pwn 0.4.511 → 0.4.514

Sign up to get free protection for your applications and to get access to all the features.
Files changed (83) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +4 -4
  3. data/README.md +2 -2
  4. data/bin/pwn_android_war_dialer +2 -1
  5. data/lib/pwn/plugins/owasp_zap.rb +1 -1
  6. data/lib/pwn/reports/sast.rb +4 -4
  7. data/lib/pwn/sast/amqp_connect_as_guest.rb +7 -5
  8. data/lib/pwn/sast/apache_file_system_util_api.rb +7 -5
  9. data/lib/pwn/sast/aws.rb +7 -5
  10. data/lib/pwn/sast/banned_function_calls_c.rb +7 -5
  11. data/lib/pwn/sast/base64.rb +7 -5
  12. data/lib/pwn/sast/beef_hook.rb +7 -5
  13. data/lib/pwn/sast/cmd_execution_java.rb +7 -5
  14. data/lib/pwn/sast/cmd_execution_python.rb +7 -5
  15. data/lib/pwn/sast/cmd_execution_ruby.rb +7 -5
  16. data/lib/pwn/sast/cmd_execution_scala.rb +7 -5
  17. data/lib/pwn/sast/csrf.rb +7 -5
  18. data/lib/pwn/sast/deserial_java.rb +7 -5
  19. data/lib/pwn/sast/emoticon.rb +7 -5
  20. data/lib/pwn/sast/eval.rb +7 -5
  21. data/lib/pwn/sast/factory.rb +7 -5
  22. data/lib/pwn/sast/http_authorization_header.rb +7 -5
  23. data/lib/pwn/sast/inner_html.rb +7 -5
  24. data/lib/pwn/sast/keystore.rb +7 -5
  25. data/lib/pwn/sast/location_hash.rb +7 -5
  26. data/lib/pwn/sast/log4j.rb +7 -5
  27. data/lib/pwn/sast/logger.rb +7 -5
  28. data/lib/pwn/sast/outer_html.rb +7 -5
  29. data/lib/pwn/sast/password.rb +7 -5
  30. data/lib/pwn/sast/pom_version.rb +12 -8
  31. data/lib/pwn/sast/port.rb +7 -5
  32. data/lib/pwn/sast/private_key.rb +7 -5
  33. data/lib/pwn/sast/redirect.rb +7 -5
  34. data/lib/pwn/sast/redos.rb +7 -5
  35. data/lib/pwn/sast/shell.rb +7 -5
  36. data/lib/pwn/sast/signature.rb +7 -5
  37. data/lib/pwn/sast/sql.rb +7 -5
  38. data/lib/pwn/sast/ssl.rb +7 -5
  39. data/lib/pwn/sast/sudo.rb +7 -5
  40. data/lib/pwn/sast/task_tag.rb +7 -5
  41. data/lib/pwn/sast/throw_errors.rb +7 -5
  42. data/lib/pwn/sast/token.rb +7 -5
  43. data/lib/pwn/sast/version.rb +7 -5
  44. data/lib/pwn/sast/window_location_hash.rb +7 -5
  45. data/lib/pwn/version.rb +1 -1
  46. data/spec/lib/pwn/sast/amqp_connect_as_guest_spec.rb +3 -3
  47. data/spec/lib/pwn/sast/apache_file_system_util_api_spec.rb +3 -3
  48. data/spec/lib/pwn/sast/aws_spec.rb +3 -3
  49. data/spec/lib/pwn/sast/banned_function_calls_c_spec.rb +3 -3
  50. data/spec/lib/pwn/sast/base64_spec.rb +3 -3
  51. data/spec/lib/pwn/sast/beef_hook_spec.rb +3 -3
  52. data/spec/lib/pwn/sast/cmd_execution_java_spec.rb +3 -3
  53. data/spec/lib/pwn/sast/cmd_execution_python_spec.rb +3 -3
  54. data/spec/lib/pwn/sast/cmd_execution_ruby_spec.rb +3 -3
  55. data/spec/lib/pwn/sast/cmd_execution_scala_spec.rb +3 -3
  56. data/spec/lib/pwn/sast/csrf_spec.rb +3 -3
  57. data/spec/lib/pwn/sast/deserial_java_spec.rb +3 -3
  58. data/spec/lib/pwn/sast/emoticon_spec.rb +3 -3
  59. data/spec/lib/pwn/sast/eval_spec.rb +3 -3
  60. data/spec/lib/pwn/sast/factory_spec.rb +3 -3
  61. data/spec/lib/pwn/sast/http_authorization_header_spec.rb +3 -3
  62. data/spec/lib/pwn/sast/inner_html_spec.rb +3 -3
  63. data/spec/lib/pwn/sast/keystore_spec.rb +3 -3
  64. data/spec/lib/pwn/sast/location_hash_spec.rb +3 -3
  65. data/spec/lib/pwn/sast/log4j_spec.rb +3 -3
  66. data/spec/lib/pwn/sast/logger_spec.rb +3 -3
  67. data/spec/lib/pwn/sast/password_spec.rb +3 -3
  68. data/spec/lib/pwn/sast/pom_version_spec.rb +3 -3
  69. data/spec/lib/pwn/sast/port_spec.rb +3 -3
  70. data/spec/lib/pwn/sast/private_key_spec.rb +3 -3
  71. data/spec/lib/pwn/sast/redirect_spec.rb +3 -3
  72. data/spec/lib/pwn/sast/redos_spec.rb +3 -3
  73. data/spec/lib/pwn/sast/shell_spec.rb +3 -3
  74. data/spec/lib/pwn/sast/signature_spec.rb +3 -3
  75. data/spec/lib/pwn/sast/sql_spec.rb +3 -3
  76. data/spec/lib/pwn/sast/ssl_spec.rb +3 -3
  77. data/spec/lib/pwn/sast/sudo_spec.rb +3 -3
  78. data/spec/lib/pwn/sast/task_tag_spec.rb +3 -3
  79. data/spec/lib/pwn/sast/throw_errors_spec.rb +3 -3
  80. data/spec/lib/pwn/sast/token_spec.rb +3 -3
  81. data/spec/lib/pwn/sast/version_spec.rb +3 -3
  82. data/spec/lib/pwn/sast/window_location_hash_spec.rb +3 -3
  83. metadata +11 -11
data/lib/pwn/sast/http_authorization_header.rb CHANGED
@@ -56,7 +56,7 @@ module PWN
56
56
 
57
57
  hash_line = {
58
58
  timestamp: Time.now.strftime('%Y-%m-%d %H:%M:%S.%9N %z').to_s,
59
- security_requirements: security_requirements,
59
+ security_references: security_references,
60
60
  filename: { git_repo_root_uri: git_repo_root_uri, entry: entry },
61
61
  line_no_and_contents: '',
62
62
  raw_content: str,
@@ -86,9 +86,11 @@ module PWN
86
86
  else
87
87
  author = 'N/A'
88
88
  end
89
- hash_line[:line_no_and_contents] = line_no_and_contents_arr.push(line_no: line_no,
90
- contents: contents,
91
- author: author)
89
+ hash_line[:line_no_and_contents] = line_no_and_contents_arr.push(
90
+ line_no: line_no,
91
+ contents: contents,
92
+ author: author
93
+ )
92
94
 
93
95
  current_count += 2
94
96
  end
@@ -111,7 +113,7 @@ module PWN
111
113
  # to PWN Exploit & Static Code Anti-Pattern Matching Modules to
112
114
  # Determine the level of Testing Coverage w/ PWN.
113
115
 
114
- public_class_method def self.security_requirements
116
+ public_class_method def self.security_references
115
117
  {
116
118
  sast_module: self,
117
119
  section: 'PROTECTION OF INFORMATION AT REST',
data/lib/pwn/sast/inner_html.rb CHANGED
@@ -47,7 +47,7 @@ module PWN
47
47
 
48
48
  hash_line = {
49
49
  timestamp: Time.now.strftime('%Y-%m-%d %H:%M:%S.%9N %z').to_s,
50
- security_requirements: security_requirements,
50
+ security_references: security_references,
51
51
  filename: { git_repo_root_uri: git_repo_root_uri, entry: entry },
52
52
  line_no_and_contents: '',
53
53
  raw_content: str,
@@ -77,9 +77,11 @@ module PWN
77
77
  else
78
78
  author = 'N/A'
79
79
  end
80
- hash_line[:line_no_and_contents] = line_no_and_contents_arr.push(line_no: line_no,
81
- contents: contents,
82
- author: author)
80
+ hash_line[:line_no_and_contents] = line_no_and_contents_arr.push(
81
+ line_no: line_no,
82
+ contents: contents,
83
+ author: author
84
+ )
83
85
 
84
86
  current_count += 2
85
87
  end
@@ -104,7 +106,7 @@ module PWN
104
106
  # to PWN Exploit & Static Code Anti-Pattern Matching Modules to
105
107
  # Determine the level of Testing Coverage w/ PWN.
106
108
 
107
- public_class_method def self.security_requirements
109
+ public_class_method def self.security_references
108
110
  {
109
111
  sast_module: self,
110
112
  section: 'MALICIOUS CODE PROTECTION',
data/lib/pwn/sast/keystore.rb CHANGED
@@ -44,7 +44,7 @@ module PWN
44
44
 
45
45
  hash_line = {
46
46
  timestamp: Time.now.strftime('%Y-%m-%d %H:%M:%S.%9N %z').to_s,
47
- security_requirements: security_requirements,
47
+ security_references: security_references,
48
48
  filename: { git_repo_root_uri: git_repo_root_uri, entry: entry },
49
49
  line_no_and_contents: '',
50
50
  raw_content: str,
@@ -74,9 +74,11 @@ module PWN
74
74
  else
75
75
  author = 'N/A'
76
76
  end
77
- hash_line[:line_no_and_contents] = line_no_and_contents_arr.push(line_no: line_no,
78
- contents: contents,
79
- author: author)
77
+ hash_line[:line_no_and_contents] = line_no_and_contents_arr.push(
78
+ line_no: line_no,
79
+ contents: contents,
80
+ author: author
81
+ )
80
82
 
81
83
  current_count += 2
82
84
  end
@@ -101,7 +103,7 @@ module PWN
101
103
  # to PWN Exploit & Static Code Anti-Pattern Matching Modules to
102
104
  # Determine the level of Testing Coverage w/ PWN.
103
105
 
104
- public_class_method def self.security_requirements
106
+ public_class_method def self.security_references
105
107
  {
106
108
  sast_module: self,
107
109
  section: 'CRYPTOGRAPHIC KEY ESTABLISHMENT AND MANAGEMENT',
data/lib/pwn/sast/location_hash.rb CHANGED
@@ -47,7 +47,7 @@ module PWN
47
47
 
48
48
  hash_line = {
49
49
  timestamp: Time.now.strftime('%Y-%m-%d %H:%M:%S.%9N %z').to_s,
50
- security_requirements: security_requirements,
50
+ security_references: security_references,
51
51
  filename: { git_repo_root_uri: git_repo_root_uri, entry: entry },
52
52
  line_no_and_contents: '',
53
53
  raw_content: str,
@@ -77,9 +77,11 @@ module PWN
77
77
  else
78
78
  author = 'N/A'
79
79
  end
80
- hash_line[:line_no_and_contents] = line_no_and_contents_arr.push(line_no: line_no,
81
- contents: contents,
82
- author: author)
80
+ hash_line[:line_no_and_contents] = line_no_and_contents_arr.push(
81
+ line_no: line_no,
82
+ contents: contents,
83
+ author: author
84
+ )
83
85
 
84
86
  current_count += 2
85
87
  end
@@ -104,7 +106,7 @@ module PWN
104
106
  # to PWN Exploit & Static Code Anti-Pattern Matching Modules to
105
107
  # Determine the level of Testing Coverage w/ PWN.
106
108
 
107
- public_class_method def self.security_requirements
109
+ public_class_method def self.security_references
108
110
  {
109
111
  sast_module: self,
110
112
  section: 'MALICIOUS CODE PROTECTION',
data/lib/pwn/sast/log4j.rb CHANGED
@@ -47,7 +47,7 @@ module PWN
47
47
 
48
48
  hash_line = {
49
49
  timestamp: Time.now.strftime('%Y-%m-%d %H:%M:%S.%9N %z').to_s,
50
- security_requirements: security_requirements,
50
+ security_references: security_references,
51
51
  filename: { git_repo_root_uri: git_repo_root_uri, entry: entry },
52
52
  line_no_and_contents: '',
53
53
  raw_content: str,
@@ -77,9 +77,11 @@ module PWN
77
77
  else
78
78
  author = 'N/A'
79
79
  end
80
- hash_line[:line_no_and_contents] = line_no_and_contents_arr.push(line_no: line_no,
81
- contents: contents,
82
- author: author)
80
+ hash_line[:line_no_and_contents] = line_no_and_contents_arr.push(
81
+ line_no: line_no,
82
+ contents: contents,
83
+ author: author
84
+ )
83
85
 
84
86
  current_count += 2
85
87
  end
@@ -104,7 +106,7 @@ module PWN
104
106
  # to PWN Exploit & Static Code Anti-Pattern Matching Modules to
105
107
  # Determine the level of Testing Coverage w/ PWN.
106
108
 
107
- public_class_method def self.security_requirements
109
+ public_class_method def self.security_references
108
110
  {
109
111
  sast_module: self,
110
112
  section: 'DEVELOPER SECURITY AND PRIVACY ARCHITECTURE AND DESIGN',
data/lib/pwn/sast/logger.rb CHANGED
@@ -62,7 +62,7 @@ module PWN
62
62
 
63
63
  hash_line = {
64
64
  timestamp: Time.now.strftime('%Y-%m-%d %H:%M:%S.%9N %z').to_s,
65
- security_requirements: security_requirements,
65
+ security_references: security_references,
66
66
  filename: { git_repo_root_uri: git_repo_root_uri, entry: entry },
67
67
  line_no_and_contents: '',
68
68
  raw_content: str,
@@ -92,9 +92,11 @@ module PWN
92
92
  else
93
93
  author = 'N/A'
94
94
  end
95
- hash_line[:line_no_and_contents] = line_no_and_contents_arr.push(line_no: line_no,
96
- contents: contents,
97
- author: author)
95
+ hash_line[:line_no_and_contents] = line_no_and_contents_arr.push(
96
+ line_no: line_no,
97
+ contents: contents,
98
+ author: author
99
+ )
98
100
 
99
101
  current_count += 2
100
102
  end
@@ -119,7 +121,7 @@ module PWN
119
121
  # to PWN Exploit & Static Code Anti-Pattern Matching Modules to
120
122
  # Determine the level of Testing Coverage w/ PWN.
121
123
 
122
- public_class_method def self.security_requirements
124
+ public_class_method def self.security_references
123
125
  {
124
126
  sast_module: self,
125
127
  section: 'PROTECTION OF INFORMATION AT REST',
data/lib/pwn/sast/outer_html.rb CHANGED
@@ -47,7 +47,7 @@ module PWN
47
47
 
48
48
  hash_line = {
49
49
  timestamp: Time.now.strftime('%Y-%m-%d %H:%M:%S.%9N %z').to_s,
50
- security_requirements: security_requirements,
50
+ security_references: security_references,
51
51
  filename: { git_repo_root_uri: git_repo_root_uri, entry: entry },
52
52
  line_no_and_contents: '',
53
53
  raw_content: str,
@@ -77,9 +77,11 @@ module PWN
77
77
  else
78
78
  author = 'N/A'
79
79
  end
80
- hash_line[:line_no_and_contents] = line_no_and_contents_arr.push(line_no: line_no,
81
- contents: contents,
82
- author: author)
80
+ hash_line[:line_no_and_contents] = line_no_and_contents_arr.push(
81
+ line_no: line_no,
82
+ contents: contents,
83
+ author: author
84
+ )
83
85
 
84
86
  current_count += 2
85
87
  end
@@ -104,7 +106,7 @@ module PWN
104
106
  # to PWN Exploit & Static Code Anti-Pattern Matching Modules to
105
107
  # Determine the level of Testing Coverage w/ PWN.
106
108
 
107
- public_class_method def self.security_requirements
109
+ public_class_method def self.security_references
108
110
  {
109
111
  sast_module: self,
110
112
  section: 'MALICIOUS CODE PROTECTION',
data/lib/pwn/sast/password.rb CHANGED
@@ -51,7 +51,7 @@ module PWN
51
51
 
52
52
  hash_line = {
53
53
  timestamp: Time.now.strftime('%Y-%m-%d %H:%M:%S.%9N %z').to_s,
54
- security_requirements: security_requirements,
54
+ security_references: security_references,
55
55
  filename: { git_repo_root_uri: git_repo_root_uri, entry: entry },
56
56
  line_no_and_contents: '',
57
57
  raw_content: str,
@@ -81,9 +81,11 @@ module PWN
81
81
  else
82
82
  author = 'N/A'
83
83
  end
84
- hash_line[:line_no_and_contents] = line_no_and_contents_arr.push(line_no: line_no,
85
- contents: contents,
86
- author: author)
84
+ hash_line[:line_no_and_contents] = line_no_and_contents_arr.push(
85
+ line_no: line_no,
86
+ contents: contents,
87
+ author: author
88
+ )
87
89
 
88
90
  current_count += 2
89
91
  end
@@ -106,7 +108,7 @@ module PWN
106
108
  # to PWN Exploit & Static Code Anti-Pattern Matching Modules to
107
109
  # Determine the level of Testing Coverage w/ PWN.
108
110
 
109
- public_class_method def self.security_requirements
111
+ public_class_method def self.security_references
110
112
  {
111
113
  sast_module: self,
112
114
  section: 'PROTECTION OF INFORMATION AT REST',
data/lib/pwn/sast/pom_version.rb CHANGED
@@ -45,7 +45,7 @@ module PWN
45
45
 
46
46
  hash_line = {
47
47
  timestamp: Time.now.strftime('%Y-%m-%d %H:%M:%S.%9N %z').to_s,
48
- security_requirements: security_requirements,
48
+ security_references: security_references,
49
49
  filename: { git_repo_root_uri: git_repo_root_uri, entry: entry },
50
50
  line_no_and_contents: '',
51
51
  raw_content: str,
@@ -77,15 +77,19 @@ module PWN
77
77
  else
78
78
  author = 'N/A'
79
79
  end
80
- hash_line[:line_no_and_contents] = line_no_and_contents_arr.push(line_no: line_no,
81
- contents: contents,
82
- author: author)
80
+ hash_line[:line_no_and_contents] = line_no_and_contents_arr.push(
81
+ line_no: line_no,
82
+ contents: contents,
83
+ author: author
84
+ )
83
85
 
84
86
  current_count += 2
85
87
  end
86
- hash_line[:line_no_and_contents] = line_no_and_contents_arr.push(line_no: '--',
87
- contents: '--',
88
- author: '--')
88
+ hash_line[:line_no_and_contents] = line_no_and_contents_arr.push(
89
+ line_no: '--',
90
+ contents: '--',
91
+ author: '--'
92
+ )
89
93
  end
90
94
  result_arr.push(hash_line)
91
95
  logger_results = "#{logger_results}x" # Seeing progress is good :)
@@ -108,7 +112,7 @@ module PWN
108
112
  # to PWN Exploit & Static Code Anti-Pattern Matching Modules to
109
113
  # Determine the level of Testing Coverage w/ PWN.
110
114
 
111
- public_class_method def self.security_requirements
115
+ public_class_method def self.security_references
112
116
  {
113
117
  sast_module: self,
114
118
  section: 'VULNERABILITY SCANNING',
data/lib/pwn/sast/port.rb CHANGED
@@ -54,7 +54,7 @@ module PWN
54
54
 
55
55
  hash_line = {
56
56
  timestamp: Time.now.strftime('%Y-%m-%d %H:%M:%S.%9N %z').to_s,
57
- security_requirements: security_requirements,
57
+ security_references: security_references,
58
58
  filename: { git_repo_root_uri: git_repo_root_uri, entry: entry },
59
59
  line_no_and_contents: '',
60
60
  raw_content: str,
@@ -84,9 +84,11 @@ module PWN
84
84
  else
85
85
  author = 'N/A'
86
86
  end
87
- hash_line[:line_no_and_contents] = line_no_and_contents_arr.push(line_no: line_no,
88
- contents: contents,
89
- author: author)
87
+ hash_line[:line_no_and_contents] = line_no_and_contents_arr.push(
88
+ line_no: line_no,
89
+ contents: contents,
90
+ author: author
91
+ )
90
92
 
91
93
  current_count += 2
92
94
  end
@@ -111,7 +113,7 @@ module PWN
111
113
  # to PWN Exploit & Static Code Anti-Pattern Matching Modules to
112
114
  # Determine the level of Testing Coverage w/ PWN.
113
115
 
114
- public_class_method def self.security_requirements
116
+ public_class_method def self.security_references
115
117
  {
116
118
  sast_module: self,
117
119
  section: 'TRANSMISSION CONFIDENTIALITY AND INTEGRITY',
data/lib/pwn/sast/private_key.rb CHANGED
@@ -47,7 +47,7 @@ module PWN
47
47
 
48
48
  hash_line = {
49
49
  timestamp: Time.now.strftime('%Y-%m-%d %H:%M:%S.%9N %z').to_s,
50
- security_requirements: security_requirements,
50
+ security_references: security_references,
51
51
  filename: { git_repo_root_uri: git_repo_root_uri, entry: entry },
52
52
  line_no_and_contents: '',
53
53
  raw_content: str,
@@ -77,9 +77,11 @@ module PWN
77
77
  else
78
78
  author = 'N/A'
79
79
  end
80
- hash_line[:line_no_and_contents] = line_no_and_contents_arr.push(line_no: line_no,
81
- contents: contents,
82
- author: author)
80
+ hash_line[:line_no_and_contents] = line_no_and_contents_arr.push(
81
+ line_no: line_no,
82
+ contents: contents,
83
+ author: author
84
+ )
83
85
 
84
86
  current_count += 2
85
87
  end
@@ -104,7 +106,7 @@ module PWN
104
106
  # to PWN Exploit & Static Code Anti-Pattern Matching Modules to
105
107
  # Determine the level of Testing Coverage w/ PWN.
106
108
 
107
- public_class_method def self.security_requirements
109
+ public_class_method def self.security_references
108
110
  {
109
111
  sast_module: self,
110
112
  section: 'CRYPTOGRAPHIC MODULE AUTHENTICATION',
data/lib/pwn/sast/redirect.rb CHANGED
@@ -49,7 +49,7 @@ module PWN
49
49
 
50
50
  hash_line = {
51
51
  timestamp: Time.now.strftime('%Y-%m-%d %H:%M:%S.%9N %z').to_s,
52
- security_requirements: security_requirements,
52
+ security_references: security_references,
53
53
  filename: { git_repo_root_uri: git_repo_root_uri, entry: entry },
54
54
  line_no_and_contents: '',
55
55
  raw_content: str,
@@ -79,9 +79,11 @@ module PWN
79
79
  else
80
80
  author = 'N/A'
81
81
  end
82
- hash_line[:line_no_and_contents] = line_no_and_contents_arr.push(line_no: line_no,
83
- contents: contents,
84
- author: author)
82
+ hash_line[:line_no_and_contents] = line_no_and_contents_arr.push(
83
+ line_no: line_no,
84
+ contents: contents,
85
+ author: author
86
+ )
85
87
 
86
88
  current_count += 2
87
89
  end
@@ -106,7 +108,7 @@ module PWN
106
108
  # to PWN Exploit & Static Code Anti-Pattern Matching Modules to
107
109
  # Determine the level of Testing Coverage w/ PWN.
108
110
 
109
- public_class_method def self.security_requirements
111
+ public_class_method def self.security_references
110
112
  {
111
113
  sast_module: self,
112
114
  section: 'LEAST PRIVILEGE',
data/lib/pwn/sast/redos.rb CHANGED
@@ -54,7 +54,7 @@ module PWN
54
54
 
55
55
  hash_line = {
56
56
  timestamp: Time.now.strftime('%Y-%m-%d %H:%M:%S.%9N %z').to_s,
57
- security_requirements: security_requirements,
57
+ security_references: security_references,
58
58
  filename: { git_repo_root_uri: git_repo_root_uri, entry: entry },
59
59
  line_no_and_contents: '',
60
60
  raw_content: str,
@@ -84,9 +84,11 @@ module PWN
84
84
  else
85
85
  author = 'N/A'
86
86
  end
87
- hash_line[:line_no_and_contents] = line_no_and_contents_arr.push(line_no: line_no,
88
- contents: contents,
89
- author: author)
87
+ hash_line[:line_no_and_contents] = line_no_and_contents_arr.push(
88
+ line_no: line_no,
89
+ contents: contents,
90
+ author: author
91
+ )
90
92
 
91
93
  current_count += 2
92
94
  end
@@ -111,7 +113,7 @@ module PWN
111
113
  # to PWN Exploit & Static Code Anti-Pattern Matching Modules to
112
114
  # Determine the level of Testing Coverage w/ PWN.
113
115
 
114
- public_class_method def self.security_requirements
116
+ public_class_method def self.security_references
115
117
  {
116
118
  sast_module: self,
117
119
  section: 'PROTECTION OF INFORMATION AT REST',
data/lib/pwn/sast/shell.rb CHANGED
@@ -55,7 +55,7 @@ module PWN
55
55
 
56
56
  hash_line = {
57
57
  timestamp: Time.now.strftime('%Y-%m-%d %H:%M:%S.%9N %z').to_s,
58
- security_requirements: security_requirements,
58
+ security_references: security_references,
59
59
  filename: { git_repo_root_uri: git_repo_root_uri, entry: entry },
60
60
  line_no_and_contents: '',
61
61
  raw_content: str,
@@ -85,9 +85,11 @@ module PWN
85
85
  else
86
86
  author = 'N/A'
87
87
  end
88
- hash_line[:line_no_and_contents] = line_no_and_contents_arr.push(line_no: line_no,
89
- contents: contents,
90
- author: author)
88
+ hash_line[:line_no_and_contents] = line_no_and_contents_arr.push(
89
+ line_no: line_no,
90
+ contents: contents,
91
+ author: author
92
+ )
91
93
 
92
94
  current_count += 2
93
95
  end
@@ -112,7 +114,7 @@ module PWN
112
114
  # to PWN Exploit & Static Code Anti-Pattern Matching Modules to
113
115
  # Determine the level of Testing Coverage w/ PWN.
114
116
 
115
- public_class_method def self.security_requirements
117
+ public_class_method def self.security_references
116
118
  {
117
119
  sast_module: self,
118
120
  section: 'DEVELOPER SECURITY AND PRIVACY ARCHITECTURE AND DESIGN',
data/lib/pwn/sast/signature.rb CHANGED
@@ -47,7 +47,7 @@ module PWN
47
47
 
48
48
  hash_line = {
49
49
  timestamp: Time.now.strftime('%Y-%m-%d %H:%M:%S.%9N %z').to_s,
50
- security_requirements: security_requirements,
50
+ security_references: security_references,
51
51
  filename: { git_repo_root_uri: git_repo_root_uri, entry: entry },
52
52
  line_no_and_contents: '',
53
53
  raw_content: str,
@@ -77,9 +77,11 @@ module PWN
77
77
  else
78
78
  author = 'N/A'
79
79
  end
80
- hash_line[:line_no_and_contents] = line_no_and_contents_arr.push(line_no: line_no,
81
- contents: contents,
82
- author: author)
80
+ hash_line[:line_no_and_contents] = line_no_and_contents_arr.push(
81
+ line_no: line_no,
82
+ contents: contents,
83
+ author: author
84
+ )
83
85
 
84
86
  current_count += 2
85
87
  end
@@ -104,7 +106,7 @@ module PWN
104
106
  # to PWN Exploit & Static Code Anti-Pattern Matching Modules to
105
107
  # Determine the level of Testing Coverage w/ PWN.
106
108
 
107
- public_class_method def self.security_requirements
109
+ public_class_method def self.security_references
108
110
  {
109
111
  sast_module: self,
110
112
  section: 'CRYPTOGRAPHIC MODULE AUTHENTICATION',
data/lib/pwn/sast/sql.rb CHANGED
@@ -51,7 +51,7 @@ module PWN
51
51
 
52
52
  hash_line = {
53
53
  timestamp: Time.now.strftime('%Y-%m-%d %H:%M:%S.%9N %z').to_s,
54
- security_requirements: security_requirements,
54
+ security_references: security_references,
55
55
  filename: { git_repo_root_uri: git_repo_root_uri, entry: entry },
56
56
  line_no_and_contents: '',
57
57
  raw_content: str,
@@ -81,9 +81,11 @@ module PWN
81
81
  else
82
82
  author = 'N/A'
83
83
  end
84
- hash_line[:line_no_and_contents] = line_no_and_contents_arr.push(line_no: line_no,
85
- contents: contents,
86
- author: author)
84
+ hash_line[:line_no_and_contents] = line_no_and_contents_arr.push(
85
+ line_no: line_no,
86
+ contents: contents,
87
+ author: author
88
+ )
87
89
 
88
90
  current_count += 2
89
91
  end
@@ -108,7 +110,7 @@ module PWN
108
110
  # to PWN Exploit & Static Code Anti-Pattern Matching Modules to
109
111
  # Determine the level of Testing Coverage w/ PWN.
110
112
 
111
- public_class_method def self.security_requirements
113
+ public_class_method def self.security_references
112
114
  {
113
115
  sast_module: self,
114
116
  section: 'INFORMATION INPUT VALIDATION',
data/lib/pwn/sast/ssl.rb CHANGED
@@ -44,7 +44,7 @@ module PWN
44
44
 
45
45
  hash_line = {
46
46
  timestamp: Time.now.strftime('%Y-%m-%d %H:%M:%S.%9N %z').to_s,
47
- security_requirements: security_requirements,
47
+ security_references: security_references,
48
48
  filename: { git_repo_root_uri: git_repo_root_uri, entry: entry },
49
49
  line_no_and_contents: '',
50
50
  raw_content: str,
@@ -74,9 +74,11 @@ module PWN
74
74
  else
75
75
  author = 'N/A'
76
76
  end
77
- hash_line[:line_no_and_contents] = line_no_and_contents_arr.push(line_no: line_no,
78
- contents: contents,
79
- author: author)
77
+ hash_line[:line_no_and_contents] = line_no_and_contents_arr.push(
78
+ line_no: line_no,
79
+ contents: contents,
80
+ author: author
81
+ )
80
82
 
81
83
  current_count += 2
82
84
  end
@@ -101,7 +103,7 @@ module PWN
101
103
  # to PWN Exploit & Static Code Anti-Pattern Matching Modules to
102
104
  # Determine the level of Testing Coverage w/ PWN.
103
105
 
104
- public_class_method def self.security_requirements
106
+ public_class_method def self.security_references
105
107
  {
106
108
  sast_module: self,
107
109
  section: 'PUBLIC KEY INFRASTRUCTURE CERTIFICATES',
data/lib/pwn/sast/sudo.rb CHANGED
@@ -47,7 +47,7 @@ module PWN
47
47
 
48
48
  hash_line = {
49
49
  timestamp: Time.now.strftime('%Y-%m-%d %H:%M:%S.%9N %z').to_s,
50
- security_requirements: security_requirements,
50
+ security_references: security_references,
51
51
  filename: { git_repo_root_uri: git_repo_root_uri, entry: entry },
52
52
  line_no_and_contents: '',
53
53
  raw_content: str,
@@ -77,9 +77,11 @@ module PWN
77
77
  else
78
78
  author = 'N/A'
79
79
  end
80
- hash_line[:line_no_and_contents] = line_no_and_contents_arr.push(line_no: line_no,
81
- contents: contents,
82
- author: author)
80
+ hash_line[:line_no_and_contents] = line_no_and_contents_arr.push(
81
+ line_no: line_no,
82
+ contents: contents,
83
+ author: author
84
+ )
83
85
 
84
86
  current_count += 2
85
87
  end
@@ -104,7 +106,7 @@ module PWN
104
106
  # to PWN Exploit & Static Code Anti-Pattern Matching Modules to
105
107
  # Determine the level of Testing Coverage w/ PWN.
106
108
 
107
- public_class_method def self.security_requirements
109
+ public_class_method def self.security_references
108
110
  {
109
111
  sast_module: self,
110
112
  section: 'LEAST PRIVILEGE',
data/lib/pwn/sast/task_tag.rb CHANGED
@@ -61,7 +61,7 @@ module PWN
61
61
 
62
62
  hash_line = {
63
63
  timestamp: Time.now.strftime('%Y-%m-%d %H:%M:%S.%9N %z').to_s,
64
- security_requirements: security_requirements,
64
+ security_references: security_references,
65
65
  filename: { git_repo_root_uri: git_repo_root_uri, entry: entry },
66
66
  line_no_and_contents: '',
67
67
  raw_content: str,
@@ -91,9 +91,11 @@ module PWN
91
91
  else
92
92
  author = 'N/A'
93
93
  end
94
- hash_line[:line_no_and_contents] = line_no_and_contents_arr.push(line_no: line_no,
95
- contents: contents,
96
- author: author)
94
+ hash_line[:line_no_and_contents] = line_no_and_contents_arr.push(
95
+ line_no: line_no,
96
+ contents: contents,
97
+ author: author
98
+ )
97
99
 
98
100
  current_count += 2
99
101
  end
@@ -118,7 +120,7 @@ module PWN
118
120
  # to PWN Exploit & Static Code Anti-Pattern Matching Modules to
119
121
  # Determine the level of Testing Coverage w/ PWN.
120
122
 
121
- public_class_method def self.security_requirements
123
+ public_class_method def self.security_references
122
124
  {
123
125
  sast_module: self,
124
126
  section: 'LEAST PRIVILEGE',