0
  474. data/lib/pwn/plugins/authentication_helper.rb +79 -0
  475. data/lib/pwn/plugins/basic_auth.rb +63 -0
  476. data/lib/pwn/plugins/beef.rb +309 -0
  477. data/lib/pwn/plugins/burp_suite.rb +340 -0
  478. data/lib/pwn/plugins/bus_pirate.rb +150 -0
  479. data/lib/pwn/plugins/char.rb +459 -0
  480. data/lib/pwn/plugins/credit_card.rb +53 -0
  481. data/lib/pwn/plugins/dao_ldap.rb +131 -0
  482. data/lib/pwn/plugins/dao_mongo.rb +96 -0
  483. data/lib/pwn/plugins/dao_postgres.rb +224 -0
  484. data/lib/pwn/plugins/dao_sqlite3.rb +125 -0
  485. data/lib/pwn/plugins/defect_dojo.rb +759 -0
  486. data/lib/pwn/plugins/detect_os.rb +40 -0
  487. data/lib/pwn/plugins/ein.rb +141 -0
  488. data/lib/pwn/plugins/file_fu.rb +73 -0
  489. data/lib/pwn/plugins/fuzz.rb +206 -0
  490. data/lib/pwn/plugins/git.rb +166 -0
  491. data/lib/pwn/plugins/hacker_one.rb +152 -0
  492. data/lib/pwn/plugins/http_intercept_helper.rb +122 -0
  493. data/lib/pwn/plugins/ibm_appscan.rb +927 -0
  494. data/lib/pwn/plugins/ip_info.rb +100 -0
  495. data/lib/pwn/plugins/jenkins.rb +545 -0
  496. data/lib/pwn/plugins/json_pathify.rb +46 -0
  497. data/lib/pwn/plugins/mail_agent.rb +344 -0
  498. data/lib/pwn/plugins/metasploit.rb +151 -0
  499. data/lib/pwn/plugins/nessus_cloud.rb +325 -0
  500. data/lib/pwn/plugins/nexpose_vuln_scan.rb +356 -0
  501. data/lib/pwn/plugins/nmap_it.rb +99 -0
  502. data/lib/pwn/plugins/oauth2.rb +67 -0
  503. data/lib/pwn/plugins/ocr.rb +43 -0
  504. data/lib/pwn/plugins/openvas.rb +308 -0
  505. data/lib/pwn/plugins/owasp_zap.rb +550 -0
  506. data/lib/pwn/plugins/packet.rb +1271 -0
  507. data/lib/pwn/plugins/pdf_parse.rb +53 -0
  508. data/lib/pwn/plugins/pony.rb +282 -0
  509. data/lib/pwn/plugins/pwn_logger.rb +46 -0
  510. data/lib/pwn/plugins/rabbit_mq_hole.rb +66 -0
  511. data/lib/pwn/plugins/rfidler.rb +58 -0
  512. data/lib/pwn/plugins/serial.rb +268 -0
  513. data/lib/pwn/plugins/shodan.rb +566 -0
  514. data/lib/pwn/plugins/slack_client.rb +104 -0
  515. data/lib/pwn/plugins/sock.rb +156 -0
  516. data/lib/pwn/plugins/son_micro_rfid.rb +432 -0
  517. data/lib/pwn/plugins/spider.rb +80 -0
  518. data/lib/pwn/plugins/ssn.rb +52 -0
  519. data/lib/pwn/plugins/thread_pool.rb +71 -0
  520. data/lib/pwn/plugins/transparent_browser.rb +337 -0
  521. data/lib/pwn/plugins/twitter_api.rb +148 -0
  522. data/lib/pwn/plugins/uri_scheme.rb +328 -0
  523. data/lib/pwn/plugins/vsphere.rb +82 -0
  524. data/lib/pwn/plugins.rb +66 -0
  525. data/lib/pwn/reports/fuzz.rb +270 -0
  526. data/lib/pwn/reports/sast.rb +306 -0
  527. data/lib/pwn/reports.rb +21 -0
  528. data/lib/pwn/sast/amqp_connect_as_guest.rb +140 -0
  529. data/lib/pwn/sast/apache_file_system_util_api.rb +137 -0
  530. data/lib/pwn/sast/aws.rb +142 -0
  531. data/lib/pwn/sast/banned_function_calls_c.rb +265 -0
  532. data/lib/pwn/sast/base64.rb +143 -0
  533. data/lib/pwn/sast/beef_hook.rb +137 -0
  534. data/lib/pwn/sast/cmd_execution_java.rb +142 -0
  535. data/lib/pwn/sast/cmd_execution_python.rb +144 -0
  536. data/lib/pwn/sast/cmd_execution_ruby.rb +152 -0
  537. data/lib/pwn/sast/cmd_execution_scala.rb +142 -0
  538. data/lib/pwn/sast/csrf.rb +136 -0
  539. data/lib/pwn/sast/deserial_java.rb +135 -0
  540. data/lib/pwn/sast/emoticon.rb +145 -0
  541. data/lib/pwn/sast/eval.rb +140 -0
  542. data/lib/pwn/sast/factory.rb +135 -0
  543. data/lib/pwn/sast/file_permission.rb +142 -0
  544. data/lib/pwn/sast/inner_html.rb +140 -0
  545. data/lib/pwn/sast/keystore.rb +137 -0
  546. data/lib/pwn/sast/location_hash.rb +140 -0
  547. data/lib/pwn/sast/log4j.rb +140 -0
  548. data/lib/pwn/sast/logger.rb +155 -0
  549. data/lib/pwn/sast/outer_html.rb +140 -0
  550. data/lib/pwn/sast/password.rb +140 -0
  551. data/lib/pwn/sast/pom_version.rb +144 -0
  552. data/lib/pwn/sast/port.rb +147 -0
  553. data/lib/pwn/sast/private_key.rb +140 -0
  554. data/lib/pwn/sast/redirect.rb +142 -0
  555. data/lib/pwn/sast/redos.rb +147 -0
  556. data/lib/pwn/sast/shell.rb +148 -0
  557. data/lib/pwn/sast/sql.rb +144 -0
  558. data/lib/pwn/sast/ssl.rb +137 -0
  559. data/lib/pwn/sast/sudo.rb +140 -0
  560. data/lib/pwn/sast/task_tag.rb +154 -0
  561. data/lib/pwn/sast/throw_errors.rb +139 -0
  562. data/lib/pwn/sast/token.rb +137 -0
  563. data/lib/pwn/sast/version.rb +137 -0
  564. data/lib/pwn/sast/window_location_hash.rb +139 -0
  565. data/lib/pwn/sast.rb +53 -0
  566. data/lib/pwn/version.rb +5 -0
  567. data/lib/pwn/www/app_cobalt_io.rb +168 -0
  568. data/lib/pwn/www/bing.rb +119 -0
  569. data/lib/pwn/www/bug_crowd.rb +165 -0
  570. data/lib/pwn/www/checkip.rb +101 -0
  571. data/lib/pwn/www/duckduckgo.rb +141 -0
  572. data/lib/pwn/www/facebook.rb +153 -0
  573. data/lib/pwn/www/google.rb +145 -0
  574. data/lib/pwn/www/hacker_one.rb +153 -0
  575. data/lib/pwn/www/linkedin.rb +153 -0
  576. data/lib/pwn/www/pandora.rb +153 -0
  577. data/lib/pwn/www/pastebin.rb +114 -0
  578. data/lib/pwn/www/paypal.rb +235 -0
  579. data/lib/pwn/www/synack.rb +165 -0
  580. data/lib/pwn/www/torch.rb +138 -0
  581. data/lib/pwn/www/twitter.rb +165 -0
  582. data/lib/pwn/www/uber.rb +153 -0
  583. data/lib/pwn/www/upwork.rb +153 -0
  584. data/lib/pwn/www/youtube.rb +119 -0
  585. data/lib/pwn/www.rb +33 -0
  586. data/lib/pwn.rb +24 -0
  587. data/packer/daemons/msfrpcd.rb +64 -0
  588. data/packer/daemons/openvas.rb +51 -0
  589. data/packer/deploy_docker_containers.sh +9 -0
  590. data/packer/deploy_packer_box.sh +87 -0
  591. data/packer/docker/kali_rolling_docker_pwn_fuzz_net_app_proto.json +44 -0
  592. data/packer/docker/kali_rolling_docker_pwn_prototyper.json +48 -0
  593. data/packer/docker/kali_rolling_docker_pwn_sast.json +44 -0
  594. data/packer/docker/kali_rolling_docker_pwn_transparent_browser.json +46 -0
  595. data/packer/docker/kali_rolling_docker_pwn_www_checkip.json +34 -0
  596. data/packer/http/kali_rolling_preseed.cfg +81 -0
  597. data/packer/kali_rolling_aws_ami.json +135 -0
  598. data/packer/kali_rolling_qemu_kvm.json +155 -0
  599. data/packer/kali_rolling_virtualbox.json +182 -0
  600. data/packer/kali_rolling_vmware.json +163 -0
  601. data/packer/packer_secrets.json.EXAMPLE +9 -0
  602. data/packer/provisioners/PayloadsAllTheThings.sh +5 -0
  603. data/packer/provisioners/SecLists.sh +5 -0
  604. data/packer/provisioners/afl.sh +28 -0
  605. data/packer/provisioners/aliases.rb +18 -0
  606. data/packer/provisioners/amass.sh +5 -0
  607. data/packer/provisioners/android.sh +18 -0
  608. data/packer/provisioners/ansible.sh +5 -0
  609. data/packer/provisioners/apache2.sh +24 -0
  610. data/packer/provisioners/arachni.sh +28 -0
  611. data/packer/provisioners/awscli.sh +5 -0
  612. data/packer/provisioners/bashrc.sh +13 -0
  613. data/packer/provisioners/beef.rb +23 -0
  614. data/packer/provisioners/burpsuite.sh +23 -0
  615. data/packer/provisioners/chrome.sh +11 -0
  616. data/packer/provisioners/coreutils.sh +6 -0
  617. data/packer/provisioners/curl.sh +6 -0
  618. data/packer/provisioners/docker.sh +43 -0
  619. data/packer/provisioners/docker_bashrc.sh +2 -0
  620. data/packer/provisioners/docker_rvm.sh +22 -0
  621. data/packer/provisioners/eyewitness.sh +5 -0
  622. data/packer/provisioners/ffmpeg.sh +6 -0
  623. data/packer/provisioners/firefox.sh +7 -0
  624. data/packer/provisioners/fuzzdb.sh +5 -0
  625. data/packer/provisioners/gdb.sh +5 -0
  626. data/packer/provisioners/geckodriver.sh +9 -0
  627. data/packer/provisioners/ghidra.sh +5 -0
  628. data/packer/provisioners/git.sh +6 -0
  629. data/packer/provisioners/init_image.sh +103 -0
  630. data/packer/provisioners/install_vagrant_ssh_key.sh +15 -0
  631. data/packer/provisioners/jenkins.sh +62 -0
  632. data/packer/provisioners/metasploit.rb +59 -0
  633. data/packer/provisioners/nmap_all_live_hosts.sh +8 -0
  634. data/packer/provisioners/openvas.sh +23 -0
  635. data/packer/provisioners/openvas_wrappers.sh +4 -0
  636. data/packer/provisioners/openvpn.sh +7 -0
  637. data/packer/provisioners/peda.sh +4 -0
  638. data/packer/provisioners/phantomjs.rb +28 -0
  639. data/packer/provisioners/phantomjs_wrapper.sh +22 -0
  640. data/packer/provisioners/post_install.sh +41 -0
  641. data/packer/provisioners/postgresql.sh +49 -0
  642. data/packer/provisioners/preeny.sh +8 -0
  643. data/packer/provisioners/pwn.sh +89 -0
  644. data/packer/provisioners/pwntools.sh +13 -0
  645. data/packer/provisioners/radamsa.sh +7 -0
  646. data/packer/provisioners/rc.local.sh +16 -0
  647. data/packer/provisioners/reboot_os.sh +7 -0
  648. data/packer/provisioners/ruby.sh +36 -0
  649. data/packer/provisioners/rvm.sh +30 -0
  650. data/packer/provisioners/scapy.sh +5 -0
  651. data/packer/provisioners/scout2.sh +5 -0
  652. data/packer/provisioners/sox.sh +5 -0
  653. data/packer/provisioners/ssllabs-scan.sh +9 -0
  654. data/packer/provisioners/strace.sh +5 -0
  655. data/packer/provisioners/sublist3r.sh +5 -0
  656. data/packer/provisioners/terminator.sh +5 -0
  657. data/packer/provisioners/toggle_tor.sh +2 -0
  658. data/packer/provisioners/tor.sh +5 -0
  659. data/packer/provisioners/twinkle.sh +6 -0
  660. data/packer/provisioners/update_os.sh +108 -0
  661. data/packer/provisioners/upload_globals.sh +55 -0
  662. data/packer/provisioners/vim.sh +19 -0
  663. data/packer/provisioners/virtualbox_guest_additions.sh +20 -0
  664. data/packer/provisioners/vmware_tools.sh +8 -0
  665. data/packer/provisioners/wpscan.rb +23 -0
  666. data/packer/provisioners/xrdp.sh +22 -0
  667. data/packer/provisioners/zzuf.sh +5 -0
  668. data/pwn.gemspec +34 -0
  669. data/reinstall_pwn_gemset.sh +31 -0
  670. data/spec/lib/pwn/aws/acm_spec.rb +15 -0
  671. data/spec/lib/pwn/aws/api_gateway_spec.rb +15 -0
  672. data/spec/lib/pwn/aws/app_stream_spec.rb +15 -0
  673. data/spec/lib/pwn/aws/application_auto_scaling_spec.rb +15 -0
  674. data/spec/lib/pwn/aws/application_discovery_service_spec.rb +15 -0
  675. data/spec/lib/pwn/aws/auto_scaling_spec.rb +15 -0
  676. data/spec/lib/pwn/aws/batch_spec.rb +15 -0
  677. data/spec/lib/pwn/aws/budgets_spec.rb +15 -0
  678. data/spec/lib/pwn/aws/cloud_formation_spec.rb +15 -0
  679. data/spec/lib/pwn/aws/cloud_front_spec.rb +15 -0
  680. data/spec/lib/pwn/aws/cloud_hsm_spec.rb +15 -0
  681. data/spec/lib/pwn/aws/cloud_search_domain_spec.rb +15 -0
  682. data/spec/lib/pwn/aws/cloud_search_spec.rb +15 -0
  683. data/spec/lib/pwn/aws/cloud_trail_spec.rb +15 -0
  684. data/spec/lib/pwn/aws/cloud_watch_events_spec.rb +15 -0
  685. data/spec/lib/pwn/aws/cloud_watch_logs_spec.rb +15 -0
  686. data/spec/lib/pwn/aws/cloud_watch_spec.rb +15 -0
  687. data/spec/lib/pwn/aws/code_build_spec.rb +15 -0
  688. data/spec/lib/pwn/aws/code_commit_spec.rb +15 -0
  689. data/spec/lib/pwn/aws/code_deploy_spec.rb +15 -0
  690. data/spec/lib/pwn/aws/code_pipeline_spec.rb +15 -0
  691. data/spec/lib/pwn/aws/cognito_identity_provider_spec.rb +15 -0
  692. data/spec/lib/pwn/aws/cognito_identity_spec.rb +15 -0
  693. data/spec/lib/pwn/aws/cognito_sync_spec.rb +15 -0
  694. data/spec/lib/pwn/aws/config_service_spec.rb +15 -0
  695. data/spec/lib/pwn/aws/data_pipleline_spec.rb +15 -0
  696. data/spec/lib/pwn/aws/database_migration_service_spec.rb +15 -0
  697. data/spec/lib/pwn/aws/device_farm_spec.rb +15 -0
  698. data/spec/lib/pwn/aws/direct_connect_spec.rb +15 -0
  699. data/spec/lib/pwn/aws/directory_service_spec.rb +15 -0
  700. data/spec/lib/pwn/aws/dynamo_db_spec.rb +15 -0
  701. data/spec/lib/pwn/aws/dynamo_db_streams_spec.rb +15 -0
  702. data/spec/lib/pwn/aws/ec2_spec.rb +15 -0
  703. data/spec/lib/pwn/aws/ecr_spec.rb +15 -0
  704. data/spec/lib/pwn/aws/ecs_spec.rb +15 -0
  705. data/spec/lib/pwn/aws/efs_spec.rb +15 -0
  706. data/spec/lib/pwn/aws/elasti_cache_spec.rb +15 -0
  707. data/spec/lib/pwn/aws/elastic_beanstalk_spec.rb +15 -0
  708. data/spec/lib/pwn/aws/elastic_load_balancing_spec.rb +15 -0
  709. data/spec/lib/pwn/aws/elastic_load_balancing_v2_spec.rb +15 -0
  710. data/spec/lib/pwn/aws/elastic_transcoder_spec.rb +15 -0
  711. data/spec/lib/pwn/aws/elasticsearch_service_spec.rb +15 -0
  712. data/spec/lib/pwn/aws/emr_spec.rb +15 -0
  713. data/spec/lib/pwn/aws/firehose_spec.rb +15 -0
  714. data/spec/lib/pwn/aws/game_lift_spec.rb +15 -0
  715. data/spec/lib/pwn/aws/glacier_spec.rb +15 -0
  716. data/spec/lib/pwn/aws/health_spec.rb +15 -0
  717. data/spec/lib/pwn/aws/iam_spec.rb +15 -0
  718. data/spec/lib/pwn/aws/import_export_spec.rb +15 -0
  719. data/spec/lib/pwn/aws/inspector_spec.rb +15 -0
  720. data/spec/lib/pwn/aws/iot_data_plane_spec.rb +15 -0
  721. data/spec/lib/pwn/aws/iot_spec.rb +15 -0
  722. data/spec/lib/pwn/aws/kinesis_analytics_spec.rb +15 -0
  723. data/spec/lib/pwn/aws/kinesis_spec.rb +15 -0
  724. data/spec/lib/pwn/aws/kms_spec.rb +15 -0
  725. data/spec/lib/pwn/aws/lambda_preview_spec.rb +15 -0
  726. data/spec/lib/pwn/aws/lambda_spec.rb +15 -0
  727. data/spec/lib/pwn/aws/lex_spec.rb +15 -0
  728. data/spec/lib/pwn/aws/lightsail_spec.rb +15 -0
  729. data/spec/lib/pwn/aws/machine_learning_spec.rb +15 -0
  730. data/spec/lib/pwn/aws/marketplace_commerce_analytics_spec.rb +15 -0
  731. data/spec/lib/pwn/aws/marketplace_metering_spec.rb +15 -0
  732. data/spec/lib/pwn/aws/ops_works_cm_spec.rb +15 -0
  733. data/spec/lib/pwn/aws/ops_works_spec.rb +15 -0
  734. data/spec/lib/pwn/aws/pinpoint_spec.rb +15 -0
  735. data/spec/lib/pwn/aws/polly_spec.rb +15 -0
  736. data/spec/lib/pwn/aws/rds_spec.rb +15 -0
  737. data/spec/lib/pwn/aws/redshift_spec.rb +15 -0
  738. data/spec/lib/pwn/aws/rekognition_spec.rb +15 -0
  739. data/spec/lib/pwn/aws/route53_domains_spec.rb +15 -0
  740. data/spec/lib/pwn/aws/route53_spec.rb +15 -0
  741. data/spec/lib/pwn/aws/s3_spec.rb +15 -0
  742. data/spec/lib/pwn/aws/service_catalog_spec.rb +15 -0
  743. data/spec/lib/pwn/aws/ses_spec.rb +15 -0
  744. data/spec/lib/pwn/aws/shield_spec.rb +15 -0
  745. data/spec/lib/pwn/aws/simple_db_spec.rb +15 -0
  746. data/spec/lib/pwn/aws/sms_spec.rb +15 -0
  747. data/spec/lib/pwn/aws/snowball_spec.rb +15 -0
  748. data/spec/lib/pwn/aws/sns_spec.rb +15 -0
  749. data/spec/lib/pwn/aws/sqs_spec.rb +15 -0
  750. data/spec/lib/pwn/aws/ssm_spec.rb +15 -0
  751. data/spec/lib/pwn/aws/states_spec.rb +15 -0
  752. data/spec/lib/pwn/aws/storage_gateway_spec.rb +15 -0
  753. data/spec/lib/pwn/aws/sts_spec.rb +15 -0
  754. data/spec/lib/pwn/aws/support_spec.rb +15 -0
  755. data/spec/lib/pwn/aws/swf_spec.rb +15 -0
  756. data/spec/lib/pwn/aws/waf_regional_spec.rb +15 -0
  757. data/spec/lib/pwn/aws/waf_spec.rb +15 -0
  758. data/spec/lib/pwn/aws/workspaces_spec.rb +15 -0
  759. data/spec/lib/pwn/aws/x_ray_spec.rb +15 -0
  760. data/spec/lib/pwn/aws_spec.rb +10 -0
  761. data/spec/lib/pwn/ffi_spec.rb +10 -0
  762. data/spec/lib/pwn/plugins/android_spec.rb +15 -0
  763. data/spec/lib/pwn/plugins/authentication_helper_spec.rb +15 -0
  764. data/spec/lib/pwn/plugins/basic_auth_spec.rb +15 -0
  765. data/spec/lib/pwn/plugins/beef_spec.rb +15 -0
  766. data/spec/lib/pwn/plugins/burp_suite_spec.rb +15 -0
  767. data/spec/lib/pwn/plugins/bus_pirate_spec.rb +15 -0
  768. data/spec/lib/pwn/plugins/char_spec.rb +15 -0
  769. data/spec/lib/pwn/plugins/credit_card_spec.rb +15 -0
  770. data/spec/lib/pwn/plugins/dao_ldap_spec.rb +15 -0
  771. data/spec/lib/pwn/plugins/dao_mongo_spec.rb +15 -0
  772. data/spec/lib/pwn/plugins/dao_postgres_spec.rb +15 -0
  773. data/spec/lib/pwn/plugins/dao_sqlite3_spec.rb +15 -0
  774. data/spec/lib/pwn/plugins/defect_dojo_spec.rb +15 -0
  775. data/spec/lib/pwn/plugins/detect_os_spec.rb +15 -0
  776. data/spec/lib/pwn/plugins/ein_spec.rb +15 -0
  777. data/spec/lib/pwn/plugins/file_fu_spec.rb +15 -0
  778. data/spec/lib/pwn/plugins/fuzz_spec.rb +15 -0
  779. data/spec/lib/pwn/plugins/git_spec.rb +15 -0
  780. data/spec/lib/pwn/plugins/hacker_one_spec.rb +15 -0
  781. data/spec/lib/pwn/plugins/ibm_appscan_spec.rb +15 -0
  782. data/spec/lib/pwn/plugins/ip_info_spec.rb +15 -0
  783. data/spec/lib/pwn/plugins/jenkins_spec.rb +15 -0
  784. data/spec/lib/pwn/plugins/json_pathify_spec.rb +15 -0
  785. data/spec/lib/pwn/plugins/mail_agent_spec.rb +15 -0
  786. data/spec/lib/pwn/plugins/metasploit_spec.rb +15 -0
  787. data/spec/lib/pwn/plugins/nessus_cloud_spec.rb +15 -0
  788. data/spec/lib/pwn/plugins/nexpose_vuln_scan_spec.rb +15 -0
  789. data/spec/lib/pwn/plugins/nmap_it_spec.rb +15 -0
  790. data/spec/lib/pwn/plugins/oauth2_spec.rb +15 -0
  791. data/spec/lib/pwn/plugins/ocr_spec.rb +15 -0
  792. data/spec/lib/pwn/plugins/openvas_spec.rb +15 -0
  793. data/spec/lib/pwn/plugins/owasp_zap_spec.rb +15 -0
  794. data/spec/lib/pwn/plugins/packet_spec.rb +15 -0
  795. data/spec/lib/pwn/plugins/pdf_parse_spec.rb +15 -0
  796. data/spec/lib/pwn/plugins/pony_spec.rb +15 -0
  797. data/spec/lib/pwn/plugins/rabbit_mq_hole_spec.rb +15 -0
  798. data/spec/lib/pwn/plugins/rfidler_spec.rb +15 -0
  799. data/spec/lib/pwn/plugins/serial_spec.rb +15 -0
  800. data/spec/lib/pwn/plugins/shodan_spec.rb +15 -0
  801. data/spec/lib/pwn/plugins/slack_client_spec.rb +15 -0
  802. data/spec/lib/pwn/plugins/sock_spec.rb +15 -0
  803. data/spec/lib/pwn/plugins/son_micro_rfid_spec.rb +15 -0
  804. data/spec/lib/pwn/plugins/spider_spec.rb +15 -0
  805. data/spec/lib/pwn/plugins/ssn_spec.rb +15 -0
  806. data/spec/lib/pwn/plugins/thread_pool_spec.rb +15 -0
  807. data/spec/lib/pwn/plugins/transparent_browser_spec.rb +15 -0
  808. data/spec/lib/pwn/plugins/twitter_api_spec.rb +15 -0
  809. data/spec/lib/pwn/plugins/uri_scheme_spec.rb +15 -0
  810. data/spec/lib/pwn/plugins/vsphere_spec.rb +15 -0
  811. data/spec/lib/pwn/plugins_spec.rb +10 -0
  812. data/spec/lib/pwn/reports/fuzz_spec.rb +15 -0
  813. data/spec/lib/pwn/reports/sast_spec.rb +15 -0
  814. data/spec/lib/pwn/reports_spec.rb +10 -0
  815. data/spec/lib/pwn/sast/amqp_connect_as_guest_spec.rb +25 -0
  816. data/spec/lib/pwn/sast/apache_file_system_util_api_spec.rb +25 -0
  817. data/spec/lib/pwn/sast/aws_spec.rb +25 -0
  818. data/spec/lib/pwn/sast/banned_function_calls_c_spec.rb +25 -0
  819. data/spec/lib/pwn/sast/base64_spec.rb +25 -0
  820. data/spec/lib/pwn/sast/beef_hook_spec.rb +25 -0
  821. data/spec/lib/pwn/sast/cmd_execution_java_spec.rb +25 -0
  822. data/spec/lib/pwn/sast/cmd_execution_python_spec.rb +25 -0
  823. data/spec/lib/pwn/sast/cmd_execution_ruby_spec.rb +25 -0
  824. data/spec/lib/pwn/sast/cmd_execution_scala_spec.rb +25 -0
  825. data/spec/lib/pwn/sast/csrf_spec.rb +25 -0
  826. data/spec/lib/pwn/sast/deserial_java_spec.rb +25 -0
  827. data/spec/lib/pwn/sast/emoticon_spec.rb +25 -0
  828. data/spec/lib/pwn/sast/eval_spec.rb +25 -0
  829. data/spec/lib/pwn/sast/factory_spec.rb +25 -0
  830. data/spec/lib/pwn/sast/file_permission_spec.rb +25 -0
  831. data/spec/lib/pwn/sast/inner_html_spec.rb +25 -0
  832. data/spec/lib/pwn/sast/keystore_spec.rb +25 -0
  833. data/spec/lib/pwn/sast/location_hash_spec.rb +25 -0
  834. data/spec/lib/pwn/sast/log4j_spec.rb +25 -0
  835. data/spec/lib/pwn/sast/logger_spec.rb +25 -0
  836. data/spec/lib/pwn/sast/password_spec.rb +25 -0
  837. data/spec/lib/pwn/sast/pom_version_spec.rb +25 -0
  838. data/spec/lib/pwn/sast/port_spec.rb +25 -0
  839. data/spec/lib/pwn/sast/private_key_spec.rb +25 -0
  840. data/spec/lib/pwn/sast/redirect_spec.rb +25 -0
  841. data/spec/lib/pwn/sast/redos_spec.rb +25 -0
  842. data/spec/lib/pwn/sast/shell_spec.rb +25 -0
  843. data/spec/lib/pwn/sast/sql_spec.rb +25 -0
  844. data/spec/lib/pwn/sast/ssl_spec.rb +25 -0
  845. data/spec/lib/pwn/sast/sudo_spec.rb +25 -0
  846. data/spec/lib/pwn/sast/task_tag_spec.rb +25 -0
  847. data/spec/lib/pwn/sast/throw_errors_spec.rb +25 -0
  848. data/spec/lib/pwn/sast/token_spec.rb +25 -0
  849. data/spec/lib/pwn/sast/version_spec.rb +25 -0
  850. data/spec/lib/pwn/sast/window_location_hash_spec.rb +25 -0
  851. data/spec/lib/pwn/sast_spec.rb +10 -0
  852. data/spec/lib/pwn/www/app_cobalt_io_spec.rb +15 -0
  853. data/spec/lib/pwn/www/bing_spec.rb +15 -0
  854. data/spec/lib/pwn/www/bug_crowd.rb +15 -0
  855. data/spec/lib/pwn/www/checkip_spec.rb +15 -0
  856. data/spec/lib/pwn/www/duckduckgo_spec.rb +15 -0
  857. data/spec/lib/pwn/www/facebook_spec.rb +15 -0
  858. data/spec/lib/pwn/www/google_spec.rb +15 -0
  859. data/spec/lib/pwn/www/hacker_one_spec.rb +15 -0
  860. data/spec/lib/pwn/www/linkedin_spec.rb +15 -0
  861. data/spec/lib/pwn/www/pandora_spec.rb +15 -0
  862. data/spec/lib/pwn/www/pastebin_spec.rb +15 -0
  863. data/spec/lib/pwn/www/paypal_spec.rb +15 -0
  864. data/spec/lib/pwn/www/synack_spec.rb +15 -0
  865. data/spec/lib/pwn/www/torch_spec.rb +15 -0
  866. data/spec/lib/pwn/www/twitter_spec.rb +15 -0
  867. data/spec/lib/pwn/www/uber_spec.rb +15 -0
  868. data/spec/lib/pwn/www/upwork_spec.rb +15 -0
  869. data/spec/lib/pwn/www/youtube_spec.rb +15 -0
  870. data/spec/lib/pwn/www_spec.rb +10 -0
  871. data/spec/lib/pwn_spec.rb +10 -0
  872. data/spec/spec_helper.rb +3 -0
  873. data/third_party/.gitkeep +0 -0
  874. data/update_pwn.sh +15 -0
  875. data/upgrade_ruby.sh +46 -0
  876. data/vagrant/provisioners/apache2.sh +76 -0
  877. data/vagrant/provisioners/beef.rb +30 -0
  878. data/vagrant/provisioners/burpsuite_pro.rb +37 -0
  879. data/vagrant/provisioners/exploit-db.sh +2 -0
  880. data/vagrant/provisioners/gem.sh +4 -0
  881. data/vagrant/provisioners/init_env.sh +22 -0
  882. data/vagrant/provisioners/jenkins.sh +87 -0
  883. data/vagrant/provisioners/jenkins_ssh-keygen.rb +86 -0
  884. data/vagrant/provisioners/kali_customize.rb +130 -0
  885. data/vagrant/provisioners/letsencrypt.rb +35 -0
  886. data/vagrant/provisioners/metasploit.rb +25 -0
  887. data/vagrant/provisioners/nmap_all_live_hosts.sh +2 -0
  888. data/vagrant/provisioners/openvas.sh +23 -0
  889. data/vagrant/provisioners/openvas_wrappers.sh +2 -0
  890. data/vagrant/provisioners/post_install.sh +14 -0
  891. data/vagrant/provisioners/postgres.sh +22 -0
  892. data/vagrant/provisioners/pwn.sh +15 -0
  893. data/vagrant/provisioners/rvm.sh +18 -0
  894. data/vagrant/provisioners/ssllabs-scan.sh +10 -0
  895. data/vagrant/provisioners/toggle_tor.sh +2 -0
  896. data/vagrant/provisioners/update_jenkins_plugins.rb +30 -0
  897. data/vagrant/provisioners/update_os.sh +108 -0
  898. data/vagrant/provisioners/upload_globals.sh +55 -0
  899. data/vagrant/provisioners/userland_fdisk.sh +22 -0
  900. data/vagrant/provisioners/userland_lvm.sh +5 -0
  901. data/vagrant/provisioners/wpscan.rb +25 -0
  902. data/vagrant_rsync_third_party.lst +1 -0
  903. data/vagrant_rsync_userland_template.lst +8 -0
  904. metadata +1245 -0
data/lib/pwn/plugins/nessus_cloud.rb ADDED
@@ -0,0 +1,325 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'json'
4
+
5
+ module PWN
6
+ module Plugins
7
+ # This plugin is used for interacting w/ the Tenable.io REST API (i.e. Nessus Cloud)
8
+ module NessusCloud
9
+ @@logger = PWN::Plugins::PWNLogger.create
10
+
11
+ # Supported Method Parameters::
12
+ # nessus_cloud_rest_call(
13
+ # nessus_obj: 'required nessus_obj returned from #start method',
14
+ # rest_call: 'required rest call to make per the schema',
15
+ # http_method: 'optional HTTP method (defaults to GET)
16
+ # http_body: 'optional HTTP body sent in HTTP methods that support it e.g. POST'
17
+ # )
18
+
19
+ private_class_method def self.nessus_cloud_rest_call(opts = {})
20
+ nessus_obj = opts[:nessus_obj]
21
+ rest_call = opts[:rest_call].to_s.scrub
22
+ http_method = if opts[:http_method].nil?
23
+ :get
24
+ else
25
+ opts[:http_method].to_s.scrub.to_sym
26
+ end
27
+ params = opts[:params]
28
+ http_body = opts[:http_body].to_s.scrub
29
+ access_key = nessus_obj[:access_key]
30
+ secret_key = nessus_obj[:secret_key]
31
+ base_nessus_cloud_api_uri = 'https://cloud.tenable.com'
32
+
33
+ rest_client = PWN::Plugins::TransparentBrowser.open(browser_type: :rest)::Request
34
+
35
+ case http_method
36
+ when :get
37
+ response = rest_client.execute(
38
+ method: :get,
39
+ url: "#{base_nessus_cloud_api_uri}/#{rest_call}",
40
+ headers: {
41
+ x_apikeys: "accessKey=#{access_key}; secretKey=#{secret_key}",
42
+ accept: 'application/json',
43
+ content_type: 'application/json; charset=UTF-8',
44
+ params: params
45
+ },
46
+ verify_ssl: false
47
+ )
48
+
49
+ when :post
50
+ response = rest_client.execute(
51
+ method: :post,
52
+ url: "#{base_nessus_cloud_api_uri}/#{rest_call}",
53
+ headers: {
54
+ x_apikeys: "accessKey=#{access_key}; secretKey=#{secret_key}",
55
+ accept: 'application/json',
56
+ content_type: 'application/json; charset=UTF-8'
57
+ },
58
+ payload: http_body,
59
+ verify_ssl: false
60
+ )
61
+
62
+ else
63
+ raise @@logger.error("Unsupported HTTP Method #{http_method} for #{self} Plugin")
64
+ end
65
+
66
+ sleep 3
67
+
68
+ response
69
+ rescue StandardError, SystemExit, Interrupt => e
70
+ raise e
71
+ end
72
+
73
+ # Supported Method Parameters::
74
+ # PWN::Plugins::NessusCloud.login(
75
+ # access_key: 'required - API access key (will prompt if blank)',
76
+ # secret_key: 'required - API secret key (will prompt if blank)'
77
+ # )
78
+
79
+ public_class_method def self.login(opts = {})
80
+ access_key = opts[:access_key]
81
+ access_key = PWN::Plugins::AuthenticationHelper.mask_password(prompt: 'Access Key') if opts[:access_key].nil?
82
+
83
+ secret_key = opts[:secret_key]
84
+ secret_key = PWN::Plugins::AuthenticationHelper.mask_password(prompt: 'Secret Key') if opts[:secret_key].nil?
85
+
86
+ nessus_obj = {}
87
+ nessus_obj[:access_key] = access_key
88
+ nessus_obj[:secret_key] = secret_key
89
+
90
+ nessus_obj
91
+ rescue StandardError, SystemExit, Interrupt => e
92
+ raise e
93
+ end
94
+
95
+ # Supported Method Parameters::
96
+ # PWN::Plugins::NessusCloud.list_scans(
97
+ # nessus_obj: 'required - nessus_obj returned from #login method'
98
+ # )
99
+
100
+ public_class_method def self.list_scans(opts = {})
101
+ nessus_obj = opts[:nessus_obj]
102
+
103
+ scans_resp = nessus_cloud_rest_call(
104
+ nessus_obj: nessus_obj,
105
+ rest_call: 'scans'
106
+ ).body
107
+
108
+ JSON.parse(scans_resp, symbolize_names: true)
109
+ rescue StandardError, SystemExit, Interrupt => e
110
+ raise e
111
+ end
112
+
113
+ # Supported Method Parameters::
114
+ # PWN::Plugins::NessusCloud.launch_scan(
115
+ # nessus_obj: 'required - nessus_obj returned from #login method',
116
+ # scan_id: 'required - scan id to launch'
117
+ # )
118
+
119
+ public_class_method def self.launch_scan(opts = {})
120
+ nessus_obj = opts[:nessus_obj]
121
+ scan_id = opts[:scan_id]
122
+
123
+ launch_scan_resp = nessus_cloud_rest_call(
124
+ http_method: :post,
125
+ nessus_obj: nessus_obj,
126
+ rest_call: "scans/#{scan_id}/launch"
127
+ ).body
128
+
129
+ JSON.parse(launch_scan_resp, symbolize_names: true)
130
+ rescue StandardError, SystemExit, Interrupt => e
131
+ raise e
132
+ end
133
+
134
+ # Supported Method Parameters::
135
+ # PWN::Plugins::NessusCloud.get_scan_status(
136
+ # nessus_obj: 'required - nessus_obj returned from #login method',
137
+ # scan_id: 'required - scan id to retrieve status'
138
+ # )
139
+
140
+ public_class_method def self.get_scan_status(opts = {})
141
+ nessus_obj = opts[:nessus_obj]
142
+ scan_id = opts[:scan_id]
143
+
144
+ scan_status_resp = nessus_cloud_rest_call(
145
+ nessus_obj: nessus_obj,
146
+ rest_call: "scans/#{scan_id}/latest-status"
147
+ ).body
148
+
149
+ JSON.parse(scan_status_resp, symbolize_names: true)
150
+ rescue StandardError, SystemExit, Interrupt => e
151
+ raise e
152
+ end
153
+
154
+ # Supported Method Parameters::
155
+ # PWN::Plugins::NessusCloud.tag(
156
+ # nessus_obj: 'required - nessus_obj returned from #login method',
157
+ # category: 'required - category name to create or use',
158
+ # value: 'required - value name to create or use',
159
+ # desc: 'optional - _value_ description'
160
+ # )
161
+
162
+ public_class_method def self.tag(opts = {})
163
+ nessus_obj = opts[:nessus_obj]
164
+ category = opts[:category]
165
+ value = opts[:value]
166
+ desc = opts[:desc]
167
+
168
+ http_body = {
169
+ category_name: category,
170
+ value: value
171
+ }.to_json
172
+
173
+ tag_resp = nessus_cloud_rest_call(
174
+ http_method: :post,
175
+ nessus_obj: nessus_obj,
176
+ rest_call: 'tags/values',
177
+ http_body: http_body
178
+ ).body
179
+
180
+ JSON.parse(tag_resp, symbolize_names: true)
181
+ rescue StandardError, SystemExit, Interrupt => e
182
+ raise e
183
+ end
184
+
185
+ # Supported Method Parameters::
186
+ # PWN::Plugins::NessusCloud.get_scan_history(
187
+ # nessus_obj: 'required - nessus_obj returned from #login method'
188
+ # scan_id: 'required - scan id to launch'
189
+ # )
190
+
191
+ public_class_method def self.get_scan_history(opts = {})
192
+ nessus_obj = opts[:nessus_obj]
193
+ scan_id = opts[:scan_id]
194
+
195
+ scan_hist_resp = nessus_cloud_rest_call(
196
+ nessus_obj: nessus_obj,
197
+ rest_call: "scans/#{scan_id}/history"
198
+ ).body
199
+
200
+ JSON.parse(scan_hist_resp, symbolize_names: true)
201
+ rescue StandardError, SystemExit, Interrupt => e
202
+ raise e
203
+ end
204
+
205
+ # Supported Method Parameters::
206
+ # PWN::Plugins::NessusCloud.export_scan_results(
207
+ # nessus_obj: 'required - nessus_obj returned from #login method',
208
+ # scan_id: 'required - scan id to export',
209
+ # path_to_export: 'required - filename to export results',
210
+ # history_id: 'optional - defaults to last scan',
211
+ # format: 'optional - :csv|:db|:html|:nessus|:pdf (defaults to :csv')
212
+ # )
213
+
214
+ public_class_method def self.export_scan_results(opts = {})
215
+ nessus_obj = opts[:nessus_obj]
216
+ scan_id = opts[:scan_id]
217
+ path_to_export = opts[:path_to_export]
218
+ if opts[:history_id]
219
+ history_id = opts[:history_id]
220
+ else
221
+ scan_history_resp = get_scan_history(
222
+ nessus_obj: nessus_obj,
223
+ scan_id: scan_id
224
+ )
225
+
226
+ if scan_history_resp[:history].empty?
227
+ puts 'No scan history found.'
228
+ raise 'Has at least one scan completed?'
229
+ else
230
+ history_id = scan_history_resp[:history].last[:id]
231
+ end
232
+ end
233
+
234
+ format = :csv
235
+ format = opts[:format].to_s.to_sym if opts[:format]
236
+
237
+ http_body = {
238
+ scan_id: scan_id,
239
+ history_id: history_id,
240
+ format: format
241
+ }.to_json
242
+
243
+ export_scan_resp = nessus_cloud_rest_call(
244
+ http_method: :post,
245
+ nessus_obj: nessus_obj,
246
+ rest_call: "scans/#{scan_id}/export",
247
+ http_body: http_body
248
+ ).body
249
+
250
+ file_id = JSON.parse(
251
+ export_scan_resp,
252
+ symbolize_names: true
253
+ )[:file]
254
+
255
+ download_export_resp = nessus_cloud_rest_call(
256
+ nessus_obj: nessus_obj,
257
+ rest_call: "scans/#{scan_id}/export/#{file_id}/download"
258
+ ).body
259
+
260
+ File.open(path_to_export, 'wb') do |f|
261
+ f.puts download_export_resp
262
+ end
263
+
264
+ path_to_export
265
+ rescue StandardError, SystemExit, Interrupt => e
266
+ raise e
267
+ end
268
+
269
+ # Author(s):: Jacob Hoopes <jake.hoopes@gmail.com>
270
+
271
+ public_class_method def self.authors
272
+ "AUTHOR(S):
273
+ Jacob Hoopes <jake.hoopes@gmail.com>
274
+ "
275
+ end
276
+
277
+ # Display Usage for this Module
278
+
279
+ public_class_method def self.help
280
+ puts "USAGE:
281
+ nessus_obj = #{self}.login(
282
+ access_key: 'required - API access key (will prompt if blank)',
283
+ secret_key: 'required - API secret key (will prompt if blank)'
284
+ )
285
+
286
+ #{self}.list_scans(
287
+ nessus_obj: 'required - nessus_obj returned from #login method'
288
+ )
289
+
290
+ #{self}.launch_scan(
291
+ nessus_obj: 'required - nessus_obj returned from #login method',
292
+ scan_id: 'required - scan id to launch'
293
+ )
294
+
295
+ #{self}.get_scan_status(
296
+ nessus_obj: 'required - nessus_obj returned from #login method',
297
+ scan_id: 'required - scan id to retrieve status'
298
+ )
299
+
300
+ #{self}.tag(
301
+ nessus_obj: 'required - nessus_obj returned from #login method',
302
+ category: 'required - category name to create or use',
303
+ value: 'required - value name to create or use',
304
+ desc: 'optional - _value_ description'
305
+ )
306
+
307
+ #{self}.get_scan_history(
308
+ nessus_obj: 'required - nessus_obj returned from #login method'
309
+ scan_id: 'required - scan id to launch'
310
+ )
311
+
312
+ #{self}.export_scan_results(
313
+ nessus_obj: 'required - nessus_obj returned from #login method',
314
+ scan_id: 'required - scan id to export',
315
+ path_to_export: 'required - filename to export results',
316
+ history_id: 'optional - defaults to last scan',
317
+ format: 'optional - :csv|:db|:html|:nessus|:pdf (defaults to :csv')
318
+ )
319
+
320
+ #{self}.authors
321
+ "
322
+ end
323
+ end
324
+ end
325
+ end
data/lib/pwn/plugins/nexpose_vuln_scan.rb ADDED
@@ -0,0 +1,356 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'nexpose'
4
+ require 'ipaddr'
5
+
6
+ module PWN
7
+ module Plugins
8
+ # This plugin is used for interacting w/ Nexpose using the Nexpose API.
9
+ module NexposeVulnScan
10
+ @@logger = PWN::Plugins::PWNLogger.create
11
+
12
+ # Supported Method Parameters::
13
+ # PWN::Plugins::NexposeVulnScan.login(
14
+ # console_ip: 'required host/ip of Nexpose Console (server)',
15
+ # username: 'required username',
16
+ # password: 'optional password (will prompt if nil)'
17
+ # )
18
+
19
+ public_class_method def self.login(opts = {})
20
+ console_ip = opts[:console_ip]
21
+ username = opts[:username].to_s
22
+
23
+ password = if opts[:password].nil?
24
+ PWN::Plugins::AuthenticationHelper.mask_password
25
+ else
26
+ opts[:password].to_s
27
+ end
28
+
29
+ nsc_obj = Nexpose::Connection.new(console_ip, username, password)
30
+ nsc_obj.login
31
+ config = Nexpose::Console.load(nsc_obj)
32
+ config.session_timeout = 21_600
33
+ # config.save(nsc_obj) # This will change the global sesion timeout config in the console
34
+ nsc_obj
35
+ rescue StandardError => e
36
+ raise e
37
+ end
38
+
39
+ # Supported Method Parameters::
40
+ # PWN::Plugins::NexposeVulnScan.list_all_individual_site_assets(
41
+ # nsc_obj: 'required nsc_obj returned from login method',
42
+ # site_name: 'required Nexpose site name to update (case-sensitive)'
43
+ # )
44
+
45
+ public_class_method def self.list_all_individual_site_assets(opts = {})
46
+ nsc_obj = opts[:nsc_obj]
47
+ site_name = opts[:site_name]
48
+
49
+ site_id = -1
50
+ nsc_obj.list_sites.each do |site|
51
+ site_id = site.id if site.name == site_name
52
+ end
53
+
54
+ all_individual_site_assets_arr = []
55
+ if site_id > -1
56
+ @@logger.info("Listing All Assets from #{site_name} (site id: #{site_id}):")
57
+ nsc_obj.filter(Nexpose::Search::Field::SITE_ID, Nexpose::Search::Operator::IN, site_id).each do |asset|
58
+ @@logger.info("#{asset.id}|#{asset.ip}|#{asset.last_scan}")
59
+ all_individual_site_assets_arr.push(asset.ip)
60
+ end
61
+ else
62
+ @@logger.error("Site: #{site_name} Not Found. Please check the spelling and try again.")
63
+ end
64
+
65
+ all_individual_site_assets_arr
66
+ rescue StandardError => e
67
+ raise e
68
+ end
69
+
70
+ # Supported Method Parameters::
71
+ # PWN::Plugins::NexposeVulnScan.update_site_assets(
72
+ # nsc_obj: 'required nsc_obj returned from login method',
73
+ # site_name: 'required Nexpose site name to update (case-sensitive),
74
+ # assets: 'required array of hashes containing called :ip => values being IP address (All IPs not included in the :assets parameter will be removed from Nexpose)'
75
+ # )
76
+
77
+ public_class_method def self.update_site_assets(opts = {})
78
+ nsc_obj = opts[:nsc_obj]
79
+ site_name = opts[:site_name]
80
+ assets = opts[:assets]
81
+
82
+ nsc_obj.list_sites.each do |site|
83
+ next unless site.name == site_name
84
+
85
+ # Load Site
86
+ site_id = site.id
87
+ refresh_site = Nexpose::Site.load(nsc_obj, site_id)
88
+
89
+ # Obtain Current List of Assets for Given Site & Remove Old List of Assets from Given Site (if applicable)
90
+ @@logger.info('Removing the Following Assets:')
91
+ current_site_assets = nsc_obj.filter(Nexpose::Search::Field::SITE_ID, Nexpose::Search::Operator::IN, site_id)
92
+ new_site_assets = []
93
+ assets.each { |ip_host_hash| new_site_assets.push(ip_host_hash[:ip].to_s.scrub.strip.chomp) }
94
+ current_site_assets.each do |current_site_asset|
95
+ next if new_site_assets.include?(current_site_asset.ip)
96
+
97
+ @@logger.info("Removing #{current_site_asset.ip}")
98
+ # refresh_site.remove_included_asset(current_asset) # This should work and be less invasive but no worky :(
99
+ nsc_obj.delete_asset(current_site_asset.id) # So we completely remove the asset from Nexpose altogether :/
100
+ end
101
+ @@logger.info('Complete.')
102
+
103
+ # Add New List of Assets to Given Site
104
+ @@logger.info("Adding the Following Assets to #{site.name} (site id: #{site_id}):")
105
+ assets.each do |ip_host_hash|
106
+ current_ip = IPAddr.new(ip_host_hash[:ip].to_s.scrub.strip.chomp)
107
+ unless current_ip.to_s.match?('255') # || current_ip =~ /^[224-239]/ # Multicast?
108
+ # TODO: try to reverse DNS word to see if an IP s available as well
109
+ @@logger.info("Adding #{current_ip}")
110
+ refresh_site.include_asset(current_ip)
111
+ end
112
+ rescue StandardError
113
+ next
114
+ end
115
+ refresh_site.save(nsc_obj)
116
+ @@logger.info('Complete.')
117
+ end
118
+
119
+ nsc_obj
120
+ rescue StandardError => e
121
+ raise e
122
+ end
123
+
124
+ # Supported Method Parameters::
125
+ # PWN::Plugins::NexposeVulnScan.delete_site_assets_older_than(
126
+ # nsc_obj: 'required nsc_obj returned from login method',
127
+ # site_name: 'required Nexpose site name to update (case-sensitive),
128
+ # days: 'required assets to remove older than number of days in this parameter'
129
+ # )
130
+
131
+ public_class_method def self.delete_site_assets_older_than(opts = {})
132
+ nsc_obj = opts[:nsc_obj]
133
+ site_name = opts[:site_name]
134
+ days = opts[:days].to_i
135
+
136
+ site_id = -1
137
+ nsc_obj.list_sites.each do |site|
138
+ site_id = site.id if site.name == site_name
139
+ end
140
+
141
+ if site_id > -1
142
+ @@logger.info("Removing the Following Assets from #{site.name} (site id: #{site_id}) Older than #{days} Days:")
143
+ nsc_obj.filter(Nexpose::Search::Field::SCAN_DATE, Nexpose::Search::Operator::EARLIER_THAN, days).each do |asset|
144
+ if asset.site_id == site_id
145
+ @@logger.info("#{asset.id}|#{asset.ip}|#{asset.last_scan}")
146
+ nsc_obj.delete_asset(asset.id)
147
+ end
148
+ end
149
+ else
150
+ @@logger.error("Site: #{site_name} Not Found. Please check the spelling and try again.")
151
+ end
152
+
153
+ nsc_obj
154
+ rescue StandardError => e
155
+ raise e
156
+ end
157
+
158
+ # Supported Method Parameters::
159
+ # PWN::Plugins::NexposeVulnScan.scan_site_by_name(
160
+ # nsc_obj: 'required nsc_obj returned from login method',
161
+ # site_name: 'required Nexpose site name to scan (case-sensitive),
162
+ # poll_interval: 'optional poll interval to check the completion status of the scan (defaults to 3 minutes)
163
+ # )
164
+
165
+ public_class_method def self.scan_site_by_name(opts = {})
166
+ nsc_obj = opts[:nsc_obj]
167
+ site_name = opts[:site_name].to_s
168
+ site_id = nil
169
+
170
+ poll_interval = if opts[:poll_interval].nil?
171
+ 60
172
+ else
173
+ opts[:poll_interval].to_i
174
+ end
175
+
176
+ # Find the site and kick off the scan
177
+ nsc_obj.list_sites.each do |site|
178
+ next unless site.name == site_name
179
+
180
+ nsc_obj.scan_site(site.id)
181
+ @@logger.info("Scan Started for #{site_name} @ #{Time.now.strftime('%Y-%m-%d %H:%M:%S')}")
182
+ site_id = site.id
183
+ end
184
+
185
+ # Periodically check the status of the scan
186
+ raise @logger.error("Site name: #{site_name} does not exist as a site in Nexpose. Please check your spelling and try again.") if site_id == ''
187
+
188
+ @@logger.info("Info: Checking status for an interval of #{poll_interval} seconds until completion.")
189
+ loop do
190
+ scan_status = nil
191
+ nsc_obj.scan_activity.each { |scan| scan_status = scan.status if scan.site_id == site_id }
192
+ if scan_status == 'running'
193
+ print '~' # Seeing progress is good :)
194
+ sleep poll_interval # Sleep and check the status again...
195
+ else
196
+ @@logger.info("Scan Completed for #{site_name} @ #{Time.now.strftime('%Y-%m-%d %H:%M:%S')}")
197
+ break
198
+ end
199
+ end
200
+
201
+ nsc_obj
202
+ rescue StandardError => e
203
+ raise e
204
+ end
205
+
206
+ # Supported Method Parameters::
207
+ # PWN::Plugins::NexposeVulnScan.generate_report_via_existing_config(
208
+ # nsc_obj: 'required nsc_obj returned from login method',
209
+ # config_id: 'relevant r.config_id returned when invoking the block nsc_obj.reports.each {|r| puts "#{r.name} => #{r.config_id}"}',
210
+ # )
211
+
212
+ public_class_method def self.generate_report_via_existing_config(opts = {})
213
+ nsc_obj = opts[:nsc_obj]
214
+ config_id = opts[:config_id].to_i
215
+
216
+ existing_report_config = Nexpose::ReportConfig.load(nsc_obj, config_id)
217
+ existing_report_config.generate(nsc_obj)
218
+
219
+ nsc_obj
220
+ rescue StandardError => e
221
+ raise e
222
+ end
223
+
224
+ # Supported Method Parameters::
225
+ # PWN::Plugins::NexposeVulnScan.download_recurring_report(
226
+ # nsc_obj: 'required nsc_obj returned from login method',
227
+ # report_names: 'required array of report name/types to generate e.g. ["report.html", "report.pdf", "report.xml"]',
228
+ # poll_interval: 'optional poll interval to check the completion status of report generation (defaults to 60 seconds)
229
+ # )
230
+
231
+ public_class_method def self.download_recurring_report(opts = {})
232
+ nsc_obj = opts[:nsc_obj]
233
+ report_names = opts[:report_names].to_s.scrub.split(',')
234
+ @@logger.info("Generating #{report_names.count} Report(s): #{report_names.inspect}...")
235
+
236
+ poll_interval = if opts[:poll_interval].nil?
237
+ 60
238
+ else
239
+ opts[:poll_interval].to_i
240
+ end
241
+
242
+ report_arr = []
243
+ report_status_arr = []
244
+ until report_status_arr.count == report_names.count
245
+ nsc_obj.reports.each do |report|
246
+ report_names.each do |requested_report|
247
+ this_report_name = requested_report.to_s.strip.chomp.delete('"')
248
+ next unless report.name == this_report_name
249
+
250
+ @@logger.info("Generating Recurring Report: #{report.name} @ #{Time.now.strftime('%Y-%m-%d %H:%M:%S')}..Current Report Status: #{report.status}")
251
+ if report.status == 'Failed'
252
+ @@logger.info("Report Generation for #{report.name} failed...re-generating now...")
253
+ # Re-generate report from pre-existing config.
254
+ nsc_obj = generate_report_via_existing_config(nsc_obj: nsc_obj, config_id: report.config_id)
255
+ end
256
+
257
+ report_hash = {}
258
+ report_hash[:report_name] = report.name
259
+ report_hash[:report_status] = report.status
260
+ report_hash[:report_uri] = report.uri
261
+ report_arr.push(report_hash)
262
+ report_status_arr = report_arr.uniq.select { |this_report| this_report[:report_status] == 'Generated' }
263
+ end
264
+ end
265
+ # TODO: Ensure report_names are available within nsc_obj.reports (thus making it worthwhile to loop vs saying report !found).
266
+ @@logger.info("Total Reports Generated So Far: #{report_status_arr.count}...")
267
+ sleep poll_interval # Sleep and check the status again...
268
+ end
269
+
270
+ # @@logger.info(report_arr.inspect)
271
+ # @@logger.info(report_status_arr.inspect)
272
+ report_status_arr.each do |report_hash|
273
+ this_file_extention = File.extname(report_hash[:report_uri])
274
+ @@logger.info("\nDownloading #{report_hash[:report_name]}#{this_file_extention} from #{report_hash[:report_uri]}...")
275
+ nsc_obj.download(report_hash[:report_uri], "#{report_hash[:report_name]}#{this_file_extention}")
276
+ end
277
+ @@logger.info('complete.')
278
+
279
+ nsc_obj
280
+ rescue StandardError => e
281
+ raise e
282
+ end
283
+
284
+ # Supported Method Parameters::
285
+ # PWN::Plugins::NexposeVulnScan.logout(
286
+ # nsc_obj: 'required nsc_obj returned from login method'
287
+ # )
288
+
289
+ public_class_method def self.logout(opts = {})
290
+ nsc_obj = opts[:nsc_obj]
291
+
292
+ # config = Nexpose::Console.load(nsc_obj)
293
+ # config.session_timeout = 600 # This is the default session timeout in the console
294
+ # config.save(nsc_obj) # This will change the global sesion timeout config in the console
295
+ nsc_obj.logout
296
+ 'logged out'
297
+ rescue StandardError => e
298
+ raise e
299
+ end
300
+
301
+ # Author(s):: Jacob Hoopes <jake.hoopes@gmail.com>
302
+
303
+ public_class_method def self.authors
304
+ "AUTHOR(S):
305
+ Jacob Hoopes <jake.hoopes@gmail.com>
306
+ "
307
+ end
308
+
309
+ # Display Usage for this Module
310
+
311
+ public_class_method def self.help
312
+ puts "USAGE:
313
+ nsc_obj = #{self}.login(
314
+ console_ip: 'required host/ip of Nexpose Console (server)',
315
+ username: 'required username',
316
+ password: 'optional password (will prompt if nil)'
317
+ )
318
+ puts nsc_obj.public_methods
319
+
320
+ all_individual_site_assets_arr = #{self}.list_all_individual_site_assets(
321
+ nsc_obj: 'required nsc_obj returned from login method',
322
+ site_name: 'required Nexpose site name to update (case-sensitive)'
323
+ )
324
+
325
+ nsc_obj = #{self}.update_site_assets(
326
+ nsc_obj: 'required nsc_obj returned from login method',
327
+ site_name: 'required Nexpose site name to update (case-sensitive),
328
+ assets: 'required array of hashes containing called :ip => values being IP address (All IPs not included in the :assets parameter will be removed from Nexpose)'
329
+ )
330
+
331
+ nsc_obj = #{self}.delete_site_assets_older_than(
332
+ nsc_obj: 'required nsc_obj returned from login method',
333
+ site_name: 'required Nexpose site name to update (case-sensitive),
334
+ days: 'required assets to remove older than number of days in this parameter'
335
+ )
336
+
337
+ nsc_obj = #{self}.scan_site_by_name(
338
+ nsc_obj: 'required nsc_obj returned from login method',
339
+ site_name: 'required Nexpose site name to scan (case-sensitive),
340
+ poll_interval: 'optional poll interval to check the completion status of the scan (defaults to 60 seconds)
341
+ )
342
+
343
+ #{self}.download_recurring_report(
344
+ nsc_obj: 'required nsc_obj returned from login method',
345
+ report_names: 'required array of report name/types to generate e.g. ['report.html', 'report.pdf', 'report.xml']',
346
+ poll_interval: 'optional poll interval to check the completion status of report generation (defaults to 60 seconds)
347
+ )
348
+
349
+ #{self}.logout(nsc_obj: 'required nsc_obj returned from login method')
350
+
351
+ #{self}.authors
352
+ "
353
+ end
354
+ end
355
+ end
356
+ end