yawast 0.2.0.beta2 → 0.2.0.beta3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.gitignore +2 -1
- data/.travis.yml +1 -0
- data/Gemfile +12 -0
- data/lib/scanner/ssl_labs.rb +1 -1
- data/lib/version.rb +3 -0
- data/lib/yawast.rb +1 -1
- data/test/test_cmd_util.rb +2 -2
- data/test/test_object_presence.rb +4 -4
- data/test/test_scan_apache_banner.rb +2 -2
- data/test/test_scan_apache_server_info.rb +3 -3
- data/test/test_scan_apache_server_status.rb +3 -3
- data/test/test_scan_cms.rb +4 -4
- data/test/test_scan_iis_headers.rb +4 -4
- data/test/test_scan_nginx_banner.rb +2 -2
- data/test/test_shared_http.rb +2 -2
- data/test/test_shared_util.rb +2 -2
- data/test/test_string_ext.rb +2 -2
- data/test/test_yawast.rb +2 -2
- data/yawast.gemspec +1 -8
- metadata +3 -85
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: ba3f8533c71dd29bbb777ba751f20d1b1ee71e97
|
|
4
|
+
data.tar.gz: a1f109a3dd2a203fbc44cf00d7521591c3334a2b
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 39dcdeab0ed36d66a12336e4d816fe26d448a6affc271ec3e025b730bad66ffbcd6a01a42e586cb7bb36ae63cd248b7f17be9ff99a38242673ba592abb3c1628
|
|
7
|
+
data.tar.gz: 16381f8ab763ef0d44ef77a5819ff623f60bc918eb4811d7b873cc95037eef05d8e66694cc1cf52a4f8282c8d314365d80241faf269a5da95a448f6f98e2d746
|
data/.gitignore
CHANGED
data/.travis.yml
CHANGED
data/Gemfile
ADDED
data/lib/scanner/ssl_labs.rb
CHANGED
|
@@ -18,7 +18,7 @@ module Yawast
|
|
|
18
18
|
end
|
|
19
19
|
|
|
20
20
|
begin
|
|
21
|
-
api.analyse(host: uri.host, publish: 'off',
|
|
21
|
+
api.analyse(host: uri.host, publish: 'off', startNew: 'on', all: 'done', ignoreMismatch: 'on')
|
|
22
22
|
|
|
23
23
|
status = ''
|
|
24
24
|
host = nil
|
data/lib/version.rb
ADDED
data/lib/yawast.rb
CHANGED
|
@@ -16,13 +16,13 @@ require 'socket'
|
|
|
16
16
|
require File.dirname(__FILE__) + '/string_ext'
|
|
17
17
|
require File.dirname(__FILE__) + '/uri_ext'
|
|
18
18
|
require File.dirname(__FILE__) + '/util'
|
|
19
|
+
require File.dirname(__FILE__) + '/version'
|
|
19
20
|
|
|
20
21
|
require_all '/commands'
|
|
21
22
|
require_all '/scanner'
|
|
22
23
|
require_all '/shared'
|
|
23
24
|
|
|
24
25
|
module Yawast
|
|
25
|
-
VERSION = '0.2.0.beta2'
|
|
26
26
|
DESCRIPTION = 'The YAWAST Antecedent Web Application Security Toolkit'
|
|
27
27
|
HTTP_UA = "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_4) AppleWebKit/537.36 (KHTML, like Gecko) Yawast/#{VERSION} Chrome/52.0.2743.24 Safari/537.36"
|
|
28
28
|
|
data/test/test_cmd_util.rb
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
require 'minitest/autorun'
|
|
2
2
|
require 'webrick'
|
|
3
|
-
require '
|
|
4
|
-
require '
|
|
3
|
+
require File.dirname(__FILE__) + '/../lib/yawast'
|
|
4
|
+
require File.dirname(__FILE__) + '/base'
|
|
5
5
|
|
|
6
6
|
class TestScannerApacheServerStatus < Minitest::Test
|
|
7
7
|
include TestBase
|
|
8
8
|
|
|
9
9
|
def test_readme_html_present
|
|
10
10
|
port = rand(60000) + 1024 # pick a random port number
|
|
11
|
-
server = start_web_server '
|
|
11
|
+
server = start_web_server File.dirname(__FILE__) + '/data/wordpress_readme_html.txt', 'readme.html', port
|
|
12
12
|
|
|
13
13
|
override_stdout
|
|
14
14
|
uri = Yawast::Commands::Utils.extract_uri(["http://localhost:#{port}"])
|
|
@@ -22,7 +22,7 @@ class TestScannerApacheServerStatus < Minitest::Test
|
|
|
22
22
|
|
|
23
23
|
def test_release_notes_txt_present
|
|
24
24
|
port = rand(60000) + 1024 # pick a random port number
|
|
25
|
-
server = start_web_server '
|
|
25
|
+
server = start_web_server File.dirname(__FILE__) + '/data/tomcat_release_notes.txt', 'RELEASE-NOTES.txt', port
|
|
26
26
|
|
|
27
27
|
override_stdout
|
|
28
28
|
uri = Yawast::Commands::Utils.extract_uri(["http://localhost:#{port}"])
|
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
require 'minitest/autorun'
|
|
2
2
|
require 'webrick'
|
|
3
|
-
require '
|
|
4
|
-
require '
|
|
3
|
+
require File.dirname(__FILE__) + '/../lib/yawast'
|
|
4
|
+
require File.dirname(__FILE__) + '/base'
|
|
5
5
|
|
|
6
6
|
class TestScannerApacheServerInfo < Minitest::Test
|
|
7
7
|
include TestBase
|
|
8
8
|
|
|
9
9
|
def test_server_info_present
|
|
10
10
|
port = rand(60000) + 1024 # pick a random port number
|
|
11
|
-
server = start_web_server '
|
|
11
|
+
server = start_web_server File.dirname(__FILE__) + '/data/apache_server_info.txt', 'server-info', port
|
|
12
12
|
|
|
13
13
|
override_stdout
|
|
14
14
|
uri = Yawast::Commands::Utils.extract_uri(["http://localhost:#{port}"])
|
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
require 'minitest/autorun'
|
|
2
2
|
require 'webrick'
|
|
3
|
-
require '
|
|
4
|
-
require '
|
|
3
|
+
require File.dirname(__FILE__) + '/../lib/yawast'
|
|
4
|
+
require File.dirname(__FILE__) + '/base'
|
|
5
5
|
|
|
6
6
|
class TestScannerApacheServerStatus < Minitest::Test
|
|
7
7
|
include TestBase
|
|
8
8
|
|
|
9
9
|
def test_server_status_present
|
|
10
10
|
port = rand(60000) + 1024 # pick a random port number
|
|
11
|
-
server = start_web_server '
|
|
11
|
+
server = start_web_server File.dirname(__FILE__) + '/data/apache_server_status.txt', 'server-status', port
|
|
12
12
|
|
|
13
13
|
override_stdout
|
|
14
14
|
uri = Yawast::Commands::Utils.extract_uri(["http://localhost:#{port}"])
|
data/test/test_scan_cms.rb
CHANGED
|
@@ -1,12 +1,12 @@
|
|
|
1
1
|
require 'minitest/autorun'
|
|
2
|
-
require '
|
|
3
|
-
require '
|
|
2
|
+
require File.dirname(__FILE__) + '/../lib/yawast'
|
|
3
|
+
require File.dirname(__FILE__) + '/base'
|
|
4
4
|
|
|
5
5
|
class TestScannerCms < Minitest::Test
|
|
6
6
|
include TestBase
|
|
7
7
|
|
|
8
8
|
def test_generator_tag_valid
|
|
9
|
-
body = File.read('
|
|
9
|
+
body = File.read(File.dirname(__FILE__) + '/data/cms_wordpress_body.txt')
|
|
10
10
|
override_stdout
|
|
11
11
|
Yawast::Scanner::Cms.get_generator body
|
|
12
12
|
|
|
@@ -16,7 +16,7 @@ class TestScannerCms < Minitest::Test
|
|
|
16
16
|
end
|
|
17
17
|
|
|
18
18
|
def test_generator_tag_invalid
|
|
19
|
-
body = File.read('
|
|
19
|
+
body = File.read(File.dirname(__FILE__) + '/data/cms_none_body.txt')
|
|
20
20
|
override_stdout
|
|
21
21
|
Yawast::Scanner::Cms.get_generator body
|
|
22
22
|
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
require 'minitest/autorun'
|
|
2
|
-
require '
|
|
3
|
-
require '
|
|
2
|
+
require File.dirname(__FILE__) + '/../lib/yawast'
|
|
3
|
+
require File.dirname(__FILE__) + '/base'
|
|
4
4
|
|
|
5
5
|
class TestScannerIisHeaders < Minitest::Test
|
|
6
6
|
include TestBase
|
|
@@ -17,7 +17,7 @@ class TestScannerIisHeaders < Minitest::Test
|
|
|
17
17
|
end
|
|
18
18
|
|
|
19
19
|
def test_asp_version
|
|
20
|
-
headers = parse_headers_from_file '
|
|
20
|
+
headers = parse_headers_from_file File.dirname(__FILE__) + '/data/iis_server_header.txt'
|
|
21
21
|
|
|
22
22
|
override_stdout
|
|
23
23
|
Yawast::Scanner::Iis.check_asp_banner headers
|
|
@@ -28,7 +28,7 @@ class TestScannerIisHeaders < Minitest::Test
|
|
|
28
28
|
end
|
|
29
29
|
|
|
30
30
|
def test_mvc_version
|
|
31
|
-
headers = parse_headers_from_file '
|
|
31
|
+
headers = parse_headers_from_file File.dirname(__FILE__) + '/data/iis_server_header.txt'
|
|
32
32
|
|
|
33
33
|
override_stdout
|
|
34
34
|
Yawast::Scanner::Iis.check_mvc_version headers
|
data/test/test_shared_http.rb
CHANGED
data/test/test_shared_util.rb
CHANGED
data/test/test_string_ext.rb
CHANGED
data/test/test_yawast.rb
CHANGED
data/yawast.gemspec
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
$:.push File.expand_path("../lib", __FILE__)
|
|
2
|
-
require File.expand_path("../lib/
|
|
2
|
+
require File.expand_path("../lib/version", __FILE__)
|
|
3
3
|
|
|
4
4
|
Gem::Specification.new do |s|
|
|
5
5
|
s.name = 'yawast'
|
|
@@ -20,13 +20,6 @@ Gem::Specification.new do |s|
|
|
|
20
20
|
s.add_runtime_dependency 'colorize', '~> 0.8'
|
|
21
21
|
s.add_runtime_dependency 'ipaddr_extensions', '~> 1.0'
|
|
22
22
|
|
|
23
|
-
s.add_development_dependency 'rake', '~> 0'
|
|
24
|
-
s.add_development_dependency 'minitest', '~> 0'
|
|
25
|
-
s.add_development_dependency 'minitest-reporters', '~> 0'
|
|
26
|
-
s.add_development_dependency 'simplecov', '~> 0'
|
|
27
|
-
s.add_development_dependency 'coveralls', '~> 0'
|
|
28
|
-
s.add_development_dependency 'webrick', '~> 0'
|
|
29
|
-
|
|
30
23
|
s.bindir = 'bin'
|
|
31
24
|
s.files = `git ls-files`.split("\n")
|
|
32
25
|
s.test_files = `git ls-files -- {test,spec,features}/*`.split("\n")
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: yawast
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.2.0.
|
|
4
|
+
version: 0.2.0.beta3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Adam Caudill
|
|
@@ -94,90 +94,6 @@ dependencies:
|
|
|
94
94
|
- - "~>"
|
|
95
95
|
- !ruby/object:Gem::Version
|
|
96
96
|
version: '1.0'
|
|
97
|
-
- !ruby/object:Gem::Dependency
|
|
98
|
-
name: rake
|
|
99
|
-
requirement: !ruby/object:Gem::Requirement
|
|
100
|
-
requirements:
|
|
101
|
-
- - "~>"
|
|
102
|
-
- !ruby/object:Gem::Version
|
|
103
|
-
version: '0'
|
|
104
|
-
type: :development
|
|
105
|
-
prerelease: false
|
|
106
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
107
|
-
requirements:
|
|
108
|
-
- - "~>"
|
|
109
|
-
- !ruby/object:Gem::Version
|
|
110
|
-
version: '0'
|
|
111
|
-
- !ruby/object:Gem::Dependency
|
|
112
|
-
name: minitest
|
|
113
|
-
requirement: !ruby/object:Gem::Requirement
|
|
114
|
-
requirements:
|
|
115
|
-
- - "~>"
|
|
116
|
-
- !ruby/object:Gem::Version
|
|
117
|
-
version: '0'
|
|
118
|
-
type: :development
|
|
119
|
-
prerelease: false
|
|
120
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
121
|
-
requirements:
|
|
122
|
-
- - "~>"
|
|
123
|
-
- !ruby/object:Gem::Version
|
|
124
|
-
version: '0'
|
|
125
|
-
- !ruby/object:Gem::Dependency
|
|
126
|
-
name: minitest-reporters
|
|
127
|
-
requirement: !ruby/object:Gem::Requirement
|
|
128
|
-
requirements:
|
|
129
|
-
- - "~>"
|
|
130
|
-
- !ruby/object:Gem::Version
|
|
131
|
-
version: '0'
|
|
132
|
-
type: :development
|
|
133
|
-
prerelease: false
|
|
134
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
135
|
-
requirements:
|
|
136
|
-
- - "~>"
|
|
137
|
-
- !ruby/object:Gem::Version
|
|
138
|
-
version: '0'
|
|
139
|
-
- !ruby/object:Gem::Dependency
|
|
140
|
-
name: simplecov
|
|
141
|
-
requirement: !ruby/object:Gem::Requirement
|
|
142
|
-
requirements:
|
|
143
|
-
- - "~>"
|
|
144
|
-
- !ruby/object:Gem::Version
|
|
145
|
-
version: '0'
|
|
146
|
-
type: :development
|
|
147
|
-
prerelease: false
|
|
148
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
149
|
-
requirements:
|
|
150
|
-
- - "~>"
|
|
151
|
-
- !ruby/object:Gem::Version
|
|
152
|
-
version: '0'
|
|
153
|
-
- !ruby/object:Gem::Dependency
|
|
154
|
-
name: coveralls
|
|
155
|
-
requirement: !ruby/object:Gem::Requirement
|
|
156
|
-
requirements:
|
|
157
|
-
- - "~>"
|
|
158
|
-
- !ruby/object:Gem::Version
|
|
159
|
-
version: '0'
|
|
160
|
-
type: :development
|
|
161
|
-
prerelease: false
|
|
162
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
163
|
-
requirements:
|
|
164
|
-
- - "~>"
|
|
165
|
-
- !ruby/object:Gem::Version
|
|
166
|
-
version: '0'
|
|
167
|
-
- !ruby/object:Gem::Dependency
|
|
168
|
-
name: webrick
|
|
169
|
-
requirement: !ruby/object:Gem::Requirement
|
|
170
|
-
requirements:
|
|
171
|
-
- - "~>"
|
|
172
|
-
- !ruby/object:Gem::Version
|
|
173
|
-
version: '0'
|
|
174
|
-
type: :development
|
|
175
|
-
prerelease: false
|
|
176
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
177
|
-
requirements:
|
|
178
|
-
- - "~>"
|
|
179
|
-
- !ruby/object:Gem::Version
|
|
180
|
-
version: '0'
|
|
181
97
|
description: YAWAST is an application meant to simplify initial analysis and information
|
|
182
98
|
gathering for penetration testers and security auditors.
|
|
183
99
|
email: adam@adamcaudill.com
|
|
@@ -189,6 +105,7 @@ files:
|
|
|
189
105
|
- ".gitignore"
|
|
190
106
|
- ".ruby-version"
|
|
191
107
|
- ".travis.yml"
|
|
108
|
+
- Gemfile
|
|
192
109
|
- README.md
|
|
193
110
|
- Rakefile
|
|
194
111
|
- bin/yawast
|
|
@@ -212,6 +129,7 @@ files:
|
|
|
212
129
|
- lib/string_ext.rb
|
|
213
130
|
- lib/uri_ext.rb
|
|
214
131
|
- lib/util.rb
|
|
132
|
+
- lib/version.rb
|
|
215
133
|
- lib/yawast.rb
|
|
216
134
|
- test/base.rb
|
|
217
135
|
- test/data/apache_server_info.txt
|