This repository has been archived by the owner on Aug 17, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 24
/
config.rb
153 lines (138 loc) · 6.18 KB
/
config.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
#######################################################################
# Configs
#######################################################################
$configs = {
# HTML reporting only: If an HTML report is being generated, this
# information will be printed into the report.
:client_name => "Enzo's Pizza",
# HTML reporting only: if set to true, all JavaScript dependencies
# will be embedded directly into the report file. If set to false,
# they will be linked to a hosted CDN from within the generated
# report.
#
# Embedding JavaScript directly in the report makes it possible
# to use all of the functionality of the HTML report even when
# no Internet connection is available, but will increase the
# file size of the report.
:embed_javascript => false,
# Exclude filenames to scan, matched anywhere within --scan-dir
# or its subdirectories
:exclude_files => [
#'ignore-1.php',
#'ignore-2.php',
],
# Exclude directories to scan, relative to --scan-dir
:exclude_dirs => [
#'ignore-one',
#'ignore-two',
],
# HTML reporting only: This text will be displayed in the report's
# footer area
:footer_text => "Report generated by <a href='https://github.com/chrisallenlane/watchtower'>Watchtower</a>.",
# HTML reporting only: This text will be displayed in the report's
# header area
:header_text => "
<div id='masthead_right'>
<h4>Auditor:</h4>
<p>Hiro Protagonist
<br><a href='#'>hiro@example.com</a>
<br><a href='#'>blog.example.com</a>
<br><a href='#'>twitter.com/example</a></p>
</div>
",
# HTML and Markdown reporting only: the path to the ERB templates to
# use for generating the reports.
:report_file => {
:html => './lib/reports/report.html.erb',
:markdown => './lib/reports/report.markdown.erb',
},
# HTML reporting only: the stylesheets to embed into the outputted
# report.
:stylesheets => [
'./lib/static/css/jquery-ui-1.8.19.custom.css',
'./lib/static/css/main.css',
# You may add stylesheets to implement your own branding here
],
# The paths to the files containing the signatures for which you
# would like to scan. You should comment out the signatures for the
# filetypes you would not like to scan. Doing so can yield dramatic
# decreases in scanning time.
:signatures => [
#'./signatures/c.rb',
'./signatures/html.rb',
'./signatures/js.rb',
'./signatures/asp_net.rb',
'./signatures/php.rb',
'./signatures/java.rb',
'./signatures/sql.rb',
'./signatures/linux_files.rb',
# './signatures/wordpress.rb',
# './signatures/blocklist.rb',
].sort,
}
#######################################################################
# Signatures
#######################################################################
# assemble the array of signatures
$signatures ||= {}
$configs[:signatures].each {|signature| require signature}
# Now, map a file-type to the many possible file extensions each may
# actually have in "in real life".
#
# Many thanks to the author of ack-grep (http://betterthangrep.com) for
# doing 98% of the work in assembling following the hash:
$configs[:ftype_ext] = {}
$configs[:ftype_ext][:actionscript] = %w[as mxml]
$configs[:ftype_ext][:ada] = %w[ada adb ads]
$configs[:ftype_ext][:asm] = %w[asm s]
$configs[:ftype_ext][:asp] = %w[asp aspx]
$configs[:ftype_ext][:batch] = %w[bat cmd]
$configs[:ftype_ext][:cc] = %w[c h xs]
$configs[:ftype_ext][:cfmx] = %w[cfc cfm cfml]
$configs[:ftype_ext][:cpp] = %w[cpp cc cxx m hpp hh h hxx]
$configs[:ftype_ext][:csharp] = %w[cs]
$configs[:ftype_ext][:css] = %w[css]
$configs[:ftype_ext][:elisp] = %w[el]
$configs[:ftype_ext][:erlang] = %w[erl hrl]
$configs[:ftype_ext][:fortran] = %w[f f77 f90 f95 f03 for ftn fpp]
$configs[:ftype_ext][:haskell] = %w[hs lhs]
$configs[:ftype_ext][:hh] = %w[h]
$configs[:ftype_ext][:html] = %w[htm html shtml xhtml]
$configs[:ftype_ext][:java] = %w[java properties]
$configs[:ftype_ext][:js] = %w[js]
$configs[:ftype_ext][:jsp] = %w[jsp jspx jhtm jhtml]
$configs[:ftype_ext][:lisp] = %w[lisp lsp]
$configs[:ftype_ext][:lua] = %w[lua]
$configs[:ftype_ext][:mason] = %w[mas mhtml mpl mtxt]
$configs[:ftype_ext][:objc] = %w[m h]
$configs[:ftype_ext][:objcpp] = %w[mm h]
$configs[:ftype_ext][:ocaml] = %w[ml mli]
$configs[:ftype_ext][:parrot] = %w[pir pasm pmc ops pod pg tg]
$configs[:ftype_ext][:perl] = %w[pl pm pod t]
$configs[:ftype_ext][:php] = %w[php phpt php3 php4 php5 phtml]
$configs[:ftype_ext][:plone] = %w[pt cpt metadata cpy py]
$configs[:ftype_ext][:python] = %w[py]
$configs[:ftype_ext][:rake] = %w[Rakefiles]
$configs[:ftype_ext][:ruby] = %w[rb rhtml rjs rxml erb rake]
$configs[:ftype_ext][:scala] = %w[scala]
$configs[:ftype_ext][:scheme] = %w[scm ss]
$configs[:ftype_ext][:shell] = %w[sh bash csh tcsh ksh zsh]
$configs[:ftype_ext][:smalltalk] = %w[st]
$configs[:ftype_ext][:sql] = %w[sql ctl java groovy asp aspx cs]
$configs[:ftype_ext][:tcl] = %w[tcl itcl itk]
$configs[:ftype_ext][:tex] = %w[tex cls sty]
$configs[:ftype_ext][:tt] = %w[tt tt2 ttml]
$configs[:ftype_ext][:vb] = %w[bas cls frm ctl vb resx]
$configs[:ftype_ext][:xml] = %w[xml dtd xslt ent]
$configs[:ftype_ext][:yaml] = %w[yaml yml]
# map the Wordpress API signatures to PHP files
$configs[:ftype_ext][:wordpress] = %w[php phpt php3 php4 php5 phtml]
# map the linux system file signatures to PHP
$configs[:ftype_ext][:linux] = %w[php phpt php3 php4 php5 phtml]
# map the ASP.NET signature to various files, includes also .cs files (C#)
$configs[:ftype_ext][:asp_net] = %w[asp aspx cs vb]
$configs[:ftype_ext][:java] = %w[java jsp groovy properties xml]
# map the blocklists to some filetypes (defaulting to PHP and HTML)
# Note: if you're going to scan blocklists, be prepared to wait a
# long time to complete a scan, because the blocklists are huge.
$configs[:ftype_ext][:blocklists] = %w[php phpt php3 php4 php5 phtml html]