yawast 0.2.0.beta2 → 0.2.0.beta3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.gitignore +2 -1
- data/.travis.yml +1 -0
- data/Gemfile +12 -0
- data/lib/scanner/ssl_labs.rb +1 -1
- data/lib/version.rb +3 -0
- data/lib/yawast.rb +1 -1
- data/test/test_cmd_util.rb +2 -2
- data/test/test_object_presence.rb +4 -4
- data/test/test_scan_apache_banner.rb +2 -2
- data/test/test_scan_apache_server_info.rb +3 -3
- data/test/test_scan_apache_server_status.rb +3 -3
- data/test/test_scan_cms.rb +4 -4
- data/test/test_scan_iis_headers.rb +4 -4
- data/test/test_scan_nginx_banner.rb +2 -2
- data/test/test_shared_http.rb +2 -2
- data/test/test_shared_util.rb +2 -2
- data/test/test_string_ext.rb +2 -2
- data/test/test_yawast.rb +2 -2
- data/yawast.gemspec +1 -8
- metadata +3 -85
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: ba3f8533c71dd29bbb777ba751f20d1b1ee71e97
|
|
4
|
+
data.tar.gz: a1f109a3dd2a203fbc44cf00d7521591c3334a2b
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 39dcdeab0ed36d66a12336e4d816fe26d448a6affc271ec3e025b730bad66ffbcd6a01a42e586cb7bb36ae63cd248b7f17be9ff99a38242673ba592abb3c1628
|
|
7
|
+
data.tar.gz: 16381f8ab763ef0d44ef77a5819ff623f60bc918eb4811d7b873cc95037eef05d8e66694cc1cf52a4f8282c8d314365d80241faf269a5da95a448f6f98e2d746
|
data/.gitignore
CHANGED
data/.travis.yml
CHANGED
data/Gemfile
ADDED
data/lib/scanner/ssl_labs.rb
CHANGED
|
@@ -18,7 +18,7 @@ module Yawast
|
|
|
18
18
|
end
|
|
19
19
|
|
|
20
20
|
begin
|
|
21
|
-
api.analyse(host: uri.host, publish: 'off',
|
|
21
|
+
api.analyse(host: uri.host, publish: 'off', startNew: 'on', all: 'done', ignoreMismatch: 'on')
|
|
22
22
|
|
|
23
23
|
status = ''
|
|
24
24
|
host = nil
|
data/lib/version.rb
ADDED
data/lib/yawast.rb
CHANGED
|
@@ -16,13 +16,13 @@ require 'socket'
|
|
|
16
16
|
require File.dirname(__FILE__) + '/string_ext'
|
|
17
17
|
require File.dirname(__FILE__) + '/uri_ext'
|
|
18
18
|
require File.dirname(__FILE__) + '/util'
|
|
19
|
+
require File.dirname(__FILE__) + '/version'
|
|
19
20
|
|
|
20
21
|
require_all '/commands'
|
|
21
22
|
require_all '/scanner'
|
|
22
23
|
require_all '/shared'
|
|
23
24
|
|
|
24
25
|
module Yawast
|
|
25
|
-
VERSION = '0.2.0.beta2'
|
|
26
26
|
DESCRIPTION = 'The YAWAST Antecedent Web Application Security Toolkit'
|
|
27
27
|
HTTP_UA = "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_4) AppleWebKit/537.36 (KHTML, like Gecko) Yawast/#{VERSION} Chrome/52.0.2743.24 Safari/537.36"
|
|
28
28
|
|
data/test/test_cmd_util.rb
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
require 'minitest/autorun'
|
|
2
2
|
require 'webrick'
|
|
3
|
-
require '
|
|
4
|
-
require '
|
|
3
|
+
require File.dirname(__FILE__) + '/../lib/yawast'
|
|
4
|
+
require File.dirname(__FILE__) + '/base'
|
|
5
5
|
|
|
6
6
|
class TestScannerApacheServerStatus < Minitest::Test
|
|
7
7
|
include TestBase
|
|
8
8
|
|
|
9
9
|
def test_readme_html_present
|
|
10
10
|
port = rand(60000) + 1024 # pick a random port number
|
|
11
|
-
server = start_web_server '
|
|
11
|
+
server = start_web_server File.dirname(__FILE__) + '/data/wordpress_readme_html.txt', 'readme.html', port
|
|
12
12
|
|
|
13
13
|
override_stdout
|
|
14
14
|
uri = Yawast::Commands::Utils.extract_uri(["http://localhost:#{port}"])
|
|
@@ -22,7 +22,7 @@ class TestScannerApacheServerStatus < Minitest::Test
|
|
|
22
22
|
|
|
23
23
|
def test_release_notes_txt_present
|
|
24
24
|
port = rand(60000) + 1024 # pick a random port number
|
|
25
|
-
server = start_web_server '
|
|
25
|
+
server = start_web_server File.dirname(__FILE__) + '/data/tomcat_release_notes.txt', 'RELEASE-NOTES.txt', port
|
|
26
26
|
|
|
27
27
|
override_stdout
|
|
28
28
|
uri = Yawast::Commands::Utils.extract_uri(["http://localhost:#{port}"])
|
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
require 'minitest/autorun'
|
|
2
2
|
require 'webrick'
|
|
3
|
-
require '
|
|
4
|
-
require '
|
|
3
|
+
require File.dirname(__FILE__) + '/../lib/yawast'
|
|
4
|
+
require File.dirname(__FILE__) + '/base'
|
|
5
5
|
|
|
6
6
|
class TestScannerApacheServerInfo < Minitest::Test
|
|
7
7
|
include TestBase
|
|
8
8
|
|
|
9
9
|
def test_server_info_present
|
|
10
10
|
port = rand(60000) + 1024 # pick a random port number
|
|
11
|
-
server = start_web_server '
|
|
11
|
+
server = start_web_server File.dirname(__FILE__) + '/data/apache_server_info.txt', 'server-info', port
|
|
12
12
|
|
|
13
13
|
override_stdout
|
|
14
14
|
uri = Yawast::Commands::Utils.extract_uri(["http://localhost:#{port}"])
|
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
require 'minitest/autorun'
|
|
2
2
|
require 'webrick'
|
|
3
|
-
require '
|
|
4
|
-
require '
|
|
3
|
+
require File.dirname(__FILE__) + '/../lib/yawast'
|
|
4
|
+
require File.dirname(__FILE__) + '/base'
|
|
5
5
|
|
|
6
6
|
class TestScannerApacheServerStatus < Minitest::Test
|
|
7
7
|
include TestBase
|
|
8
8
|
|
|
9
9
|
def test_server_status_present
|
|
10
10
|
port = rand(60000) + 1024 # pick a random port number
|
|
11
|
-
server = start_web_server '
|
|
11
|
+
server = start_web_server File.dirname(__FILE__) + '/data/apache_server_status.txt', 'server-status', port
|
|
12
12
|
|
|
13
13
|
override_stdout
|
|
14
14
|
uri = Yawast::Commands::Utils.extract_uri(["http://localhost:#{port}"])
|
data/test/test_scan_cms.rb
CHANGED
|
@@ -1,12 +1,12 @@
|
|
|
1
1
|
require 'minitest/autorun'
|
|
2
|
-
require '
|
|
3
|
-
require '
|
|
2
|
+
require File.dirname(__FILE__) + '/../lib/yawast'
|
|
3
|
+
require File.dirname(__FILE__) + '/base'
|
|
4
4
|
|
|
5
5
|
class TestScannerCms < Minitest::Test
|
|
6
6
|
include TestBase
|
|
7
7
|
|
|
8
8
|
def test_generator_tag_valid
|
|
9
|
-
body = File.read('
|
|
9
|
+
body = File.read(File.dirname(__FILE__) + '/data/cms_wordpress_body.txt')
|
|
10
10
|
override_stdout
|
|
11
11
|
Yawast::Scanner::Cms.get_generator body
|
|
12
12
|
|
|
@@ -16,7 +16,7 @@ class TestScannerCms < Minitest::Test
|
|
|
16
16
|
end
|
|
17
17
|
|
|
18
18
|
def test_generator_tag_invalid
|
|
19
|
-
body = File.read('
|
|
19
|
+
body = File.read(File.dirname(__FILE__) + '/data/cms_none_body.txt')
|
|
20
20
|
override_stdout
|
|
21
21
|
Yawast::Scanner::Cms.get_generator body
|
|
22
22
|
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
require 'minitest/autorun'
|
|
2
|
-
require '
|
|
3
|
-
require '
|
|
2
|
+
require File.dirname(__FILE__) + '/../lib/yawast'
|
|
3
|
+
require File.dirname(__FILE__) + '/base'
|
|
4
4
|
|
|
5
5
|
class TestScannerIisHeaders < Minitest::Test
|
|
6
6
|
include TestBase
|
|
@@ -17,7 +17,7 @@ class TestScannerIisHeaders < Minitest::Test
|
|
|
17
17
|
end
|
|
18
18
|
|
|
19
19
|
def test_asp_version
|
|
20
|
-
headers = parse_headers_from_file '
|
|
20
|
+
headers = parse_headers_from_file File.dirname(__FILE__) + '/data/iis_server_header.txt'
|
|
21
21
|
|
|
22
22
|
override_stdout
|
|
23
23
|
Yawast::Scanner::Iis.check_asp_banner headers
|
|
@@ -28,7 +28,7 @@ class TestScannerIisHeaders < Minitest::Test
|
|
|
28
28
|
end
|
|
29
29
|
|
|
30
30
|
def test_mvc_version
|
|
31
|
-
headers = parse_headers_from_file '
|
|
31
|
+
headers = parse_headers_from_file File.dirname(__FILE__) + '/data/iis_server_header.txt'
|
|
32
32
|
|
|
33
33
|
override_stdout
|
|
34
34
|
Yawast::Scanner::Iis.check_mvc_version headers
|
data/test/test_shared_http.rb
CHANGED
data/test/test_shared_util.rb
CHANGED
data/test/test_string_ext.rb
CHANGED
data/test/test_yawast.rb
CHANGED
data/yawast.gemspec
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
$:.push File.expand_path("../lib", __FILE__)
|
|
2
|
-
require File.expand_path("../lib/
|
|
2
|
+
require File.expand_path("../lib/version", __FILE__)
|
|
3
3
|
|
|
4
4
|
Gem::Specification.new do |s|
|
|
5
5
|
s.name = 'yawast'
|
|
@@ -20,13 +20,6 @@ Gem::Specification.new do |s|
|
|
|
20
20
|
s.add_runtime_dependency 'colorize', '~> 0.8'
|
|
21
21
|
s.add_runtime_dependency 'ipaddr_extensions', '~> 1.0'
|
|
22
22
|
|
|
23
|
-
s.add_development_dependency 'rake', '~> 0'
|
|
24
|
-
s.add_development_dependency 'minitest', '~> 0'
|
|
25
|
-
s.add_development_dependency 'minitest-reporters', '~> 0'
|
|
26
|
-
s.add_development_dependency 'simplecov', '~> 0'
|
|
27
|
-
s.add_development_dependency 'coveralls', '~> 0'
|
|
28
|
-
s.add_development_dependency 'webrick', '~> 0'
|
|
29
|
-
|
|
30
23
|
s.bindir = 'bin'
|
|
31
24
|
s.files = `git ls-files`.split("\n")
|
|
32
25
|
s.test_files = `git ls-files -- {test,spec,features}/*`.split("\n")
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: yawast
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.2.0.
|
|
4
|
+
version: 0.2.0.beta3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Adam Caudill
|
|
@@ -94,90 +94,6 @@ dependencies:
|
|
|
94
94
|
- - "~>"
|
|
95
95
|
- !ruby/object:Gem::Version
|
|
96
96
|
version: '1.0'
|
|
97
|
-
- !ruby/object:Gem::Dependency
|
|
98
|
-
name: rake
|
|
99
|
-
requirement: !ruby/object:Gem::Requirement
|
|
100
|
-
requirements:
|
|
101
|
-
- - "~>"
|
|
102
|
-
- !ruby/object:Gem::Version
|
|
103
|
-
version: '0'
|
|
104
|
-
type: :development
|
|
105
|
-
prerelease: false
|
|
106
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
107
|
-
requirements:
|
|
108
|
-
- - "~>"
|
|
109
|
-
- !ruby/object:Gem::Version
|
|
110
|
-
version: '0'
|
|
111
|
-
- !ruby/object:Gem::Dependency
|
|
112
|
-
name: minitest
|
|
113
|
-
requirement: !ruby/object:Gem::Requirement
|
|
114
|
-
requirements:
|
|
115
|
-
- - "~>"
|
|
116
|
-
- !ruby/object:Gem::Version
|
|
117
|
-
version: '0'
|
|
118
|
-
type: :development
|
|
119
|
-
prerelease: false
|
|
120
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
121
|
-
requirements:
|
|
122
|
-
- - "~>"
|
|
123
|
-
- !ruby/object:Gem::Version
|
|
124
|
-
version: '0'
|
|
125
|
-
- !ruby/object:Gem::Dependency
|
|
126
|
-
name: minitest-reporters
|
|
127
|
-
requirement: !ruby/object:Gem::Requirement
|
|
128
|
-
requirements:
|
|
129
|
-
- - "~>"
|
|
130
|
-
- !ruby/object:Gem::Version
|
|
131
|
-
version: '0'
|
|
132
|
-
type: :development
|
|
133
|
-
prerelease: false
|
|
134
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
135
|
-
requirements:
|
|
136
|
-
- - "~>"
|
|
137
|
-
- !ruby/object:Gem::Version
|
|
138
|
-
version: '0'
|
|
139
|
-
- !ruby/object:Gem::Dependency
|
|
140
|
-
name: simplecov
|
|
141
|
-
requirement: !ruby/object:Gem::Requirement
|
|
142
|
-
requirements:
|
|
143
|
-
- - "~>"
|
|
144
|
-
- !ruby/object:Gem::Version
|
|
145
|
-
version: '0'
|
|
146
|
-
type: :development
|
|
147
|
-
prerelease: false
|
|
148
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
149
|
-
requirements:
|
|
150
|
-
- - "~>"
|
|
151
|
-
- !ruby/object:Gem::Version
|
|
152
|
-
version: '0'
|
|
153
|
-
- !ruby/object:Gem::Dependency
|
|
154
|
-
name: coveralls
|
|
155
|
-
requirement: !ruby/object:Gem::Requirement
|
|
156
|
-
requirements:
|
|
157
|
-
- - "~>"
|
|
158
|
-
- !ruby/object:Gem::Version
|
|
159
|
-
version: '0'
|
|
160
|
-
type: :development
|
|
161
|
-
prerelease: false
|
|
162
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
163
|
-
requirements:
|
|
164
|
-
- - "~>"
|
|
165
|
-
- !ruby/object:Gem::Version
|
|
166
|
-
version: '0'
|
|
167
|
-
- !ruby/object:Gem::Dependency
|
|
168
|
-
name: webrick
|
|
169
|
-
requirement: !ruby/object:Gem::Requirement
|
|
170
|
-
requirements:
|
|
171
|
-
- - "~>"
|
|
172
|
-
- !ruby/object:Gem::Version
|
|
173
|
-
version: '0'
|
|
174
|
-
type: :development
|
|
175
|
-
prerelease: false
|
|
176
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
177
|
-
requirements:
|
|
178
|
-
- - "~>"
|
|
179
|
-
- !ruby/object:Gem::Version
|
|
180
|
-
version: '0'
|
|
181
97
|
description: YAWAST is an application meant to simplify initial analysis and information
|
|
182
98
|
gathering for penetration testers and security auditors.
|
|
183
99
|
email: adam@adamcaudill.com
|
|
@@ -189,6 +105,7 @@ files:
|
|
|
189
105
|
- ".gitignore"
|
|
190
106
|
- ".ruby-version"
|
|
191
107
|
- ".travis.yml"
|
|
108
|
+
- Gemfile
|
|
192
109
|
- README.md
|
|
193
110
|
- Rakefile
|
|
194
111
|
- bin/yawast
|
|
@@ -212,6 +129,7 @@ files:
|
|
|
212
129
|
- lib/string_ext.rb
|
|
213
130
|
- lib/uri_ext.rb
|
|
214
131
|
- lib/util.rb
|
|
132
|
+
- lib/version.rb
|
|
215
133
|
- lib/yawast.rb
|
|
216
134
|
- test/base.rb
|
|
217
135
|
- test/data/apache_server_info.txt
|