aboutsummaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorniels <niels@FreeBSD.org>2010-03-25 14:43:37 +0800
committerniels <niels@FreeBSD.org>2010-03-25 14:43:37 +0800
commitc45e18b8aa8ee6a93a4dbf070c504f48a4a3478c (patch)
tree7d0a1fc9c21a5090e959b701a73cb9b4a5271ceb /security
parent4bc15cd68d8af3b234b4869540e0c0cb8845c9fd (diff)
downloadfreebsd-ports-gnome-c45e18b8aa8ee6a93a4dbf070c504f48a4a3478c.tar.gz
freebsd-ports-gnome-c45e18b8aa8ee6a93a4dbf070c504f48a4a3478c.tar.zst
freebsd-ports-gnome-c45e18b8aa8ee6a93a4dbf070c504f48a4a3478c.zip
skipfish is a high-performance, easy, and sophisticated Web application
security testing tool. It features a single-threaded multiplexing HTTP stack, heuristic detection of obscure Web frameworks, and advanced, differential security checks capable of detecting blind injection vulnerabilities, stored XSS, and so forth. PR: ports/144942 Submitted by: Ryan Steinmetz <rpsfa@rit.edu> Approved by: itetcu (mentor) WWW: http://code.google.com/p/skipfish/
Diffstat (limited to 'security')
-rw-r--r--security/Makefile1
-rw-r--r--security/skipfish/Makefile44
-rw-r--r--security/skipfish/distinfo3
-rw-r--r--security/skipfish/files/patch-aa15
-rw-r--r--security/skipfish/files/pkg-message.in14
-rw-r--r--security/skipfish/pkg-descr16
-rw-r--r--security/skipfish/pkg-plist33
7 files changed, 126 insertions, 0 deletions
diff --git a/security/Makefile b/security/Makefile
index 77748b8384ce..cb459617f316 100644
--- a/security/Makefile
+++ b/security/Makefile
@@ -768,6 +768,7 @@
SUBDIR += signing-party
SUBDIR += silktools
SUBDIR += sinfp
+ SUBDIR += skipfish
SUBDIR += sks
SUBDIR += slurpie
SUBDIR += slush
diff --git a/security/skipfish/Makefile b/security/skipfish/Makefile
new file mode 100644
index 000000000000..2877a33203e9
--- /dev/null
+++ b/security/skipfish/Makefile
@@ -0,0 +1,44 @@
+# New ports collection makefile for: skipfish
+# Date created: 2010-03-25
+# Whom: rpsfa@rit.edu
+#
+# $FreeBSD$
+
+PORTNAME= skipfish
+PORTVERSION= 1.11b
+CATEGORIES= security
+MASTER_SITES= ${MASTER_SITE_GOOGLE_CODE}
+EXTRACT_SUFX= .tgz
+
+MAINTAINER= rpsfa@rit.edu
+COMMENT= A fully automated, active web application security reconnaissance tool
+
+LIB_DEPENDS= idn.16:${PORTSDIR}/dns/libidn
+SUB_FILES= pkg-message
+
+WRKSRC= ${WRKDIR}/${PORTNAME}
+
+.if !defined(NOPORTDOCS)
+PORTDOCS= README COPYING ChangeLog
+.endif
+
+post-patch:
+ @${SED} -ie 's:assets:${DATADIR}/assets:g' ${WRKSRC}/report.c
+ @${SED} -ie 's:assets/:${DATADIR}/assets/:g' ${WRKSRC}/skipfish.c
+ @${SED} -ie 's:skipfish.wl:${DATADIR}/dictionaries/default.wl:g' ${WRKSRC}/config.h
+
+do-install:
+ ${INSTALL_PROGRAM} ${WRKSRC}/skipfish ${PREFIX}/bin/skipfish
+ (cd ${WRKSRC}/assets/ && ${COPYTREE_SHARE} . ${DATADIR}/assets/)
+ (cd ${WRKSRC}/dictionaries/ && ${COPYTREE_SHARE} . ${DATADIR}/dictionaries/)
+.if !defined(NOPORTDOCS)
+ ${MKDIR} ${DOCSDIR}
+. for doc in ${PORTDOCS}
+ ${INSTALL_DATA} ${WRKSRC}/${doc} ${DOCSDIR}
+. endfor
+.endif
+
+post-install:
+ @${CAT} ${PKGMESSAGE}
+
+.include <bsd.port.mk>
diff --git a/security/skipfish/distinfo b/security/skipfish/distinfo
new file mode 100644
index 000000000000..859908dd874c
--- /dev/null
+++ b/security/skipfish/distinfo
@@ -0,0 +1,3 @@
+MD5 (skipfish-1.11b.tgz) = 49b2e116808688c5e52378dfe568c885
+SHA256 (skipfish-1.11b.tgz) = ed3d45cf54770db9cae12422c36f1e3f90857da4381a47956b355bc9d7f35ea0
+SIZE (skipfish-1.11b.tgz) = 170563
diff --git a/security/skipfish/files/patch-aa b/security/skipfish/files/patch-aa
new file mode 100644
index 000000000000..a2206cf2c56f
--- /dev/null
+++ b/security/skipfish/files/patch-aa
@@ -0,0 +1,15 @@
+--- Makefile.orig 2010-03-22 20:34:04.000000000 +0100
++++ Makefile 2010-03-22 20:34:40.000000000 +0100
+@@ -35,9 +35,9 @@
+
+ $(PROGNAME): $(PROGNAME).c $(OBJFILES) $(INCFILES)
+ $(CC) $(PROGNAME).c -o $(PROGNAME) $(CFLAGS_OPT) $(OBJFILES) $(LDFLAGS)
+- @echo
+- @echo "NOTE: See dictionaries/README-FIRST to pick a dictionary for the tool."
+- @echo
++# @echo
++# @echo "NOTE: See dictionaries/README-FIRST to pick a dictionary for the tool."
++# @echo
+
+ debug: $(PROGNAME).c $(OBJFILES) $(INCFILES)
+ $(CC) $(PROGNAME).c -o $(PROGNAME) $(CFLAGS_DBG) $(OBJFILES) $(LDFLAGS)
diff --git a/security/skipfish/files/pkg-message.in b/security/skipfish/files/pkg-message.in
new file mode 100644
index 000000000000..718427e17d8a
--- /dev/null
+++ b/security/skipfish/files/pkg-message.in
@@ -0,0 +1,14 @@
+
+******************************************************************
+The FreeBSD port is configured to use the "default" dictionary but
+it's highly recommended to read the dictionaries document first in
+order to pick the right dictionary
+
+%%DATADIR%%/dictionaries/README-FIRST
+
+The skipfish dictionaries have been installed in the following
+directory:
+
+%%DATADIR%%/dictionaries/
+******************************************************************
+
diff --git a/security/skipfish/pkg-descr b/security/skipfish/pkg-descr
new file mode 100644
index 000000000000..819ebc7b3ded
--- /dev/null
+++ b/security/skipfish/pkg-descr
@@ -0,0 +1,16 @@
+A fully automated, active web application security reconnaissance
+tool. Key features:
+
+* High speed: pure C code, highly optimized HTTP handling, minimal
+ CPU footprint - easily achieving 2000 requests per second with
+ responsive targets.
+
+* Ease of use: heuristics to support a variety of quirky web
+ frameworks and mixed-technology sites, with automatic learning
+ capabilities, on-the-fly wordlist creation, and form autocompletion.
+
+* Cutting-edge security logic: high quality, low false positive,
+ differential security checks, capable of spotting a range of subtle
+ flaws, including blind injection vectors.
+
+WWW: http://code.google.com/p/skipfish
diff --git a/security/skipfish/pkg-plist b/security/skipfish/pkg-plist
new file mode 100644
index 000000000000..0568983ca6f2
--- /dev/null
+++ b/security/skipfish/pkg-plist
@@ -0,0 +1,33 @@
+bin/skipfish
+%%DATADIR%%/assets/COPYING
+%%DATADIR%%/assets/i_high.png
+%%DATADIR%%/assets/i_low.png
+%%DATADIR%%/assets/i_medium.png
+%%DATADIR%%/assets/i_note.png
+%%DATADIR%%/assets/i_warn.png
+%%DATADIR%%/assets/index.html
+%%DATADIR%%/assets/mime_entry.png
+%%DATADIR%%/assets/n_children.png
+%%DATADIR%%/assets/n_clone.png
+%%DATADIR%%/assets/n_collapsed.png
+%%DATADIR%%/assets/n_expanded.png
+%%DATADIR%%/assets/n_failed.png
+%%DATADIR%%/assets/n_maybe_missing.png
+%%DATADIR%%/assets/n_missing.png
+%%DATADIR%%/assets/n_unlinked.png
+%%DATADIR%%/assets/p_dir.png
+%%DATADIR%%/assets/p_file.png
+%%DATADIR%%/assets/p_param.png
+%%DATADIR%%/assets/p_pinfo.png
+%%DATADIR%%/assets/p_serv.png
+%%DATADIR%%/assets/p_unknown.png
+%%DATADIR%%/assets/p_value.png
+%%DATADIR%%/assets/sf_name.png
+%%DATADIR%%/dictionaries/README-FIRST
+%%DATADIR%%/dictionaries/complete.wl
+%%DATADIR%%/dictionaries/default.wl
+%%DATADIR%%/dictionaries/extensions-only.wl
+%%DATADIR%%/dictionaries/minimal.wl
+@dirrm %%DATADIR%%/dictionaries
+@dirrm %%DATADIR%%/assets
+@dirrm %%DATADIR%%