pwn 0.5.271 → 0.5.272

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (49) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +3 -3
  3. data/lib/pwn/sast/amqp_connect_as_guest.rb +1 -1
  4. data/lib/pwn/sast/apache_file_system_util_api.rb +1 -1
  5. data/lib/pwn/sast/aws.rb +1 -1
  6. data/lib/pwn/sast/banned_function_calls_c.rb +1 -1
  7. data/lib/pwn/sast/base64.rb +1 -1
  8. data/lib/pwn/sast/beef_hook.rb +1 -1
  9. data/lib/pwn/sast/cmd_execution_java.rb +1 -1
  10. data/lib/pwn/sast/cmd_execution_python.rb +1 -1
  11. data/lib/pwn/sast/cmd_execution_ruby.rb +1 -1
  12. data/lib/pwn/sast/cmd_execution_scala.rb +1 -1
  13. data/lib/pwn/sast/csrf.rb +1 -1
  14. data/lib/pwn/sast/deserial_java.rb +1 -1
  15. data/lib/pwn/sast/emoticon.rb +1 -1
  16. data/lib/pwn/sast/eval.rb +1 -1
  17. data/lib/pwn/sast/factory.rb +1 -1
  18. data/lib/pwn/sast/http_authorization_header.rb +1 -1
  19. data/lib/pwn/sast/inner_html.rb +1 -1
  20. data/lib/pwn/sast/keystore.rb +1 -1
  21. data/lib/pwn/sast/local_storage.rb +1 -1
  22. data/lib/pwn/sast/location_hash.rb +1 -1
  23. data/lib/pwn/sast/log4j.rb +1 -1
  24. data/lib/pwn/sast/logger.rb +1 -1
  25. data/lib/pwn/sast/md5.rb +1 -1
  26. data/lib/pwn/sast/outer_html.rb +1 -1
  27. data/lib/pwn/sast/padding_oracle.rb +1 -1
  28. data/lib/pwn/sast/password.rb +1 -1
  29. data/lib/pwn/sast/php_input_mechanisms.rb +1 -1
  30. data/lib/pwn/sast/php_type_juggling.rb +1 -1
  31. data/lib/pwn/sast/pom_version.rb +1 -1
  32. data/lib/pwn/sast/port.rb +1 -1
  33. data/lib/pwn/sast/post_message.rb +1 -1
  34. data/lib/pwn/sast/private_key.rb +1 -1
  35. data/lib/pwn/sast/redirect.rb +1 -1
  36. data/lib/pwn/sast/redos.rb +1 -1
  37. data/lib/pwn/sast/shell.rb +1 -1
  38. data/lib/pwn/sast/signature.rb +1 -1
  39. data/lib/pwn/sast/sql.rb +1 -1
  40. data/lib/pwn/sast/ssl.rb +1 -1
  41. data/lib/pwn/sast/sudo.rb +1 -1
  42. data/lib/pwn/sast/task_tag.rb +1 -1
  43. data/lib/pwn/sast/throw_errors.rb +1 -1
  44. data/lib/pwn/sast/token.rb +1 -1
  45. data/lib/pwn/sast/type_script_type_juggling.rb +1 -1
  46. data/lib/pwn/sast/version.rb +1 -1
  47. data/lib/pwn/sast/window_location_hash.rb +1 -1
  48. data/lib/pwn/version.rb +1 -1
  49. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 5513941fae205bec0919f65cf7836fcabd44e0b3cc5d7186ce077879d24ede77
4
- data.tar.gz: 71993ba856320422fd6013fdb5186678fbb22b17e7a4d17f2486e3d12c24a834
3
+ metadata.gz: 6078f356520f36920cca45fc36a99a93a0afd6f85e94ac1d49f8dcfeeb977758
4
+ data.tar.gz: 56a9e78485393d01d5904385395960a2bee20c4aac7cd02e242cd852aed8c0a0
5
5
  SHA512:
6
- metadata.gz: 283cf1aa03bcfe4797d1544a970bf26919ecffb1f806846ded577018e9d2b94355c96471db46ca30534604cdecb93c4fa0db55909f818c71ee258fcb44eea6e0
7
- data.tar.gz: 8fcc614b29eef85e7117ae72232f2056919981b22d5e1d54ed748683d5575c2040f8adfe719144bd59fa1f9883322fcac7e52ecae2bd75013e085d5f4eb430dc
6
+ metadata.gz: 0d798a11a08b938ec54b4d0737b549c656ef7ea3569c3ba45b031d2c70261c4c4786f18c7e9764e4fd588f2aaf1b6e480520081d8ed2ef51159a01e81b0c2e90
7
+ data.tar.gz: 9f6ccfbddafdcc1e90047bd41202437646d0da359f517dfca6388aa3ed5a7b9c6da4dfcc6bb3aec4f408f44124694b7694a88ad42fbb43b6d21af10edfbab72b
data/README.md CHANGED
@@ -37,7 +37,7 @@ $ cd /opt/pwn
37
37
  $ ./install.sh
38
38
  $ ./install.sh ruby-gem
39
39
  $ pwn
40
- pwn[v0.5.271]:001 >>> PWN.help
40
+ pwn[v0.5.272]:001 >>> PWN.help
41
41
  ```
42
42
 
43
43
  [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.4.1@pwn
52
52
  $ gem uninstall --all --executables pwn
53
53
  $ gem install --verbose pwn
54
54
  $ pwn
55
- pwn[v0.5.271]:001 >>> PWN.help
55
+ pwn[v0.5.272]:001 >>> PWN.help
56
56
  ```
57
57
 
58
58
  If you're using a multi-user install of RVM do:
@@ -62,7 +62,7 @@ $ rvm use ruby-3.4.1@pwn
62
62
  $ rvmsudo gem uninstall --all --executables pwn
63
63
  $ rvmsudo gem install --verbose pwn
64
64
  $ pwn
65
- pwn[v0.5.271]:001 >>> PWN.help
65
+ pwn[v0.5.272]:001 >>> PWN.help
66
66
  ```
67
67
 
68
68
  PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`. The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:
data/lib/pwn/sast/amqp_connect_as_guest.rb CHANGED
@@ -110,7 +110,7 @@ module PWN
110
110
  {
111
111
  sast_module: self,
112
112
  section: 'ACCOUNT MANAGEMENT',
113
- nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=AC-2',
113
+ nist_800_53_uri: 'https://csrc.nist.gov/projects/cprt/catalog#/cprt/framework/version/SP_800_53_5_1_1/home?element=AC-02',
114
114
  cwe_id: '285',
115
115
  cwe_uri: 'https://cwe.mitre.org/data/definitions/285.html'
116
116
  }
data/lib/pwn/sast/apache_file_system_util_api.rb CHANGED
@@ -111,7 +111,7 @@ module PWN
111
111
  {
112
112
  sast_module: self,
113
113
  section: 'INFORMATION INPUT VALIDATION',
114
- nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SI-10',
114
+ nist_800_53_uri: 'https://csrc.nist.gov/projects/cprt/catalog#/cprt/framework/version/SP_800_53_5_1_1/home?element=SI-10',
115
115
  cwe_id: '78',
116
116
  cwe_uri: 'https://cwe.mitre.org/data/definitions/78.html'
117
117
  }
data/lib/pwn/sast/aws.rb CHANGED
@@ -112,7 +112,7 @@ module PWN
112
112
  {
113
113
  sast_module: self,
114
114
  section: 'TRANSMISSION CONFIDENTIALITY AND INTEGRITY',
115
- nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SC-8',
115
+ nist_800_53_uri: 'https://csrc.nist.gov/projects/cprt/catalog#/cprt/framework/version/SP_800_53_5_1_1/home?element=SC-08',
116
116
  cwe_id: '256',
117
117
  cwe_uri: 'https://cwe.mitre.org/data/definitions/256.html'
118
118
  }
data/lib/pwn/sast/banned_function_calls_c.rb CHANGED
@@ -239,7 +239,7 @@ module PWN
239
239
  {
240
240
  sast_module: self,
241
241
  section: 'INFORMATION INPUT VALIDATION',
242
- nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SI-10',
242
+ nist_800_53_uri: 'https://csrc.nist.gov/projects/cprt/catalog#/cprt/framework/version/SP_800_53_5_1_1/home?element=SI-10',
243
243
  cwe_id: '676',
244
244
  cwe_uri: 'https://cwe.mitre.org/data/definitions/676.html'
245
245
  }
data/lib/pwn/sast/base64.rb CHANGED
@@ -108,7 +108,7 @@ module PWN
108
108
  {
109
109
  sast_module: self,
110
110
  section: 'PROTECTION OF INFORMATION AT REST',
111
- nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SC-28',
111
+ nist_800_53_uri: 'https://csrc.nist.gov/projects/cprt/catalog#/cprt/framework/version/SP_800_53_5_1_1/home?element=SC-28',
112
112
  cwe_id: '95',
113
113
  cwe_uri: 'https://cwe.mitre.org/data/definitions/95.html'
114
114
  }
data/lib/pwn/sast/beef_hook.rb CHANGED
@@ -110,7 +110,7 @@ module PWN
110
110
  {
111
111
  sast_module: self,
112
112
  section: 'MALICIOUS CODE PROTECTION',
113
- nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SI-3',
113
+ nist_800_53_uri: 'https://csrc.nist.gov/projects/cprt/catalog#/cprt/framework/version/SP_800_53_5_1_1/home?element=SI-03',
114
114
  cwe_id: '506',
115
115
  cwe_uri: 'https://cwe.mitre.org/data/definitions/506.html'
116
116
  }
data/lib/pwn/sast/cmd_execution_java.rb CHANGED
@@ -112,7 +112,7 @@ module PWN
112
112
  {
113
113
  sast_module: self,
114
114
  section: 'INFORMATION INPUT VALIDATION',
115
- nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SI-10',
115
+ nist_800_53_uri: 'https://csrc.nist.gov/projects/cprt/catalog#/cprt/framework/version/SP_800_53_5_1_1/home?element=SI-10',
116
116
  cwe_id: '78',
117
117
  cwe_uri: 'https://cwe.mitre.org/data/definitions/78.html'
118
118
  }
data/lib/pwn/sast/cmd_execution_python.rb CHANGED
@@ -114,7 +114,7 @@ module PWN
114
114
  {
115
115
  sast_module: self,
116
116
  section: 'INFORMATION INPUT VALIDATION',
117
- nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SI-10',
117
+ nist_800_53_uri: 'https://csrc.nist.gov/projects/cprt/catalog#/cprt/framework/version/SP_800_53_5_1_1/home?element=SI-10',
118
118
  cwe_id: '78',
119
119
  cwe_uri: 'https://cwe.mitre.org/data/definitions/78.html'
120
120
  }
data/lib/pwn/sast/cmd_execution_ruby.rb CHANGED
@@ -122,7 +122,7 @@ module PWN
122
122
  {
123
123
  sast_module: self,
124
124
  section: 'INFORMATION INPUT VALIDATION',
125
- nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SI-10',
125
+ nist_800_53_uri: 'https://csrc.nist.gov/projects/cprt/catalog#/cprt/framework/version/SP_800_53_5_1_1/home?element=SI-10',
126
126
  cwe_id: '78',
127
127
  cwe_uri: 'https://cwe.mitre.org/data/definitions/78.html'
128
128
  }
data/lib/pwn/sast/cmd_execution_scala.rb CHANGED
@@ -112,7 +112,7 @@ module PWN
112
112
  {
113
113
  sast_module: self,
114
114
  section: 'INFORMATION INPUT VALIDATION',
115
- nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SI-10',
115
+ nist_800_53_uri: 'https://csrc.nist.gov/projects/cprt/catalog#/cprt/framework/version/SP_800_53_5_1_1/home?element=SI-10',
116
116
  cwe_id: '78',
117
117
  cwe_uri: 'https://cwe.mitre.org/data/definitions/78.html'
118
118
  }
data/lib/pwn/sast/csrf.rb CHANGED
@@ -109,7 +109,7 @@ module PWN
109
109
  {
110
110
  sast_module: self,
111
111
  section: 'MALICIOUS CODE PROTECTION',
112
- nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SI-3',
112
+ nist_800_53_uri: 'https://csrc.nist.gov/projects/cprt/catalog#/cprt/framework/version/SP_800_53_5_1_1/home?element=SI-3',
113
113
  cwe_id: '352',
114
114
  cwe_uri: 'https://cwe.mitre.org/data/definitions/352.html'
115
115
  }
data/lib/pwn/sast/deserial_java.rb CHANGED
@@ -117,7 +117,7 @@ module PWN
117
117
  {
118
118
  sast_module: self,
119
119
  section: 'INFORMATION INPUT VALIDATION',
120
- nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SI-10',
120
+ nist_800_53_uri: 'https://csrc.nist.gov/projects/cprt/catalog#/cprt/framework/version/SP_800_53_5_1_1/home?element=SI-10',
121
121
  cwe_id: '502',
122
122
  cwe_uri: 'https://cwe.mitre.org/data/definitions/502.html'
123
123
  }
data/lib/pwn/sast/emoticon.rb CHANGED
@@ -118,7 +118,7 @@ module PWN
118
118
  {
119
119
  sast_module: self,
120
120
  section: 'LEAST PRIVILEGE',
121
- nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=AC-6',
121
+ nist_800_53_uri: 'https://csrc.nist.gov/projects/cprt/catalog#/cprt/framework/version/SP_800_53_5_1_1/home?element=AC-6',
122
122
  cwe_id: '546',
123
123
  cwe_uri: 'https://cwe.mitre.org/data/definitions/546.html'
124
124
  }
data/lib/pwn/sast/eval.rb CHANGED
@@ -111,7 +111,7 @@ module PWN
111
111
  {
112
112
  sast_module: self,
113
113
  section: 'MALICIOUS CODE PROTECTION',
114
- nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SI-3',
114
+ nist_800_53_uri: 'https://csrc.nist.gov/projects/cprt/catalog#/cprt/framework/version/SP_800_53_5_1_1/home?element=SI-3',
115
115
  cwe_id: '95',
116
116
  cwe_uri: 'https://cwe.mitre.org/data/definitions/95.html'
117
117
  }
data/lib/pwn/sast/factory.rb CHANGED
@@ -112,7 +112,7 @@ module PWN
112
112
  {
113
113
  sast_module: self,
114
114
  section: 'DEVELOPER CONFIGURATION MANAGEMENT',
115
- nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SA-10',
115
+ nist_800_53_uri: 'https://csrc.nist.gov/projects/cprt/catalog#/cprt/framework/version/SP_800_53_5_1_1/home?element=SA-10',
116
116
  cwe_id: '611',
117
117
  cwe_uri: 'https://cwe.mitre.org/data/definitions/611.html'
118
118
  }
data/lib/pwn/sast/http_authorization_header.rb CHANGED
@@ -117,7 +117,7 @@ module PWN
117
117
  {
118
118
  sast_module: self,
119
119
  section: 'PROTECTION OF INFORMATION AT REST',
120
- nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SC-28',
120
+ nist_800_53_uri: 'https://csrc.nist.gov/projects/cprt/catalog#/cprt/framework/version/SP_800_53_5_1_1/home?element=SC-28',
121
121
  cwe_id: '285',
122
122
  cwe_uri: 'https://cwe.mitre.org/data/definitions/285.html'
123
123
  }
data/lib/pwn/sast/inner_html.rb CHANGED
@@ -111,7 +111,7 @@ module PWN
111
111
  {
112
112
  sast_module: self,
113
113
  section: 'MALICIOUS CODE PROTECTION',
114
- nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SI-3',
114
+ nist_800_53_uri: 'https://csrc.nist.gov/projects/cprt/catalog#/cprt/framework/version/SP_800_53_5_1_1/home?element=SI-3',
115
115
  cwe_id: '79',
116
116
  cwe_uri: 'https://cwe.mitre.org/data/definitions/79.html'
117
117
  }
data/lib/pwn/sast/keystore.rb CHANGED
@@ -110,7 +110,7 @@ module PWN
110
110
  {
111
111
  sast_module: self,
112
112
  section: 'CRYPTOGRAPHIC KEY ESTABLISHMENT AND MANAGEMENT',
113
- nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SC-12',
113
+ nist_800_53_uri: 'https://csrc.nist.gov/projects/cprt/catalog#/cprt/framework/version/SP_800_53_5_1_1/home?element=SC-12',
114
114
  cwe_id: '522',
115
115
  cwe_uri: 'https://cwe.mitre.org/data/definitions/522.html'
116
116
  }
data/lib/pwn/sast/local_storage.rb CHANGED
@@ -112,7 +112,7 @@ module PWN
112
112
  {
113
113
  sast_module: self,
114
114
  section: 'MALICIOUS CODE PROTECTION',
115
- nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SI-3',
115
+ nist_800_53_uri: 'https://csrc.nist.gov/projects/cprt/catalog#/cprt/framework/version/SP_800_53_5_1_1/home?element=SI-3',
116
116
  cwe_id: '79',
117
117
  cwe_uri: 'https://cwe.mitre.org/data/definitions/79.html'
118
118
  }
data/lib/pwn/sast/location_hash.rb CHANGED
@@ -111,7 +111,7 @@ module PWN
111
111
  {
112
112
  sast_module: self,
113
113
  section: 'MALICIOUS CODE PROTECTION',
114
- nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SI-3',
114
+ nist_800_53_uri: 'https://csrc.nist.gov/projects/cprt/catalog#/cprt/framework/version/SP_800_53_5_1_1/home?element=SI-3',
115
115
  cwe_id: '79',
116
116
  cwe_uri: 'https://cwe.mitre.org/data/definitions/79.html'
117
117
  }
data/lib/pwn/sast/log4j.rb CHANGED
@@ -110,7 +110,7 @@ module PWN
110
110
  {
111
111
  sast_module: self,
112
112
  section: 'DEVELOPER SECURITY AND PRIVACY ARCHITECTURE AND DESIGN',
113
- nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SA-17',
113
+ nist_800_53_uri: 'https://csrc.nist.gov/projects/cprt/catalog#/cprt/framework/version/SP_800_53_5_1_1/home?element=SA-17',
114
114
  cwe_id: '502',
115
115
  cwe_uri: 'https://cwe.mitre.org/data/definitions/502.html'
116
116
  }
data/lib/pwn/sast/logger.rb CHANGED
@@ -125,7 +125,7 @@ module PWN
125
125
  {
126
126
  sast_module: self,
127
127
  section: 'PROTECTION OF INFORMATION AT REST',
128
- nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SC-28',
128
+ nist_800_53_uri: 'https://csrc.nist.gov/projects/cprt/catalog#/cprt/framework/version/SP_800_53_5_1_1/home?element=SC-28',
129
129
  cwe_id: '779',
130
130
  cwe_uri: 'https://cwe.mitre.org/data/definitions/779.html'
131
131
  }
data/lib/pwn/sast/md5.rb CHANGED
@@ -110,7 +110,7 @@ module PWN
110
110
  {
111
111
  sast_module: self,
112
112
  section: 'MALICIOUS CODE PROTECTION',
113
- nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control?version=5.1&number=SC-28',
113
+ nist_800_53_uri: 'https://csrc.nist.gov/projects/cprt/catalog#/cprt/framework/version/SP_800_53_5_1_1/home?element=SC-28',
114
114
  cwe_id: '328',
115
115
  cwe_uri: 'https://cwe.mitre.org/data/definitions/328.html'
116
116
  }
data/lib/pwn/sast/outer_html.rb CHANGED
@@ -111,7 +111,7 @@ module PWN
111
111
  {
112
112
  sast_module: self,
113
113
  section: 'MALICIOUS CODE PROTECTION',
114
- nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SI-3',
114
+ nist_800_53_uri: 'https://csrc.nist.gov/projects/cprt/catalog#/cprt/framework/version/SP_800_53_5_1_1/home?element=SI-3',
115
115
  cwe_id: '79',
116
116
  cwe_uri: 'https://cwe.mitre.org/data/definitions/79.html'
117
117
  }
data/lib/pwn/sast/padding_oracle.rb CHANGED
@@ -107,7 +107,7 @@ module PWN
107
107
  {
108
108
  sast_module: self,
109
109
  section: 'PUBLIC KEY INFRASTRUCTURE CERTIFICATES',
110
- nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SC-17',
110
+ nist_800_53_uri: 'https://csrc.nist.gov/projects/cprt/catalog#/cprt/framework/version/SP_800_53_5_1_1/home?element=SC-17',
111
111
  cwe_id: '310',
112
112
  cwe_uri: 'https://cwe.mitre.org/data/definitions/310.html'
113
113
  }
data/lib/pwn/sast/password.rb CHANGED
@@ -112,7 +112,7 @@ module PWN
112
112
  {
113
113
  sast_module: self,
114
114
  section: 'PROTECTION OF INFORMATION AT REST',
115
- nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SC-28',
115
+ nist_800_53_uri: 'https://csrc.nist.gov/projects/cprt/catalog#/cprt/framework/version/SP_800_53_5_1_1/home?element=SC-28',
116
116
  cwe_id: '540',
117
117
  cwe_uri: 'https://cwe.mitre.org/data/definitions/540.html'
118
118
  }
data/lib/pwn/sast/php_input_mechanisms.rb CHANGED
@@ -116,7 +116,7 @@ module PWN
116
116
  {
117
117
  sast_module: self,
118
118
  section: 'DEVELOPER SECURITY AND PRIVACY ARCHITECTURE AND DESIGN',
119
- nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SA-17',
119
+ nist_800_53_uri: 'https://csrc.nist.gov/projects/cprt/catalog#/cprt/framework/version/SP_800_53_5_1_1/home?element=SA-17',
120
120
  cwe_id: '661',
121
121
  cwe_uri: 'https://cwe.mitre.org/data/definitions/661.html'
122
122
  }
data/lib/pwn/sast/php_type_juggling.rb CHANGED
@@ -114,7 +114,7 @@ module PWN
114
114
  {
115
115
  sast_module: self,
116
116
  section: 'DEVELOPER SECURITY AND PRIVACY ARCHITECTURE AND DESIGN',
117
- nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SA-17',
117
+ nist_800_53_uri: 'https://csrc.nist.gov/projects/cprt/catalog#/cprt/framework/version/SP_800_53_5_1_1/home?element=SA-17',
118
118
  cwe_id: '661',
119
119
  cwe_uri: 'https://cwe.mitre.org/data/definitions/661.html'
120
120
  }
data/lib/pwn/sast/pom_version.rb CHANGED
@@ -119,7 +119,7 @@ module PWN
119
119
  {
120
120
  sast_module: self,
121
121
  section: 'VULNERABILITY SCANNING',
122
- nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=RA-5',
122
+ nist_800_53_uri: 'https://csrc.nist.gov/projects/cprt/catalog#/cprt/framework/version/SP_800_53_5_1_1/home?element=RA-5',
123
123
  cwe_id: '.0',
124
124
  cwe_uri: 'https://cwe.mitre.org/data/definitions/1104.html'
125
125
  }
data/lib/pwn/sast/port.rb CHANGED
@@ -117,7 +117,7 @@ module PWN
117
117
  {
118
118
  sast_module: self,
119
119
  section: 'TRANSMISSION CONFIDENTIALITY AND INTEGRITY',
120
- nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SC-8',
120
+ nist_800_53_uri: 'https://csrc.nist.gov/projects/cprt/catalog#/cprt/framework/version/SP_800_53_5_1_1/home?element=SC-8',
121
121
  cwe_id: '319',
122
122
  cwe_uri: 'https://cwe.mitre.org/data/definitions/319.html'
123
123
  }
data/lib/pwn/sast/post_message.rb CHANGED
@@ -111,7 +111,7 @@ module PWN
111
111
  {
112
112
  sast_module: self,
113
113
  section: 'MALICIOUS CODE PROTECTION',
114
- nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SI-3',
114
+ nist_800_53_uri: 'https://csrc.nist.gov/projects/cprt/catalog#/cprt/framework/version/SP_800_53_5_1_1/home?element=SI-3',
115
115
  cwe_id: '79',
116
116
  cwe_uri: 'https://cwe.mitre.org/data/definitions/79.html'
117
117
  }
data/lib/pwn/sast/private_key.rb CHANGED
@@ -110,7 +110,7 @@ module PWN
110
110
  {
111
111
  sast_module: self,
112
112
  section: 'CRYPTOGRAPHIC MODULE AUTHENTICATION',
113
- nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=IA-7',
113
+ nist_800_53_uri: 'https://csrc.nist.gov/projects/cprt/catalog#/cprt/framework/version/SP_800_53_5_1_1/home?element=IA-7',
114
114
  cwe_id: '321',
115
115
  cwe_uri: 'https://cwe.mitre.org/data/definitions/321.html'
116
116
  }
data/lib/pwn/sast/redirect.rb CHANGED
@@ -112,7 +112,7 @@ module PWN
112
112
  {
113
113
  sast_module: self,
114
114
  section: 'LEAST PRIVILEGE',
115
- nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=AC-6',
115
+ nist_800_53_uri: 'https://csrc.nist.gov/projects/cprt/catalog#/cprt/framework/version/SP_800_53_5_1_1/home?element=AC-6',
116
116
  cwe_id: '601',
117
117
  cwe_uri: 'https://cwe.mitre.org/data/definitions/601.html'
118
118
  }
data/lib/pwn/sast/redos.rb CHANGED
@@ -117,7 +117,7 @@ module PWN
117
117
  {
118
118
  sast_module: self,
119
119
  section: 'PROTECTION OF INFORMATION AT REST',
120
- nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SC-28',
120
+ nist_800_53_uri: 'https://csrc.nist.gov/projects/cprt/catalog#/cprt/framework/version/SP_800_53_5_1_1/home?element=SC-28',
121
121
  cwe_id: '1333',
122
122
  cwe_uri: 'https://cwe.mitre.org/data/definitions/1333.html'
123
123
  }
data/lib/pwn/sast/shell.rb CHANGED
@@ -118,7 +118,7 @@ module PWN
118
118
  {
119
119
  sast_module: self,
120
120
  section: 'DEVELOPER SECURITY AND PRIVACY ARCHITECTURE AND DESIGN',
121
- nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SA-17',
121
+ nist_800_53_uri: 'https://csrc.nist.gov/projects/cprt/catalog#/cprt/framework/version/SP_800_53_5_1_1/home?element=SA-17',
122
122
  cwe_id: '553',
123
123
  cwe_uri: 'https://cwe.mitre.org/data/definitions/553.html'
124
124
  }
data/lib/pwn/sast/signature.rb CHANGED
@@ -110,7 +110,7 @@ module PWN
110
110
  {
111
111
  sast_module: self,
112
112
  section: 'CRYPTOGRAPHIC MODULE AUTHENTICATION',
113
- nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=IA-7',
113
+ nist_800_53_uri: 'https://csrc.nist.gov/projects/cprt/catalog#/cprt/framework/version/SP_800_53_5_1_1/home?element=IA-17',
114
114
  cwe_id: '347',
115
115
  cwe_uri: 'https://cwe.mitre.org/data/definitions/347.html'
116
116
  }
data/lib/pwn/sast/sql.rb CHANGED
@@ -114,7 +114,7 @@ module PWN
114
114
  {
115
115
  sast_module: self,
116
116
  section: 'INFORMATION INPUT VALIDATION',
117
- nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SI-10',
117
+ nist_800_53_uri: 'https://csrc.nist.gov/projects/cprt/catalog#/cprt/framework/version/SP_800_53_5_1_1/home?element=SI-10',
118
118
  cwe_id: '89',
119
119
  cwe_uri: 'https://cwe.mitre.org/data/definitions/89.html'
120
120
  }
data/lib/pwn/sast/ssl.rb CHANGED
@@ -114,7 +114,7 @@ module PWN
114
114
  {
115
115
  sast_module: self,
116
116
  section: 'PUBLIC KEY INFRASTRUCTURE CERTIFICATES',
117
- nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SC-17',
117
+ nist_800_53_uri: 'https://csrc.nist.gov/projects/cprt/catalog#/cprt/framework/version/SP_800_53_5_1_1/home?element=SC-17',
118
118
  cwe_id: '310',
119
119
  cwe_uri: 'https://cwe.mitre.org/data/definitions/310.html'
120
120
  }
data/lib/pwn/sast/sudo.rb CHANGED
@@ -110,7 +110,7 @@ module PWN
110
110
  {
111
111
  sast_module: self,
112
112
  section: 'LEAST PRIVILEGE',
113
- nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=AC-6',
113
+ nist_800_53_uri: 'https://csrc.nist.gov/projects/cprt/catalog#/cprt/framework/version/SP_800_53_5_1_1/home?element=AC-6',
114
114
  cwe_id: '250',
115
115
  cwe_uri: 'https://cwe.mitre.org/data/definitions/250.html'
116
116
  }
data/lib/pwn/sast/task_tag.rb CHANGED
@@ -124,7 +124,7 @@ module PWN
124
124
  {
125
125
  sast_module: self,
126
126
  section: 'LEAST PRIVILEGE',
127
- nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=AC-6',
127
+ nist_800_53_uri: 'https://csrc.nist.gov/projects/cprt/catalog#/cprt/framework/version/SP_800_53_5_1_1/home?element=AC-6',
128
128
  cwe_id: '546',
129
129
  cwe_uri: 'https://cwe.mitre.org/data/definitions/546.html'
130
130
  }
data/lib/pwn/sast/throw_errors.rb CHANGED
@@ -110,7 +110,7 @@ module PWN
110
110
  {
111
111
  sast_module: self,
112
112
  section: 'ERROR HANDLING',
113
- nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SI-11',
113
+ nist_800_53_uri: 'https://csrc.nist.gov/projects/cprt/catalog#/cprt/framework/version/SP_800_53_5_1_1/home?element=SI-11',
114
114
  cwe_id: '209',
115
115
  cwe_uri: 'https://cwe.mitre.org/data/definitions/209.html'
116
116
  }
data/lib/pwn/sast/token.rb CHANGED
@@ -112,7 +112,7 @@ module PWN
112
112
  {
113
113
  sast_module: self,
114
114
  section: 'CRYPTOGRAPHIC MODULE AUTHENTICATION',
115
- nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=IA-7',
115
+ nist_800_53_uri: 'https://csrc.nist.gov/projects/cprt/catalog#/cprt/framework/version/SP_800_53_5_1_1/home?element=IA-7',
116
116
  cwe_id: '798',
117
117
  cwe_uri: 'https://cwe.mitre.org/data/definitions/798.html'
118
118
  }
data/lib/pwn/sast/type_script_type_juggling.rb CHANGED
@@ -114,7 +114,7 @@ module PWN
114
114
  {
115
115
  sast_module: self,
116
116
  section: 'DEVELOPER SECURITY AND PRIVACY ARCHITECTURE AND DESIGN',
117
- nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SA-17',
117
+ nist_800_53_uri: 'https://csrc.nist.gov/projects/cprt/catalog#/cprt/framework/version/SP_800_53_5_1_1/home?element=SA-17',
118
118
  cwe_id: '661',
119
119
  cwe_uri: 'https://cwe.mitre.org/data/definitions/661.html'
120
120
  }
data/lib/pwn/sast/version.rb CHANGED
@@ -111,7 +111,7 @@ module PWN
111
111
  {
112
112
  sast_module: self,
113
113
  section: 'VULNERABILITY SCANNING',
114
- nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=RA-5',
114
+ nist_800_53_uri: 'https://csrc.nist.gov/projects/cprt/catalog#/cprt/framework/version/SP_800_53_5_1_1/home?element=RA-5',
115
115
  cwe_id: '672',
116
116
  cwe_uri: 'https://cwe.mitre.org/data/definitions/672.html'
117
117
  }
data/lib/pwn/sast/window_location_hash.rb CHANGED
@@ -110,7 +110,7 @@ module PWN
110
110
  {
111
111
  sast_module: self,
112
112
  section: 'MALICIOUS CODE PROTECTION',
113
- nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SI-3',
113
+ nist_800_53_uri: 'https://csrc.nist.gov/projects/cprt/catalog#/cprt/framework/version/SP_800_53_5_1_1/home?element=SI-3',
114
114
  cwe_id: '79',
115
115
  cwe_uri: 'https://cwe.mitre.org/data/definitions/79.html'
116
116
  }
data/lib/pwn/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module PWN
4
- VERSION = '0.5.271'
4
+ VERSION = '0.5.272'
5
5
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: pwn
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.5.271
4
+ version: 0.5.272
5
5
  platform: ruby
6
6
  authors:
7
7
  - 0day Inc.