pwn 0.4.716 → 0.4.718

Sign up to get free protection for your applications and to get access to all the features.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +2 -2
  3. data/README.md +2 -2
  4. data/bin/pwn_defectdojo_importscan +7 -1
  5. data/bin/pwn_nmap_discover_tcp_udp +6 -6
  6. data/lib/pwn/plugins/defect_dojo.rb +2 -0
  7. data/lib/pwn/version.rb +1 -1
  8. metadata +6 -6
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: '0249d1b65b57936b80399b3d5676bfd6729da8d29e5da4d0a1385e06e81a100c'
4
- data.tar.gz: 3eb456af567655ff485238033d3b409dde6a0d36bd82c2c709bad908f0bfa9bf
3
+ metadata.gz: 26afd053ddf66ceb52b537a86b5b9a26ffd84786f6ab3682f205e9159089d05d
4
+ data.tar.gz: bbe2d2805ee9ed4412cb96ec4431ec8971f5a606ae12728bef4991617348f77f
5
5
  SHA512:
6
- metadata.gz: 69d5b29665d3cd99dd584fdb0ad96559941deb73321e63f8ff5a5c312965bc86bf61ee809592450c117a112f5a0376d6207f4c096d8a717d320cbc5bfa5172f5
7
- data.tar.gz: e799946fdc810711efc928440a1c0f5e031e17f9c5d7e5c598652e2378d3cb5beecd9426b8af9438752ea7e1d4bc37d321993833ac68ec135d4d243043430adf
6
+ metadata.gz: f8f353d22573d94df9ed1a607968fb7b01ac116a6af3bde0a5712804fe38a99edc5796c4e251eff2249e3c4a8cbab29917579a83ab1c67a8cb8034e3364b0b62
7
+ data.tar.gz: a027d2f5a316c18459bd5d5a33d9bf08166e833603bfc1ec9c263553829a007888e663d020b5e7cc93da18d1dfce749ef09887d402f544bfb73565d2cab1140e
data/Gemfile CHANGED
@@ -11,12 +11,12 @@ gemspec
11
11
  # In some circumstances custom flags are passed to gems in order
12
12
  # to build appropriately. Defer to ./reinstall_pwn_gemset.sh
13
13
  # to review these custom flags (e.g. pg, serialport, etc).
14
- gem 'activesupport', '7.0.4.3'
14
+ gem 'activesupport', '7.0.5'
15
15
  gem 'anemone', '0.7.2'
16
16
  gem 'authy', '3.0.1'
17
17
  gem 'aws-sdk', '3.1.0'
18
18
  gem 'bettercap', '1.6.2'
19
- gem 'brakeman', '5.4.1'
19
+ gem 'brakeman', '6.0.0'
20
20
  gem 'bson', '4.15.0'
21
21
  gem 'bundler', '>=2.4.13'
22
22
  gem 'bundler-audit', '0.9.1'
data/README.md CHANGED
@@ -37,7 +37,7 @@ $ rvm use ruby-3.2.2@pwn
37
37
  $ rvm list gemsets
38
38
  $ gem install --verbose pwn
39
39
  $ pwn
40
- pwn[v0.4.716]:001 >>> PWN.help
40
+ pwn[v0.4.718]:001 >>> PWN.help
41
41
  ```
42
42
 
43
43
  [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.2.2@pwn
52
52
  $ gem uninstall --all --executables pwn
53
53
  $ gem install --verbose pwn
54
54
  $ pwn
55
- pwn[v0.4.716]:001 >>> PWN.help
55
+ pwn[v0.4.718]:001 >>> PWN.help
56
56
  ```
57
57
 
58
58
 
data/bin/pwn_defectdojo_importscan CHANGED
@@ -57,6 +57,10 @@ OptionParser.new do |options|
57
57
  options.on('-v', '--[no-]verified', '<Optional - flag finding as verified by a tester (defaults to false)') do |v|
58
58
  opts[:verified] = v
59
59
  end
60
+
61
+ options.on('-g', '--create-finding-groups', '<Optional - group similar findings into one finding (defaults to false)') do |g|
62
+ opts[:create_finding_groups] = g
63
+ end
60
64
  end.parse!
61
65
 
62
66
  if opts.empty?
@@ -79,6 +83,7 @@ tags = opts[:tags]
79
83
  minimum_severity = opts[:minimum_severity]
80
84
  scan_date = opts[:scan_date]
81
85
  verified = opts[:verified]
86
+ create_findings_groups = opts[:create_finding_groups]
82
87
 
83
88
  begin
84
89
  dd_obj = PWN::Plugins::DefectDojo.login(
@@ -97,7 +102,8 @@ begin
97
102
  tags: tags,
98
103
  minimum_severity: minimum_severity,
99
104
  scan_date: scan_date,
100
- verified: verified
105
+ verified: verified,
106
+ create_findings_groups: create_findings_groups
101
107
  )
102
108
  rescue StandardError => e
103
109
  raise e
data/bin/pwn_nmap_discover_tcp_udp CHANGED
@@ -28,8 +28,8 @@ OptionParser.new do |options|
28
28
  opts[:results_root] = r
29
29
  end
30
30
 
31
- options.on('-N', '--no-script', '<Optional - Exclude Nmap Scripts>') do |n|
32
- opts[:no_script] = n
31
+ options.on('-S', '--stop-nse', '<Optional - Disable Nmap Scripting Engine>') do |n|
32
+ opts[:stop_nse] = n
33
33
  end
34
34
 
35
35
  options.on('-T', '--tor', '<Optional - Source Scans from Tor Nodes>') do |t|
@@ -64,8 +64,8 @@ File.new(exclude_file, 'w') unless File.exist?(exclude_file)
64
64
  interface = opts[:interface]
65
65
  interface ||= 'eth0'
66
66
 
67
- no_script = true if opts[:no_script]
68
- no_script ||= false
67
+ stop_nse = true if opts[:stop_nse]
68
+ stop_nse ||= false
69
69
 
70
70
  with_tor = true if opts[:with_tor]
71
71
  with_tor ||= false
@@ -258,7 +258,7 @@ begin
258
258
  # retransmission attempts on filtered ports.
259
259
  PWN::Plugins::NmapIt.port_scan do |nmap|
260
260
  nmap.proxies = proxy if with_tor
261
- unless no_script
261
+ unless stop_nse
262
262
  nmap.default_script = true
263
263
  nmap.update_scriptdb = true
264
264
  end
@@ -305,7 +305,7 @@ begin
305
305
  # retransmission attempts on filtered ports.
306
306
  PWN::Plugins::NmapIt.port_scan do |nmap|
307
307
  nmap.proxies = proxy if with_tor
308
- unless no_script
308
+ unless stop_nse
309
309
  nmap.default_script = true
310
310
  nmap.update_scriptdb = true
311
311
  end
data/lib/pwn/plugins/defect_dojo.rb CHANGED
@@ -462,6 +462,8 @@ module PWN
462
462
  # Defaults to false
463
463
  opts[:verified] ? (http_body[:verified] = true) : (http_body[:verified] = false)
464
464
 
465
+ opts[:create_finding_groups] ? (http_body[:create_finding_groups_for_all_findings] = true) : (http_body[:create_finding_groups_for_all_findings] = false)
466
+
465
467
  api_path = 'import-scan/'
466
468
  api_path = 'importscan/' if api_version == 'v1'
467
469
 
data/lib/pwn/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module PWN
4
- VERSION = '0.4.716'
4
+ VERSION = '0.4.718'
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: pwn
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.716
4
+ version: 0.4.718
5
5
  platform: ruby
6
6
  authors:
7
7
  - 0day Inc.
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-05-24 00:00:00.000000000 Z
11
+ date: 2023-05-31 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 7.0.4.3
19
+ version: 7.0.5
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 7.0.4.3
26
+ version: 7.0.5
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: anemone
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -86,14 +86,14 @@ dependencies:
86
86
  requirements:
87
87
  - - '='
88
88
  - !ruby/object:Gem::Version
89
- version: 5.4.1
89
+ version: 6.0.0
90
90
  type: :runtime
91
91
  prerelease: false
92
92
  version_requirements: !ruby/object:Gem::Requirement
93
93
  requirements:
94
94
  - - '='
95
95
  - !ruby/object:Gem::Version
96
- version: 5.4.1
96
+ version: 6.0.0
97
97
  - !ruby/object:Gem::Dependency
98
98
  name: bson
99
99
  requirement: !ruby/object:Gem::Requirement