├── .github └── workflows │ └── ci.yaml ├── .gitignore ├── .travis.yml ├── CHANGELOG.md ├── CODE_OF_CONDUCT.md ├── Gemfile ├── Guardfile ├── LICENSE.txt ├── README.md ├── Rakefile ├── bin ├── console ├── setup └── spektr ├── lib ├── spektr.rb └── spektr │ ├── app.rb │ ├── checks.rb │ ├── checks │ ├── base.rb │ ├── basic_auth.rb │ ├── basic_auth_timing.rb │ ├── command_injection.rb │ ├── content_tag_xss.rb │ ├── cookie_serialization.rb │ ├── create_with.rb │ ├── csrf.rb │ ├── csrf_setting.rb │ ├── default_routes.rb │ ├── deserialize.rb │ ├── detailed_exceptions.rb │ ├── digest_dos.rb │ ├── dynamic_finders.rb │ ├── evaluation.rb │ ├── file_access.rb │ ├── file_disclosure.rb │ ├── filter_skipping.rb │ ├── header_dos.rb │ ├── i18n_xss.rb │ ├── json_encoding.rb │ ├── json_entity_escape.rb │ ├── json_parsing.rb │ ├── link_to_href.rb │ ├── mass_assignment.rb │ ├── send.rb │ ├── sqli.rb │ └── xss.rb │ ├── cli.rb │ ├── core_ext │ └── string.rb │ ├── erubi.rb │ ├── extractors │ ├── calls.rb │ └── methods.rb │ ├── targets │ ├── base.rb │ ├── config.rb │ ├── controller.rb │ ├── model.rb │ ├── routes.rb │ └── view.rb │ ├── version.rb │ └── warning.rb ├── railsgoat-example.png ├── spektr.gemspec └── test ├── apps └── rails6.1 │ ├── .gitattributes │ ├── .gitignore │ ├── .ruby-version │ ├── Gemfile │ ├── Gemfile.lock │ ├── README.md │ ├── Rakefile │ ├── app │ ├── assets │ │ ├── config │ │ │ └── manifest.js │ │ ├── images │ │ │ └── .keep │ │ └── stylesheets │ │ │ └── application.css │ ├── channels │ │ └── application_cable │ │ │ ├── channel.rb │ │ │ └── connection.rb │ ├── controllers │ │ ├── application_controller.rb │ │ ├── concerns │ │ │ └── .keep │ │ └── welcome_controller.rb │ ├── helpers │ │ ├── application_helper.rb │ │ └── welcome_helper.rb │ ├── javascript │ │ ├── channels │ │ │ ├── consumer.js │ │ │ └── index.js │ │ └── packs │ │ │ └── application.js │ ├── jobs │ │ └── application_job.rb │ ├── mailers │ │ └── application_mailer.rb │ ├── models │ │ ├── application_record.rb │ │ ├── concerns │ │ │ └── .keep │ │ └── post.rb │ └── views │ │ ├── layouts │ │ ├── application.html.erb │ │ ├── mailer.html.erb │ │ └── mailer.text.erb │ │ └── welcome │ │ └── index.html.erb │ ├── bin │ ├── rails │ ├── rake │ ├── setup │ ├── spring │ └── yarn │ ├── config.ru │ ├── config │ ├── application.rb │ ├── boot.rb │ ├── cable.yml │ ├── credentials.yml.enc │ ├── database.yml │ ├── environment.rb │ ├── environments │ │ ├── development.rb │ │ ├── production.rb │ │ └── test.rb │ ├── initializers │ │ ├── application_controller_renderer.rb │ │ ├── assets.rb │ │ ├── backtrace_silencers.rb │ │ ├── content_security_policy.rb │ │ ├── cookies_serializer.rb │ │ ├── filter_parameter_logging.rb │ │ ├── inflections.rb │ │ ├── mime_types.rb │ │ ├── permissions_policy.rb │ │ └── wrap_parameters.rb │ ├── locales │ │ └── en.yml │ ├── puma.rb │ ├── routes.rb │ ├── spring.rb │ └── storage.yml │ ├── db │ └── seeds.rb │ ├── lib │ ├── assets │ │ └── .keep │ └── tasks │ │ └── .keep │ ├── log │ └── .keep │ ├── package.json │ ├── public │ ├── 404.html │ ├── 422.html │ ├── 500.html │ ├── apple-touch-icon-precomposed.png │ ├── apple-touch-icon.png │ ├── favicon.ico │ └── robots.txt │ ├── storage │ └── .keep │ ├── tmp │ ├── .keep │ └── pids │ │ └── .keep │ └── vendor │ └── .keep ├── spektr ├── app_test.rb ├── checks │ ├── basic_auth_test.rb │ ├── basic_auth_timing_test.rb │ ├── command_injection_test.rb │ ├── content_tag_xss_test.rb │ ├── cookie_serialization_test.rb │ ├── create_with_test.rb │ ├── csrf_setting_test.rb │ ├── default_routes_test.rb │ ├── deserialize_test.rb │ ├── detailed_exceptions_test.rb │ ├── digest_dos_test.rb │ ├── dynamic_finders_test.rb │ ├── evaluations_test.rb │ ├── file_access_test.rb │ ├── file_disclosure_test.rb │ ├── json_entity_escape_test.rb │ ├── json_parsing_test.rb │ ├── link_to_href_test.rb │ ├── mass_assignment_test.rb │ ├── send_test.rb │ ├── sqli_test.rb │ └── xss_test.rb └── targets │ ├── base_test.rb │ ├── controller_test.rb │ ├── routes_test.rb │ └── view_test.rb ├── spektr_test.rb └── test_helper.rb /.github/workflows/ci.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/.github/workflows/ci.yaml -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/.gitignore -------------------------------------------------------------------------------- /.travis.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/.travis.yml -------------------------------------------------------------------------------- /CHANGELOG.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/CHANGELOG.md -------------------------------------------------------------------------------- /CODE_OF_CONDUCT.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/CODE_OF_CONDUCT.md -------------------------------------------------------------------------------- /Gemfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/Gemfile -------------------------------------------------------------------------------- /Guardfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/Guardfile -------------------------------------------------------------------------------- /LICENSE.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/LICENSE.txt -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/README.md -------------------------------------------------------------------------------- /Rakefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/Rakefile -------------------------------------------------------------------------------- /bin/console: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/bin/console -------------------------------------------------------------------------------- /bin/setup: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/bin/setup -------------------------------------------------------------------------------- /bin/spektr: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/bin/spektr -------------------------------------------------------------------------------- /lib/spektr.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/lib/spektr.rb -------------------------------------------------------------------------------- /lib/spektr/app.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/lib/spektr/app.rb -------------------------------------------------------------------------------- /lib/spektr/checks.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/lib/spektr/checks.rb -------------------------------------------------------------------------------- /lib/spektr/checks/base.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/lib/spektr/checks/base.rb -------------------------------------------------------------------------------- /lib/spektr/checks/basic_auth.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/lib/spektr/checks/basic_auth.rb -------------------------------------------------------------------------------- /lib/spektr/checks/basic_auth_timing.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/lib/spektr/checks/basic_auth_timing.rb -------------------------------------------------------------------------------- /lib/spektr/checks/command_injection.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/lib/spektr/checks/command_injection.rb -------------------------------------------------------------------------------- /lib/spektr/checks/content_tag_xss.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/lib/spektr/checks/content_tag_xss.rb -------------------------------------------------------------------------------- /lib/spektr/checks/cookie_serialization.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/lib/spektr/checks/cookie_serialization.rb -------------------------------------------------------------------------------- /lib/spektr/checks/create_with.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/lib/spektr/checks/create_with.rb -------------------------------------------------------------------------------- /lib/spektr/checks/csrf.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/lib/spektr/checks/csrf.rb -------------------------------------------------------------------------------- /lib/spektr/checks/csrf_setting.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/lib/spektr/checks/csrf_setting.rb -------------------------------------------------------------------------------- /lib/spektr/checks/default_routes.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/lib/spektr/checks/default_routes.rb -------------------------------------------------------------------------------- /lib/spektr/checks/deserialize.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/lib/spektr/checks/deserialize.rb -------------------------------------------------------------------------------- /lib/spektr/checks/detailed_exceptions.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/lib/spektr/checks/detailed_exceptions.rb -------------------------------------------------------------------------------- /lib/spektr/checks/digest_dos.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/lib/spektr/checks/digest_dos.rb -------------------------------------------------------------------------------- /lib/spektr/checks/dynamic_finders.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/lib/spektr/checks/dynamic_finders.rb -------------------------------------------------------------------------------- /lib/spektr/checks/evaluation.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/lib/spektr/checks/evaluation.rb -------------------------------------------------------------------------------- /lib/spektr/checks/file_access.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/lib/spektr/checks/file_access.rb -------------------------------------------------------------------------------- /lib/spektr/checks/file_disclosure.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/lib/spektr/checks/file_disclosure.rb -------------------------------------------------------------------------------- /lib/spektr/checks/filter_skipping.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/lib/spektr/checks/filter_skipping.rb -------------------------------------------------------------------------------- /lib/spektr/checks/header_dos.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/lib/spektr/checks/header_dos.rb -------------------------------------------------------------------------------- /lib/spektr/checks/i18n_xss.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/lib/spektr/checks/i18n_xss.rb -------------------------------------------------------------------------------- /lib/spektr/checks/json_encoding.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/lib/spektr/checks/json_encoding.rb -------------------------------------------------------------------------------- /lib/spektr/checks/json_entity_escape.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/lib/spektr/checks/json_entity_escape.rb -------------------------------------------------------------------------------- /lib/spektr/checks/json_parsing.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/lib/spektr/checks/json_parsing.rb -------------------------------------------------------------------------------- /lib/spektr/checks/link_to_href.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/lib/spektr/checks/link_to_href.rb -------------------------------------------------------------------------------- /lib/spektr/checks/mass_assignment.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/lib/spektr/checks/mass_assignment.rb -------------------------------------------------------------------------------- /lib/spektr/checks/send.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/lib/spektr/checks/send.rb -------------------------------------------------------------------------------- /lib/spektr/checks/sqli.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/lib/spektr/checks/sqli.rb -------------------------------------------------------------------------------- /lib/spektr/checks/xss.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/lib/spektr/checks/xss.rb -------------------------------------------------------------------------------- /lib/spektr/cli.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/lib/spektr/cli.rb -------------------------------------------------------------------------------- /lib/spektr/core_ext/string.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/lib/spektr/core_ext/string.rb -------------------------------------------------------------------------------- /lib/spektr/erubi.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/lib/spektr/erubi.rb -------------------------------------------------------------------------------- /lib/spektr/extractors/calls.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/lib/spektr/extractors/calls.rb -------------------------------------------------------------------------------- /lib/spektr/extractors/methods.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/lib/spektr/extractors/methods.rb -------------------------------------------------------------------------------- /lib/spektr/targets/base.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/lib/spektr/targets/base.rb -------------------------------------------------------------------------------- /lib/spektr/targets/config.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/lib/spektr/targets/config.rb -------------------------------------------------------------------------------- /lib/spektr/targets/controller.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/lib/spektr/targets/controller.rb -------------------------------------------------------------------------------- /lib/spektr/targets/model.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/lib/spektr/targets/model.rb -------------------------------------------------------------------------------- /lib/spektr/targets/routes.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/lib/spektr/targets/routes.rb -------------------------------------------------------------------------------- /lib/spektr/targets/view.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/lib/spektr/targets/view.rb -------------------------------------------------------------------------------- /lib/spektr/version.rb: -------------------------------------------------------------------------------- 1 | module Spektr 2 | VERSION = '0.4.1' 3 | end 4 | -------------------------------------------------------------------------------- /lib/spektr/warning.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/lib/spektr/warning.rb -------------------------------------------------------------------------------- /railsgoat-example.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/railsgoat-example.png -------------------------------------------------------------------------------- /spektr.gemspec: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/spektr.gemspec -------------------------------------------------------------------------------- /test/apps/rails6.1/.gitattributes: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/.gitattributes -------------------------------------------------------------------------------- /test/apps/rails6.1/.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/.gitignore -------------------------------------------------------------------------------- /test/apps/rails6.1/.ruby-version: -------------------------------------------------------------------------------- 1 | 2.7.2 2 | -------------------------------------------------------------------------------- /test/apps/rails6.1/Gemfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/Gemfile -------------------------------------------------------------------------------- /test/apps/rails6.1/Gemfile.lock: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/Gemfile.lock -------------------------------------------------------------------------------- /test/apps/rails6.1/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/README.md -------------------------------------------------------------------------------- /test/apps/rails6.1/Rakefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/Rakefile -------------------------------------------------------------------------------- /test/apps/rails6.1/app/assets/config/manifest.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/app/assets/config/manifest.js -------------------------------------------------------------------------------- /test/apps/rails6.1/app/assets/images/.keep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /test/apps/rails6.1/app/assets/stylesheets/application.css: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/app/assets/stylesheets/application.css -------------------------------------------------------------------------------- /test/apps/rails6.1/app/channels/application_cable/channel.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/app/channels/application_cable/channel.rb -------------------------------------------------------------------------------- /test/apps/rails6.1/app/channels/application_cable/connection.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/app/channels/application_cable/connection.rb -------------------------------------------------------------------------------- /test/apps/rails6.1/app/controllers/application_controller.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/app/controllers/application_controller.rb -------------------------------------------------------------------------------- /test/apps/rails6.1/app/controllers/concerns/.keep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /test/apps/rails6.1/app/controllers/welcome_controller.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/app/controllers/welcome_controller.rb -------------------------------------------------------------------------------- /test/apps/rails6.1/app/helpers/application_helper.rb: -------------------------------------------------------------------------------- 1 | module ApplicationHelper 2 | end 3 | -------------------------------------------------------------------------------- /test/apps/rails6.1/app/helpers/welcome_helper.rb: -------------------------------------------------------------------------------- 1 | module WelcomeHelper 2 | end 3 | -------------------------------------------------------------------------------- /test/apps/rails6.1/app/javascript/channels/consumer.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/app/javascript/channels/consumer.js -------------------------------------------------------------------------------- /test/apps/rails6.1/app/javascript/channels/index.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/app/javascript/channels/index.js -------------------------------------------------------------------------------- /test/apps/rails6.1/app/javascript/packs/application.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/app/javascript/packs/application.js -------------------------------------------------------------------------------- /test/apps/rails6.1/app/jobs/application_job.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/app/jobs/application_job.rb -------------------------------------------------------------------------------- /test/apps/rails6.1/app/mailers/application_mailer.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/app/mailers/application_mailer.rb -------------------------------------------------------------------------------- /test/apps/rails6.1/app/models/application_record.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/app/models/application_record.rb -------------------------------------------------------------------------------- /test/apps/rails6.1/app/models/concerns/.keep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /test/apps/rails6.1/app/models/post.rb: -------------------------------------------------------------------------------- 1 | class Post < ApplicationRecord 2 | end -------------------------------------------------------------------------------- /test/apps/rails6.1/app/views/layouts/application.html.erb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/app/views/layouts/application.html.erb -------------------------------------------------------------------------------- /test/apps/rails6.1/app/views/layouts/mailer.html.erb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/app/views/layouts/mailer.html.erb -------------------------------------------------------------------------------- /test/apps/rails6.1/app/views/layouts/mailer.text.erb: -------------------------------------------------------------------------------- 1 | <%= yield %> 2 | -------------------------------------------------------------------------------- /test/apps/rails6.1/app/views/welcome/index.html.erb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/app/views/welcome/index.html.erb -------------------------------------------------------------------------------- /test/apps/rails6.1/bin/rails: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/bin/rails -------------------------------------------------------------------------------- /test/apps/rails6.1/bin/rake: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/bin/rake -------------------------------------------------------------------------------- /test/apps/rails6.1/bin/setup: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/bin/setup -------------------------------------------------------------------------------- /test/apps/rails6.1/bin/spring: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/bin/spring -------------------------------------------------------------------------------- /test/apps/rails6.1/bin/yarn: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/bin/yarn -------------------------------------------------------------------------------- /test/apps/rails6.1/config.ru: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/config.ru -------------------------------------------------------------------------------- /test/apps/rails6.1/config/application.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/config/application.rb -------------------------------------------------------------------------------- /test/apps/rails6.1/config/boot.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/config/boot.rb -------------------------------------------------------------------------------- /test/apps/rails6.1/config/cable.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/config/cable.yml -------------------------------------------------------------------------------- /test/apps/rails6.1/config/credentials.yml.enc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/config/credentials.yml.enc -------------------------------------------------------------------------------- /test/apps/rails6.1/config/database.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/config/database.yml -------------------------------------------------------------------------------- /test/apps/rails6.1/config/environment.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/config/environment.rb -------------------------------------------------------------------------------- /test/apps/rails6.1/config/environments/development.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/config/environments/development.rb -------------------------------------------------------------------------------- /test/apps/rails6.1/config/environments/production.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/config/environments/production.rb -------------------------------------------------------------------------------- /test/apps/rails6.1/config/environments/test.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/config/environments/test.rb -------------------------------------------------------------------------------- /test/apps/rails6.1/config/initializers/application_controller_renderer.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/config/initializers/application_controller_renderer.rb -------------------------------------------------------------------------------- /test/apps/rails6.1/config/initializers/assets.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/config/initializers/assets.rb -------------------------------------------------------------------------------- /test/apps/rails6.1/config/initializers/backtrace_silencers.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/config/initializers/backtrace_silencers.rb -------------------------------------------------------------------------------- /test/apps/rails6.1/config/initializers/content_security_policy.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/config/initializers/content_security_policy.rb -------------------------------------------------------------------------------- /test/apps/rails6.1/config/initializers/cookies_serializer.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/config/initializers/cookies_serializer.rb -------------------------------------------------------------------------------- /test/apps/rails6.1/config/initializers/filter_parameter_logging.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/config/initializers/filter_parameter_logging.rb -------------------------------------------------------------------------------- /test/apps/rails6.1/config/initializers/inflections.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/config/initializers/inflections.rb -------------------------------------------------------------------------------- /test/apps/rails6.1/config/initializers/mime_types.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/config/initializers/mime_types.rb -------------------------------------------------------------------------------- /test/apps/rails6.1/config/initializers/permissions_policy.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/config/initializers/permissions_policy.rb -------------------------------------------------------------------------------- /test/apps/rails6.1/config/initializers/wrap_parameters.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/config/initializers/wrap_parameters.rb -------------------------------------------------------------------------------- /test/apps/rails6.1/config/locales/en.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/config/locales/en.yml -------------------------------------------------------------------------------- /test/apps/rails6.1/config/puma.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/config/puma.rb -------------------------------------------------------------------------------- /test/apps/rails6.1/config/routes.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/config/routes.rb -------------------------------------------------------------------------------- /test/apps/rails6.1/config/spring.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/config/spring.rb -------------------------------------------------------------------------------- /test/apps/rails6.1/config/storage.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/config/storage.yml -------------------------------------------------------------------------------- /test/apps/rails6.1/db/seeds.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/db/seeds.rb -------------------------------------------------------------------------------- /test/apps/rails6.1/lib/assets/.keep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /test/apps/rails6.1/lib/tasks/.keep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /test/apps/rails6.1/log/.keep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /test/apps/rails6.1/package.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/package.json -------------------------------------------------------------------------------- /test/apps/rails6.1/public/404.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/public/404.html -------------------------------------------------------------------------------- /test/apps/rails6.1/public/422.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/public/422.html -------------------------------------------------------------------------------- /test/apps/rails6.1/public/500.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/public/500.html -------------------------------------------------------------------------------- /test/apps/rails6.1/public/apple-touch-icon-precomposed.png: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /test/apps/rails6.1/public/apple-touch-icon.png: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /test/apps/rails6.1/public/favicon.ico: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /test/apps/rails6.1/public/robots.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/apps/rails6.1/public/robots.txt -------------------------------------------------------------------------------- /test/apps/rails6.1/storage/.keep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /test/apps/rails6.1/tmp/.keep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /test/apps/rails6.1/tmp/pids/.keep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /test/apps/rails6.1/vendor/.keep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /test/spektr/app_test.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/spektr/app_test.rb -------------------------------------------------------------------------------- /test/spektr/checks/basic_auth_test.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/spektr/checks/basic_auth_test.rb -------------------------------------------------------------------------------- /test/spektr/checks/basic_auth_timing_test.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/spektr/checks/basic_auth_timing_test.rb -------------------------------------------------------------------------------- /test/spektr/checks/command_injection_test.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/spektr/checks/command_injection_test.rb -------------------------------------------------------------------------------- /test/spektr/checks/content_tag_xss_test.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/spektr/checks/content_tag_xss_test.rb -------------------------------------------------------------------------------- /test/spektr/checks/cookie_serialization_test.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/spektr/checks/cookie_serialization_test.rb -------------------------------------------------------------------------------- /test/spektr/checks/create_with_test.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/spektr/checks/create_with_test.rb -------------------------------------------------------------------------------- /test/spektr/checks/csrf_setting_test.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/spektr/checks/csrf_setting_test.rb -------------------------------------------------------------------------------- /test/spektr/checks/default_routes_test.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/spektr/checks/default_routes_test.rb -------------------------------------------------------------------------------- /test/spektr/checks/deserialize_test.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/spektr/checks/deserialize_test.rb -------------------------------------------------------------------------------- /test/spektr/checks/detailed_exceptions_test.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/spektr/checks/detailed_exceptions_test.rb -------------------------------------------------------------------------------- /test/spektr/checks/digest_dos_test.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/spektr/checks/digest_dos_test.rb -------------------------------------------------------------------------------- /test/spektr/checks/dynamic_finders_test.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/spektr/checks/dynamic_finders_test.rb -------------------------------------------------------------------------------- /test/spektr/checks/evaluations_test.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/spektr/checks/evaluations_test.rb -------------------------------------------------------------------------------- /test/spektr/checks/file_access_test.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/spektr/checks/file_access_test.rb -------------------------------------------------------------------------------- /test/spektr/checks/file_disclosure_test.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/spektr/checks/file_disclosure_test.rb -------------------------------------------------------------------------------- /test/spektr/checks/json_entity_escape_test.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/spektr/checks/json_entity_escape_test.rb -------------------------------------------------------------------------------- /test/spektr/checks/json_parsing_test.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/spektr/checks/json_parsing_test.rb -------------------------------------------------------------------------------- /test/spektr/checks/link_to_href_test.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/spektr/checks/link_to_href_test.rb -------------------------------------------------------------------------------- /test/spektr/checks/mass_assignment_test.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/spektr/checks/mass_assignment_test.rb -------------------------------------------------------------------------------- /test/spektr/checks/send_test.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/spektr/checks/send_test.rb -------------------------------------------------------------------------------- /test/spektr/checks/sqli_test.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/spektr/checks/sqli_test.rb -------------------------------------------------------------------------------- /test/spektr/checks/xss_test.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/spektr/checks/xss_test.rb -------------------------------------------------------------------------------- /test/spektr/targets/base_test.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/spektr/targets/base_test.rb -------------------------------------------------------------------------------- /test/spektr/targets/controller_test.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/spektr/targets/controller_test.rb -------------------------------------------------------------------------------- /test/spektr/targets/routes_test.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/spektr/targets/routes_test.rb -------------------------------------------------------------------------------- /test/spektr/targets/view_test.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/spektr/targets/view_test.rb -------------------------------------------------------------------------------- /test/spektr_test.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/spektr_test.rb -------------------------------------------------------------------------------- /test/test_helper.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gregmolnar/spektr/HEAD/test/test_helper.rb --------------------------------------------------------------------------------