stratagem 0.1.7
Sign up to get free protection for your applications and to get access to all the features.
- data/Manifest +99 -0
- data/Rakefile +17 -0
- data/bin/stratagem +10 -0
- data/init.rb +2 -0
- data/lib/bootstrap.rb +31 -0
- data/lib/stratagem/authentication.rb +64 -0
- data/lib/stratagem/auto_mock/aquifer.rb +86 -0
- data/lib/stratagem/auto_mock/factory.rb +213 -0
- data/lib/stratagem/auto_mock/value_generator.rb +174 -0
- data/lib/stratagem/auto_mock.rb +6 -0
- data/lib/stratagem/blocker.rb +16 -0
- data/lib/stratagem/client.rb +32 -0
- data/lib/stratagem/command.rb +13 -0
- data/lib/stratagem/commands/analyze.rb +22 -0
- data/lib/stratagem/commands/base.rb +11 -0
- data/lib/stratagem/commands/devel_crawl.rb +27 -0
- data/lib/stratagem/commands/devel_mock.rb +10 -0
- data/lib/stratagem/commands.rb +7 -0
- data/lib/stratagem/crawler/authentication.rb +109 -0
- data/lib/stratagem/crawler/form.rb +101 -0
- data/lib/stratagem/crawler/html_utils.rb +92 -0
- data/lib/stratagem/crawler/session.rb +296 -0
- data/lib/stratagem/crawler/site_model.rb +138 -0
- data/lib/stratagem/crawler/trace_utils.rb +10 -0
- data/lib/stratagem/crawler.rb +9 -0
- data/lib/stratagem/extensions/class.rb +9 -0
- data/lib/stratagem/extensions/hash.rb +16 -0
- data/lib/stratagem/extensions/module.rb +11 -0
- data/lib/stratagem/extensions/object.rb +15 -0
- data/lib/stratagem/extensions/red_parse.rb +86 -0
- data/lib/stratagem/extensions/string.rb +20 -0
- data/lib/stratagem/extensions.rb +6 -0
- data/lib/stratagem/framework_extensions/controllers/action_controller.rb +10 -0
- data/lib/stratagem/framework_extensions/controllers/action_mailer.rb +12 -0
- data/lib/stratagem/framework_extensions/controllers.rb +5 -0
- data/lib/stratagem/framework_extensions/models/adapters/active_model/detect.rb +7 -0
- data/lib/stratagem/framework_extensions/models/adapters/active_model/extensions.rb +35 -0
- data/lib/stratagem/framework_extensions/models/adapters/active_model/metadata.rb +103 -0
- data/lib/stratagem/framework_extensions/models/adapters/active_model/tracing.rb +50 -0
- data/lib/stratagem/framework_extensions/models/adapters/authlogic/detect.rb +11 -0
- data/lib/stratagem/framework_extensions/models/adapters/authlogic/extensions.rb +10 -0
- data/lib/stratagem/framework_extensions/models/adapters/authlogic/metadata.rb +30 -0
- data/lib/stratagem/framework_extensions/models/adapters/authlogic/tracing.rb +4 -0
- data/lib/stratagem/framework_extensions/models/adapters/common/authentication_metadata.rb +21 -0
- data/lib/stratagem/framework_extensions/models/adapters/restful_authentication/detect.rb +13 -0
- data/lib/stratagem/framework_extensions/models/adapters/restful_authentication/extensions.rb +19 -0
- data/lib/stratagem/framework_extensions/models/adapters/restful_authentication/metadata.rb +30 -0
- data/lib/stratagem/framework_extensions/models/adapters/restful_authentication/tracing.rb +4 -0
- data/lib/stratagem/framework_extensions/models/annotations.rb +79 -0
- data/lib/stratagem/framework_extensions/models/detect.rb +7 -0
- data/lib/stratagem/framework_extensions/models/metadata.rb +85 -0
- data/lib/stratagem/framework_extensions/models/mocking.rb +23 -0
- data/lib/stratagem/framework_extensions/models/tracing.rb +71 -0
- data/lib/stratagem/framework_extensions/models.rb +21 -0
- data/lib/stratagem/framework_extensions/rails.rb +8 -0
- data/lib/stratagem/framework_extensions.rb +6 -0
- data/lib/stratagem/interface/browser.rb +37 -0
- data/lib/stratagem/interface/public/images/backgrounds/content.png +0 -0
- data/lib/stratagem/interface/public/images/backgrounds/shadow.png +0 -0
- data/lib/stratagem/interface/public/javascripts/jquery-1.4.2.min.js +154 -0
- data/lib/stratagem/interface/public/javascripts/stratagem.js +27 -0
- data/lib/stratagem/interface/public/javascripts/stratagem_debug.js +53 -0
- data/lib/stratagem/interface/public/stylesheets/960.css +1 -0
- data/lib/stratagem/interface/public/stylesheets/reset.css +10 -0
- data/lib/stratagem/interface/public/stylesheets/stratagem.css +20 -0
- data/lib/stratagem/interface/public/stylesheets/stratagem_debug.css +20 -0
- data/lib/stratagem/interface/views/debug.haml +43 -0
- data/lib/stratagem/interface/views/index.haml +35 -0
- data/lib/stratagem/labs/auto_mock.rb +7 -0
- data/lib/stratagem/labs/crawler.rb +0 -0
- data/lib/stratagem/logger.rb +46 -0
- data/lib/stratagem/model/application.rb +157 -0
- data/lib/stratagem/model/components/base.rb +55 -0
- data/lib/stratagem/model/components/controller.rb +118 -0
- data/lib/stratagem/model/components/model.rb +170 -0
- data/lib/stratagem/model/components/reference.rb +30 -0
- data/lib/stratagem/model/components/route.rb +53 -0
- data/lib/stratagem/model/components/static_file.rb +18 -0
- data/lib/stratagem/model/components/view.rb +186 -0
- data/lib/stratagem/model/parse_util.rb +61 -0
- data/lib/stratagem/model.rb +12 -0
- data/lib/stratagem/model_builder.rb +146 -0
- data/lib/stratagem/recipes/deploy.rb +30 -0
- data/lib/stratagem/scan/checks/capistrano/secure_deploy.rb +43 -0
- data/lib/stratagem/scan/checks/email_address.rb +15 -0
- data/lib/stratagem/scan/checks/error_pages.rb +25 -0
- data/lib/stratagem/scan/checks/filter_parameter_logging.rb +6 -0
- data/lib/stratagem/scan/checks/mongo_mapper/base.rb +19 -0
- data/lib/stratagem/scan/checks/mongo_mapper/foreign_keys_exposed.rb +32 -0
- data/lib/stratagem/scan/checks/routes.rb +16 -0
- data/lib/stratagem/scan/checks/ssl/secure_login_page.rb +19 -0
- data/lib/stratagem/scan/checks/ssl/secure_login_submit.rb +18 -0
- data/lib/stratagem/scan/result.rb +45 -0
- data/lib/stratagem/scan.rb +19 -0
- data/lib/stratagem/scanner.rb +32 -0
- data/lib/stratagem/site_crawler.rb +47 -0
- data/lib/stratagem/snapshot.rb +33 -0
- data/lib/stratagem.rb +77 -0
- data/lib/tasks/_old_stratagem.rake +99 -0
- data/stratagem.gemspec +56 -0
- metadata +380 -0
@@ -0,0 +1,19 @@
|
|
1
|
+
module Stratagem::Scan
|
2
|
+
end
|
3
|
+
|
4
|
+
# require 'stratagem/scan/result'
|
5
|
+
# require 'stratagem/scan/checks/base'
|
6
|
+
# require 'stratagem/scan/checks/email_address'
|
7
|
+
# require 'stratagem/scan/checks/error_pages'
|
8
|
+
# require 'stratagem/scan/checks/routes'
|
9
|
+
# require 'stratagem/scan/checks/filter_parameter_logging'
|
10
|
+
# require 'stratagem/scan/checks/erb/xss_global'
|
11
|
+
# require 'stratagem/scan/checks/ssl/secure_login_page'
|
12
|
+
# require 'stratagem/scan/checks/ssl/secure_login_submit'
|
13
|
+
# require 'stratagem/scan/checks/capistrano/secure_deploy'
|
14
|
+
# require 'stratagem/scan/checks/active_record/base'
|
15
|
+
# require 'stratagem/scan/checks/active_record/attr_accessible'
|
16
|
+
# require 'stratagem/scan/checks/active_record/internal_attributes_exposed'
|
17
|
+
# require 'stratagem/scan/checks/active_record/foreign_keys_exposed'
|
18
|
+
# require 'stratagem/scan/checks/mongo_mapper/base'
|
19
|
+
# require 'stratagem/scan/checks/mongo_mapper/foreign_keys_exposed'
|
@@ -0,0 +1,32 @@
|
|
1
|
+
module Stratagem
|
2
|
+
class Scanner
|
3
|
+
attr_reader :results
|
4
|
+
|
5
|
+
def initialize(model)
|
6
|
+
@model = model
|
7
|
+
@results = []
|
8
|
+
end
|
9
|
+
|
10
|
+
def run
|
11
|
+
# Object.subclasses_of(Stratagem::Scan::Checks::Base).each {|check|
|
12
|
+
# log "running security check: #{check}"
|
13
|
+
# puts "running #{check}"
|
14
|
+
# check = check.new(@model)
|
15
|
+
# check.run
|
16
|
+
# @results += check.results
|
17
|
+
# log ""
|
18
|
+
# }
|
19
|
+
# self
|
20
|
+
end
|
21
|
+
|
22
|
+
def export
|
23
|
+
{ :results => [] }
|
24
|
+
end
|
25
|
+
|
26
|
+
def log(msg)
|
27
|
+
Stratagem.logger.debug msg
|
28
|
+
end
|
29
|
+
|
30
|
+
end
|
31
|
+
|
32
|
+
end
|
@@ -0,0 +1,47 @@
|
|
1
|
+
module Stratagem
|
2
|
+
class SiteCrawler
|
3
|
+
include Stratagem::Crawler::Session
|
4
|
+
|
5
|
+
def initialize(application_model)
|
6
|
+
@application_model = application_model
|
7
|
+
end
|
8
|
+
|
9
|
+
def run
|
10
|
+
crawler_session(@application_model) do
|
11
|
+
log "crawling site"
|
12
|
+
phase(:unauthenticated)
|
13
|
+
crawl
|
14
|
+
display
|
15
|
+
authenticated = authenticate
|
16
|
+
|
17
|
+
if (authenticated)
|
18
|
+
phase(:authenticated)
|
19
|
+
crawl
|
20
|
+
display
|
21
|
+
end
|
22
|
+
end
|
23
|
+
|
24
|
+
self
|
25
|
+
end
|
26
|
+
|
27
|
+
def export
|
28
|
+
phases = site_models.map {|phase,model|
|
29
|
+
h = model.export
|
30
|
+
h[:name] = phase
|
31
|
+
h
|
32
|
+
}
|
33
|
+
{
|
34
|
+
:authentication => {
|
35
|
+
:success => authentication.success,
|
36
|
+
:login_page_external_id => authentication.login_page.object_id,
|
37
|
+
:response_page_external_id => authentication.response_page.object_id,
|
38
|
+
:ssl => authentication.ssl
|
39
|
+
},
|
40
|
+
:phases => phases
|
41
|
+
}
|
42
|
+
end
|
43
|
+
|
44
|
+
attr_accessor :success, :login_page, :form, :response_page, :ssl
|
45
|
+
|
46
|
+
end
|
47
|
+
end
|
@@ -0,0 +1,33 @@
|
|
1
|
+
module Stratagem
|
2
|
+
class Snapshot
|
3
|
+
attr_reader :project_name, :timestamp, :model, :scanner
|
4
|
+
|
5
|
+
def self.create(project_name)
|
6
|
+
|
7
|
+
logger.phase('modeling_application')
|
8
|
+
model = Stratagem::ModelBuilder.new.run
|
9
|
+
|
10
|
+
# Crawl site
|
11
|
+
logger.phase('traversing_site')
|
12
|
+
model.crawler = Stratagem::SiteCrawler.new(model).run
|
13
|
+
|
14
|
+
logger.phase('vulnerability_scanning')
|
15
|
+
scanner = Stratagem::Scanner.new(model).run
|
16
|
+
|
17
|
+
snapshot = self.new(project_name, Time.now, model, scanner)
|
18
|
+
end
|
19
|
+
|
20
|
+
def self.logger
|
21
|
+
Stratagem.logger
|
22
|
+
end
|
23
|
+
|
24
|
+
protected
|
25
|
+
|
26
|
+
def initialize(project_name, timestamp, model, scanner)
|
27
|
+
@project_name = project_name
|
28
|
+
@timestamp = timestamp
|
29
|
+
@model = model
|
30
|
+
@scanner = scanner
|
31
|
+
end
|
32
|
+
end
|
33
|
+
end
|
data/lib/stratagem.rb
ADDED
@@ -0,0 +1,77 @@
|
|
1
|
+
class StratagemError < RuntimeError
|
2
|
+
attr_accessor :target
|
3
|
+
|
4
|
+
def initialize(*args)
|
5
|
+
super(*args)
|
6
|
+
(@@all ||= []) << self
|
7
|
+
end
|
8
|
+
end
|
9
|
+
|
10
|
+
require 'rubygems'
|
11
|
+
require 'haml'
|
12
|
+
require 'launchy'
|
13
|
+
require 'redparse'
|
14
|
+
require 'stratagem/blocker'
|
15
|
+
require 'stratagem/logger'
|
16
|
+
require 'stratagem/extensions'
|
17
|
+
require 'stratagem/framework_extensions'
|
18
|
+
|
19
|
+
require 'stratagem/model'
|
20
|
+
require 'stratagem/auto_mock'
|
21
|
+
|
22
|
+
require 'stratagem/authentication'
|
23
|
+
require 'stratagem/client'
|
24
|
+
require 'stratagem/command'
|
25
|
+
require 'stratagem/model_builder'
|
26
|
+
require 'stratagem/scanner'
|
27
|
+
require 'stratagem/scan'
|
28
|
+
require 'stratagem/crawler'
|
29
|
+
require 'stratagem/site_crawler'
|
30
|
+
require 'stratagem/snapshot'
|
31
|
+
|
32
|
+
require 'stratagem/commands'
|
33
|
+
|
34
|
+
module Stratagem
|
35
|
+
@@blocker = Blocker.new
|
36
|
+
@@running = false
|
37
|
+
@@session_id = Time.now.to_f.to_s # the interface uses this to determine which instance of the client it's talking to
|
38
|
+
|
39
|
+
def self.session_id
|
40
|
+
@@session_id
|
41
|
+
end
|
42
|
+
|
43
|
+
def self.logger
|
44
|
+
Stratagem::Logger.instance
|
45
|
+
end
|
46
|
+
|
47
|
+
def self.domain
|
48
|
+
ENV['STRATAGEM_HOST'] || 'stratagemapp.com'
|
49
|
+
end
|
50
|
+
|
51
|
+
def self.wait_for_completion
|
52
|
+
@@blocker.wait
|
53
|
+
end
|
54
|
+
|
55
|
+
def self.complete
|
56
|
+
@@blocker.notify
|
57
|
+
end
|
58
|
+
|
59
|
+
def self.analyze
|
60
|
+
unless (@@running)
|
61
|
+
@@running = true
|
62
|
+
Thread.new {
|
63
|
+
begin
|
64
|
+
authentication = Stratagem::Authentication.instance
|
65
|
+
snapshot = Stratagem::Snapshot.create(authentication.project)
|
66
|
+
Stratagem::Client.new(authentication).send(snapshot)
|
67
|
+
rescue
|
68
|
+
puts $!.message
|
69
|
+
puts $!.backtrace
|
70
|
+
ensure
|
71
|
+
complete
|
72
|
+
end
|
73
|
+
}
|
74
|
+
end
|
75
|
+
end
|
76
|
+
end
|
77
|
+
|
@@ -0,0 +1,99 @@
|
|
1
|
+
|
2
|
+
# this is a hack for the integration test session. some versions do not correctly
|
3
|
+
# close the body from the Rack request, causing an error
|
4
|
+
require 'rack/lint'
|
5
|
+
module Rack
|
6
|
+
# Rack::Lint validates your application and the requests and
|
7
|
+
# responses according to the Rack spec.
|
8
|
+
|
9
|
+
class Lint
|
10
|
+
alias_method :old_call, :call
|
11
|
+
|
12
|
+
def call(env)
|
13
|
+
status, headers, body = old_call(env)
|
14
|
+
body.close
|
15
|
+
[status,headers,body]
|
16
|
+
end
|
17
|
+
end
|
18
|
+
end
|
19
|
+
|
20
|
+
namespace :stratagem do
|
21
|
+
task :default => [:analyze]
|
22
|
+
|
23
|
+
task :analyze => :environment do
|
24
|
+
require 'stratagem'
|
25
|
+
|
26
|
+
authentication = Stratagem::Authentication.new
|
27
|
+
|
28
|
+
snapshot = Stratagem::Snapshot.create(authentication.project)
|
29
|
+
Stratagem::Client.new(authentication).send(snapshot)
|
30
|
+
|
31
|
+
puts "--------------"
|
32
|
+
snapshot.model.views.each do |view|
|
33
|
+
next if view.partial?
|
34
|
+
puts "#{view.render_path} - #{view.forms.map {|f| f.export }.inspect}"
|
35
|
+
end
|
36
|
+
|
37
|
+
Launchy::Browser.run("#{authentication.base_url}/projects/#{authentication.project}")
|
38
|
+
end
|
39
|
+
|
40
|
+
task :exercise => :environment do
|
41
|
+
require 'stratagem'
|
42
|
+
|
43
|
+
class Mocker
|
44
|
+
include Stratagem::AutoMock
|
45
|
+
end
|
46
|
+
|
47
|
+
include ActionController::Integration::Runner
|
48
|
+
model = Stratagem::ModelBuilder.new.run
|
49
|
+
|
50
|
+
@mocker = Mocker.new
|
51
|
+
|
52
|
+
model.models.each do |model|
|
53
|
+
model_builder = @mocker.setup_model(model.klass)
|
54
|
+
if (model_builder)
|
55
|
+
begin
|
56
|
+
mocked = model_builder.mock{}
|
57
|
+
puts "VALID? #{mocked.valid?}"
|
58
|
+
rescue
|
59
|
+
puts $!.message
|
60
|
+
puts "^^^^^^^^^^^^^^^^^^^"
|
61
|
+
end
|
62
|
+
|
63
|
+
else
|
64
|
+
puts "unable to locate builder for #{model.klass.name}"
|
65
|
+
end
|
66
|
+
|
67
|
+
end
|
68
|
+
|
69
|
+
open_session do |session|
|
70
|
+
model.routes.each {|route_container|
|
71
|
+
route = route_container.route
|
72
|
+
name = ActionController::Routing::Routes.named_routes.routes.index(route).to_s
|
73
|
+
verb = route.conditions[:method].to_s
|
74
|
+
segs = route.segments.inject("") { |str,s| str << s.to_s }
|
75
|
+
segs.chop! if segs.length > 1
|
76
|
+
reqs = route.requirements.empty? ? "" : route.requirements.inspect
|
77
|
+
route = {:name => name, :verb => verb, :segs => segs, :reqs => reqs}
|
78
|
+
|
79
|
+
if ((route[:verb] != '') && (route[:verb] != 'any'))
|
80
|
+
path = route[:segs].gsub('(.:format)', '')
|
81
|
+
|
82
|
+
puts route[:verb]
|
83
|
+
puts path
|
84
|
+
|
85
|
+
self.send(route[:verb], path)
|
86
|
+
session.reset!
|
87
|
+
|
88
|
+
end
|
89
|
+
# puts route[:name]
|
90
|
+
# p route.requirements
|
91
|
+
}
|
92
|
+
end
|
93
|
+
|
94
|
+
# routes.each do |r|
|
95
|
+
# puts "#{r[:name].rjust(name_width)} #{r[:verb].ljust(verb_width)} #{r[:segs].ljust(segs_width)} #{r[:reqs]}"
|
96
|
+
# end
|
97
|
+
|
98
|
+
end
|
99
|
+
end
|
data/stratagem.gemspec
ADDED
@@ -0,0 +1,56 @@
|
|
1
|
+
# -*- encoding: utf-8 -*-
|
2
|
+
|
3
|
+
Gem::Specification.new do |s|
|
4
|
+
s.name = %q{stratagem}
|
5
|
+
s.version = "0.1.7"
|
6
|
+
|
7
|
+
s.required_rubygems_version = Gem::Requirement.new(">= 1.2") if s.respond_to? :required_rubygems_version=
|
8
|
+
s.authors = ["Charles Grimes"]
|
9
|
+
s.date = %q{2010-08-09}
|
10
|
+
s.default_executable = %q{stratagem}
|
11
|
+
s.description = %q{Intuitive security analysis of your Rails applications}
|
12
|
+
s.email = %q{cj@stratagemapp.com}
|
13
|
+
s.executables = ["stratagem"]
|
14
|
+
s.extra_rdoc_files = ["bin/stratagem", "lib/bootstrap.rb", "lib/stratagem.rb", "lib/stratagem/authentication.rb", "lib/stratagem/auto_mock.rb", "lib/stratagem/auto_mock/aquifer.rb", "lib/stratagem/auto_mock/factory.rb", "lib/stratagem/auto_mock/value_generator.rb", "lib/stratagem/blocker.rb", "lib/stratagem/client.rb", "lib/stratagem/command.rb", "lib/stratagem/commands.rb", "lib/stratagem/commands/analyze.rb", "lib/stratagem/commands/base.rb", "lib/stratagem/commands/devel_crawl.rb", "lib/stratagem/commands/devel_mock.rb", "lib/stratagem/crawler.rb", "lib/stratagem/crawler/authentication.rb", "lib/stratagem/crawler/form.rb", "lib/stratagem/crawler/html_utils.rb", "lib/stratagem/crawler/session.rb", "lib/stratagem/crawler/site_model.rb", "lib/stratagem/crawler/trace_utils.rb", "lib/stratagem/extensions.rb", "lib/stratagem/extensions/class.rb", "lib/stratagem/extensions/hash.rb", "lib/stratagem/extensions/module.rb", "lib/stratagem/extensions/object.rb", "lib/stratagem/extensions/red_parse.rb", "lib/stratagem/extensions/string.rb", "lib/stratagem/framework_extensions.rb", "lib/stratagem/framework_extensions/controllers.rb", "lib/stratagem/framework_extensions/controllers/action_controller.rb", "lib/stratagem/framework_extensions/controllers/action_mailer.rb", "lib/stratagem/framework_extensions/models.rb", "lib/stratagem/framework_extensions/models/adapters/active_model/detect.rb", "lib/stratagem/framework_extensions/models/adapters/active_model/extensions.rb", "lib/stratagem/framework_extensions/models/adapters/active_model/metadata.rb", "lib/stratagem/framework_extensions/models/adapters/active_model/tracing.rb", "lib/stratagem/framework_extensions/models/adapters/authlogic/detect.rb", "lib/stratagem/framework_extensions/models/adapters/authlogic/extensions.rb", "lib/stratagem/framework_extensions/models/adapters/authlogic/metadata.rb", "lib/stratagem/framework_extensions/models/adapters/authlogic/tracing.rb", "lib/stratagem/framework_extensions/models/adapters/common/authentication_metadata.rb", "lib/stratagem/framework_extensions/models/adapters/restful_authentication/detect.rb", "lib/stratagem/framework_extensions/models/adapters/restful_authentication/extensions.rb", "lib/stratagem/framework_extensions/models/adapters/restful_authentication/metadata.rb", "lib/stratagem/framework_extensions/models/adapters/restful_authentication/tracing.rb", "lib/stratagem/framework_extensions/models/annotations.rb", "lib/stratagem/framework_extensions/models/detect.rb", "lib/stratagem/framework_extensions/models/metadata.rb", "lib/stratagem/framework_extensions/models/mocking.rb", "lib/stratagem/framework_extensions/models/tracing.rb", "lib/stratagem/framework_extensions/rails.rb", "lib/stratagem/interface/browser.rb", "lib/stratagem/interface/public/images/backgrounds/content.png", "lib/stratagem/interface/public/images/backgrounds/shadow.png", "lib/stratagem/interface/public/javascripts/jquery-1.4.2.min.js", "lib/stratagem/interface/public/javascripts/stratagem.js", "lib/stratagem/interface/public/javascripts/stratagem_debug.js", "lib/stratagem/interface/public/stylesheets/960.css", "lib/stratagem/interface/public/stylesheets/reset.css", "lib/stratagem/interface/public/stylesheets/stratagem.css", "lib/stratagem/interface/public/stylesheets/stratagem_debug.css", "lib/stratagem/interface/views/debug.haml", "lib/stratagem/interface/views/index.haml", "lib/stratagem/labs/auto_mock.rb", "lib/stratagem/labs/crawler.rb", "lib/stratagem/logger.rb", "lib/stratagem/model.rb", "lib/stratagem/model/application.rb", "lib/stratagem/model/components/base.rb", "lib/stratagem/model/components/controller.rb", "lib/stratagem/model/components/model.rb", "lib/stratagem/model/components/reference.rb", "lib/stratagem/model/components/route.rb", "lib/stratagem/model/components/static_file.rb", "lib/stratagem/model/components/view.rb", "lib/stratagem/model/parse_util.rb", "lib/stratagem/model_builder.rb", "lib/stratagem/recipes/deploy.rb", "lib/stratagem/scan.rb", "lib/stratagem/scan/checks/capistrano/secure_deploy.rb", "lib/stratagem/scan/checks/email_address.rb", "lib/stratagem/scan/checks/error_pages.rb", "lib/stratagem/scan/checks/filter_parameter_logging.rb", "lib/stratagem/scan/checks/mongo_mapper/base.rb", "lib/stratagem/scan/checks/mongo_mapper/foreign_keys_exposed.rb", "lib/stratagem/scan/checks/routes.rb", "lib/stratagem/scan/checks/ssl/secure_login_page.rb", "lib/stratagem/scan/checks/ssl/secure_login_submit.rb", "lib/stratagem/scan/result.rb", "lib/stratagem/scanner.rb", "lib/stratagem/site_crawler.rb", "lib/stratagem/snapshot.rb", "lib/tasks/_old_stratagem.rake"]
|
15
|
+
s.files = ["Manifest", "Rakefile", "bin/stratagem", "init.rb", "lib/bootstrap.rb", "lib/stratagem.rb", "lib/stratagem/authentication.rb", "lib/stratagem/auto_mock.rb", "lib/stratagem/auto_mock/aquifer.rb", "lib/stratagem/auto_mock/factory.rb", "lib/stratagem/auto_mock/value_generator.rb", "lib/stratagem/blocker.rb", "lib/stratagem/client.rb", "lib/stratagem/command.rb", "lib/stratagem/commands.rb", "lib/stratagem/commands/analyze.rb", "lib/stratagem/commands/base.rb", "lib/stratagem/commands/devel_crawl.rb", "lib/stratagem/commands/devel_mock.rb", "lib/stratagem/crawler.rb", "lib/stratagem/crawler/authentication.rb", "lib/stratagem/crawler/form.rb", "lib/stratagem/crawler/html_utils.rb", "lib/stratagem/crawler/session.rb", "lib/stratagem/crawler/site_model.rb", "lib/stratagem/crawler/trace_utils.rb", "lib/stratagem/extensions.rb", "lib/stratagem/extensions/class.rb", "lib/stratagem/extensions/hash.rb", "lib/stratagem/extensions/module.rb", "lib/stratagem/extensions/object.rb", "lib/stratagem/extensions/red_parse.rb", "lib/stratagem/extensions/string.rb", "lib/stratagem/framework_extensions.rb", "lib/stratagem/framework_extensions/controllers.rb", "lib/stratagem/framework_extensions/controllers/action_controller.rb", "lib/stratagem/framework_extensions/controllers/action_mailer.rb", "lib/stratagem/framework_extensions/models.rb", "lib/stratagem/framework_extensions/models/adapters/active_model/detect.rb", "lib/stratagem/framework_extensions/models/adapters/active_model/extensions.rb", "lib/stratagem/framework_extensions/models/adapters/active_model/metadata.rb", "lib/stratagem/framework_extensions/models/adapters/active_model/tracing.rb", "lib/stratagem/framework_extensions/models/adapters/authlogic/detect.rb", "lib/stratagem/framework_extensions/models/adapters/authlogic/extensions.rb", "lib/stratagem/framework_extensions/models/adapters/authlogic/metadata.rb", "lib/stratagem/framework_extensions/models/adapters/authlogic/tracing.rb", "lib/stratagem/framework_extensions/models/adapters/common/authentication_metadata.rb", "lib/stratagem/framework_extensions/models/adapters/restful_authentication/detect.rb", "lib/stratagem/framework_extensions/models/adapters/restful_authentication/extensions.rb", "lib/stratagem/framework_extensions/models/adapters/restful_authentication/metadata.rb", "lib/stratagem/framework_extensions/models/adapters/restful_authentication/tracing.rb", "lib/stratagem/framework_extensions/models/annotations.rb", "lib/stratagem/framework_extensions/models/detect.rb", "lib/stratagem/framework_extensions/models/metadata.rb", "lib/stratagem/framework_extensions/models/mocking.rb", "lib/stratagem/framework_extensions/models/tracing.rb", "lib/stratagem/framework_extensions/rails.rb", "lib/stratagem/interface/browser.rb", "lib/stratagem/interface/public/images/backgrounds/content.png", "lib/stratagem/interface/public/images/backgrounds/shadow.png", "lib/stratagem/interface/public/javascripts/jquery-1.4.2.min.js", "lib/stratagem/interface/public/javascripts/stratagem.js", "lib/stratagem/interface/public/javascripts/stratagem_debug.js", "lib/stratagem/interface/public/stylesheets/960.css", "lib/stratagem/interface/public/stylesheets/reset.css", "lib/stratagem/interface/public/stylesheets/stratagem.css", "lib/stratagem/interface/public/stylesheets/stratagem_debug.css", "lib/stratagem/interface/views/debug.haml", "lib/stratagem/interface/views/index.haml", "lib/stratagem/labs/auto_mock.rb", "lib/stratagem/labs/crawler.rb", "lib/stratagem/logger.rb", "lib/stratagem/model.rb", "lib/stratagem/model/application.rb", "lib/stratagem/model/components/base.rb", "lib/stratagem/model/components/controller.rb", "lib/stratagem/model/components/model.rb", "lib/stratagem/model/components/reference.rb", "lib/stratagem/model/components/route.rb", "lib/stratagem/model/components/static_file.rb", "lib/stratagem/model/components/view.rb", "lib/stratagem/model/parse_util.rb", "lib/stratagem/model_builder.rb", "lib/stratagem/recipes/deploy.rb", "lib/stratagem/scan.rb", "lib/stratagem/scan/checks/capistrano/secure_deploy.rb", "lib/stratagem/scan/checks/email_address.rb", "lib/stratagem/scan/checks/error_pages.rb", "lib/stratagem/scan/checks/filter_parameter_logging.rb", "lib/stratagem/scan/checks/mongo_mapper/base.rb", "lib/stratagem/scan/checks/mongo_mapper/foreign_keys_exposed.rb", "lib/stratagem/scan/checks/routes.rb", "lib/stratagem/scan/checks/ssl/secure_login_page.rb", "lib/stratagem/scan/checks/ssl/secure_login_submit.rb", "lib/stratagem/scan/result.rb", "lib/stratagem/scanner.rb", "lib/stratagem/site_crawler.rb", "lib/stratagem/snapshot.rb", "lib/tasks/_old_stratagem.rake", "stratagem.gemspec"]
|
16
|
+
s.homepage = %q{http://github.com/stratagem/stratagem}
|
17
|
+
s.rdoc_options = ["--line-numbers", "--inline-source", "--title", "Stratagem"]
|
18
|
+
s.require_paths = ["lib"]
|
19
|
+
s.rubyforge_project = %q{stratagem}
|
20
|
+
s.rubygems_version = %q{1.3.7}
|
21
|
+
s.summary = %q{Intuitive security analysis of your Rails applications}
|
22
|
+
|
23
|
+
if s.respond_to? :specification_version then
|
24
|
+
current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
|
25
|
+
s.specification_version = 3
|
26
|
+
|
27
|
+
if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
|
28
|
+
s.add_runtime_dependency(%q<launchy>, [">= 0.3.5"])
|
29
|
+
s.add_runtime_dependency(%q<redparse>, [">= 0.8.4"])
|
30
|
+
s.add_runtime_dependency(%q<haml>, [">= 3.0.0"])
|
31
|
+
s.add_development_dependency(%q<launchy>, [">= 0.3.5"])
|
32
|
+
s.add_development_dependency(%q<redparse>, [">= 0.8.4"])
|
33
|
+
s.add_development_dependency(%q<sinatra>, ["= 1.0"])
|
34
|
+
s.add_development_dependency(%q<haml>, [">= 3.0.0"])
|
35
|
+
s.add_development_dependency(%q<webrat>, [">= 0.4.3"])
|
36
|
+
else
|
37
|
+
s.add_dependency(%q<launchy>, [">= 0.3.5"])
|
38
|
+
s.add_dependency(%q<redparse>, [">= 0.8.4"])
|
39
|
+
s.add_dependency(%q<haml>, [">= 3.0.0"])
|
40
|
+
s.add_dependency(%q<launchy>, [">= 0.3.5"])
|
41
|
+
s.add_dependency(%q<redparse>, [">= 0.8.4"])
|
42
|
+
s.add_dependency(%q<sinatra>, ["= 1.0"])
|
43
|
+
s.add_dependency(%q<haml>, [">= 3.0.0"])
|
44
|
+
s.add_dependency(%q<webrat>, [">= 0.4.3"])
|
45
|
+
end
|
46
|
+
else
|
47
|
+
s.add_dependency(%q<launchy>, [">= 0.3.5"])
|
48
|
+
s.add_dependency(%q<redparse>, [">= 0.8.4"])
|
49
|
+
s.add_dependency(%q<haml>, [">= 3.0.0"])
|
50
|
+
s.add_dependency(%q<launchy>, [">= 0.3.5"])
|
51
|
+
s.add_dependency(%q<redparse>, [">= 0.8.4"])
|
52
|
+
s.add_dependency(%q<sinatra>, ["= 1.0"])
|
53
|
+
s.add_dependency(%q<haml>, [">= 3.0.0"])
|
54
|
+
s.add_dependency(%q<webrat>, [">= 0.4.3"])
|
55
|
+
end
|
56
|
+
end
|