skipfish is a high-performance, easy, and sophisticated Web application
security testing tool. It features a single-threaded multiplexing HTTP stack, heuristic detection of obscure Web frameworks, and advanced, differential security checks capable of detecting blind injection vulnerabilities, stored XSS, and so forth. PR: ports/144942 Submitted by: Ryan Steinmetz <rpsfa@rit.edu> Approved by: itetcu (mentor) WWW: http://code.google.com/p/skipfish/
This commit is contained in:
parent
d5bf4584cf
commit
5832e3c6bf
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=251480
7 changed files with 126 additions and 0 deletions
|
@ -768,6 +768,7 @@
|
|||
SUBDIR += signing-party
|
||||
SUBDIR += silktools
|
||||
SUBDIR += sinfp
|
||||
SUBDIR += skipfish
|
||||
SUBDIR += sks
|
||||
SUBDIR += slurpie
|
||||
SUBDIR += slush
|
||||
|
|
44
security/skipfish/Makefile
Normal file
44
security/skipfish/Makefile
Normal file
|
@ -0,0 +1,44 @@
|
|||
# New ports collection makefile for: skipfish
|
||||
# Date created: 2010-03-25
|
||||
# Whom: rpsfa@rit.edu
|
||||
#
|
||||
# $FreeBSD$
|
||||
|
||||
PORTNAME= skipfish
|
||||
PORTVERSION= 1.11b
|
||||
CATEGORIES= security
|
||||
MASTER_SITES= ${MASTER_SITE_GOOGLE_CODE}
|
||||
EXTRACT_SUFX= .tgz
|
||||
|
||||
MAINTAINER= rpsfa@rit.edu
|
||||
COMMENT= A fully automated, active web application security reconnaissance tool
|
||||
|
||||
LIB_DEPENDS= idn.16:${PORTSDIR}/dns/libidn
|
||||
SUB_FILES= pkg-message
|
||||
|
||||
WRKSRC= ${WRKDIR}/${PORTNAME}
|
||||
|
||||
.if !defined(NOPORTDOCS)
|
||||
PORTDOCS= README COPYING ChangeLog
|
||||
.endif
|
||||
|
||||
post-patch:
|
||||
@${SED} -ie 's:assets:${DATADIR}/assets:g' ${WRKSRC}/report.c
|
||||
@${SED} -ie 's:assets/:${DATADIR}/assets/:g' ${WRKSRC}/skipfish.c
|
||||
@${SED} -ie 's:skipfish.wl:${DATADIR}/dictionaries/default.wl:g' ${WRKSRC}/config.h
|
||||
|
||||
do-install:
|
||||
${INSTALL_PROGRAM} ${WRKSRC}/skipfish ${PREFIX}/bin/skipfish
|
||||
(cd ${WRKSRC}/assets/ && ${COPYTREE_SHARE} . ${DATADIR}/assets/)
|
||||
(cd ${WRKSRC}/dictionaries/ && ${COPYTREE_SHARE} . ${DATADIR}/dictionaries/)
|
||||
.if !defined(NOPORTDOCS)
|
||||
${MKDIR} ${DOCSDIR}
|
||||
. for doc in ${PORTDOCS}
|
||||
${INSTALL_DATA} ${WRKSRC}/${doc} ${DOCSDIR}
|
||||
. endfor
|
||||
.endif
|
||||
|
||||
post-install:
|
||||
@${CAT} ${PKGMESSAGE}
|
||||
|
||||
.include <bsd.port.mk>
|
3
security/skipfish/distinfo
Normal file
3
security/skipfish/distinfo
Normal file
|
@ -0,0 +1,3 @@
|
|||
MD5 (skipfish-1.11b.tgz) = 49b2e116808688c5e52378dfe568c885
|
||||
SHA256 (skipfish-1.11b.tgz) = ed3d45cf54770db9cae12422c36f1e3f90857da4381a47956b355bc9d7f35ea0
|
||||
SIZE (skipfish-1.11b.tgz) = 170563
|
15
security/skipfish/files/patch-aa
Normal file
15
security/skipfish/files/patch-aa
Normal file
|
@ -0,0 +1,15 @@
|
|||
--- Makefile.orig 2010-03-22 20:34:04.000000000 +0100
|
||||
+++ Makefile 2010-03-22 20:34:40.000000000 +0100
|
||||
@@ -35,9 +35,9 @@
|
||||
|
||||
$(PROGNAME): $(PROGNAME).c $(OBJFILES) $(INCFILES)
|
||||
$(CC) $(PROGNAME).c -o $(PROGNAME) $(CFLAGS_OPT) $(OBJFILES) $(LDFLAGS)
|
||||
- @echo
|
||||
- @echo "NOTE: See dictionaries/README-FIRST to pick a dictionary for the tool."
|
||||
- @echo
|
||||
+# @echo
|
||||
+# @echo "NOTE: See dictionaries/README-FIRST to pick a dictionary for the tool."
|
||||
+# @echo
|
||||
|
||||
debug: $(PROGNAME).c $(OBJFILES) $(INCFILES)
|
||||
$(CC) $(PROGNAME).c -o $(PROGNAME) $(CFLAGS_DBG) $(OBJFILES) $(LDFLAGS)
|
14
security/skipfish/files/pkg-message.in
Normal file
14
security/skipfish/files/pkg-message.in
Normal file
|
@ -0,0 +1,14 @@
|
|||
|
||||
******************************************************************
|
||||
The FreeBSD port is configured to use the "default" dictionary but
|
||||
it's highly recommended to read the dictionaries document first in
|
||||
order to pick the right dictionary
|
||||
|
||||
%%DATADIR%%/dictionaries/README-FIRST
|
||||
|
||||
The skipfish dictionaries have been installed in the following
|
||||
directory:
|
||||
|
||||
%%DATADIR%%/dictionaries/
|
||||
******************************************************************
|
||||
|
16
security/skipfish/pkg-descr
Normal file
16
security/skipfish/pkg-descr
Normal file
|
@ -0,0 +1,16 @@
|
|||
A fully automated, active web application security reconnaissance
|
||||
tool. Key features:
|
||||
|
||||
* High speed: pure C code, highly optimized HTTP handling, minimal
|
||||
CPU footprint - easily achieving 2000 requests per second with
|
||||
responsive targets.
|
||||
|
||||
* Ease of use: heuristics to support a variety of quirky web
|
||||
frameworks and mixed-technology sites, with automatic learning
|
||||
capabilities, on-the-fly wordlist creation, and form autocompletion.
|
||||
|
||||
* Cutting-edge security logic: high quality, low false positive,
|
||||
differential security checks, capable of spotting a range of subtle
|
||||
flaws, including blind injection vectors.
|
||||
|
||||
WWW: http://code.google.com/p/skipfish
|
33
security/skipfish/pkg-plist
Normal file
33
security/skipfish/pkg-plist
Normal file
|
@ -0,0 +1,33 @@
|
|||
bin/skipfish
|
||||
%%DATADIR%%/assets/COPYING
|
||||
%%DATADIR%%/assets/i_high.png
|
||||
%%DATADIR%%/assets/i_low.png
|
||||
%%DATADIR%%/assets/i_medium.png
|
||||
%%DATADIR%%/assets/i_note.png
|
||||
%%DATADIR%%/assets/i_warn.png
|
||||
%%DATADIR%%/assets/index.html
|
||||
%%DATADIR%%/assets/mime_entry.png
|
||||
%%DATADIR%%/assets/n_children.png
|
||||
%%DATADIR%%/assets/n_clone.png
|
||||
%%DATADIR%%/assets/n_collapsed.png
|
||||
%%DATADIR%%/assets/n_expanded.png
|
||||
%%DATADIR%%/assets/n_failed.png
|
||||
%%DATADIR%%/assets/n_maybe_missing.png
|
||||
%%DATADIR%%/assets/n_missing.png
|
||||
%%DATADIR%%/assets/n_unlinked.png
|
||||
%%DATADIR%%/assets/p_dir.png
|
||||
%%DATADIR%%/assets/p_file.png
|
||||
%%DATADIR%%/assets/p_param.png
|
||||
%%DATADIR%%/assets/p_pinfo.png
|
||||
%%DATADIR%%/assets/p_serv.png
|
||||
%%DATADIR%%/assets/p_unknown.png
|
||||
%%DATADIR%%/assets/p_value.png
|
||||
%%DATADIR%%/assets/sf_name.png
|
||||
%%DATADIR%%/dictionaries/README-FIRST
|
||||
%%DATADIR%%/dictionaries/complete.wl
|
||||
%%DATADIR%%/dictionaries/default.wl
|
||||
%%DATADIR%%/dictionaries/extensions-only.wl
|
||||
%%DATADIR%%/dictionaries/minimal.wl
|
||||
@dirrm %%DATADIR%%/dictionaries
|
||||
@dirrm %%DATADIR%%/assets
|
||||
@dirrm %%DATADIR%%
|
Loading…
Reference in a new issue