Bug 105291 - New port: security/pantera - web site penetration testing suite
Summary: New port: security/pantera - web site penetration testing suite
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Only Me
Assignee: Gabor Kovesdan
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2006-11-08 16:10 UTC by Jonathan
Modified: 2006-12-25 20:17 UTC (History)
0 users

See Also:

Attachments
pantera.shar (15.33 KB, text/plain)
2006-11-08 16:10 UTC, Jonathan 		no flags Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Jonathan 2006-11-08 16:10:26 UTC 
New penetration testing suite, based on security/spike-proxy.

At last, I sat down and coded something in sh that will help all those poor
"but we need to drop the scheme into the database" ports (off the top of my
head - ACID, which was replaces by BASE, and any number of PHP based CMS,
blog engines, etc).
Feel free to make this script prettyer. It is named pantera-install.sh .

pantera.sh, otoh, is a small hack, like in spike-proxy, that goes to the
pantera directory before running, or some of the "includes" will fail. If
you feel like fixing it in the code, go ahead.

I chose to depend on mysql51 arbitrarily. 5.0 is the documented requirement.
Works for me.

Fix: Sponsored by Afarsec.
How-To-Repeat: N/A
Comment 1 Michael Johnson freebsd_committer freebsd_triage 2006-11-08 20:29:07 UTC 
Responsible Changed
From-To: freebsd-ports-bugs->ahze

Grab
Comment 2 Michael Johnson freebsd_committer freebsd_triage 2006-11-26 20:15:44 UTC 
Responsible Changed
From-To: ahze->freebsd-ports-bugs

Turn over to freebsd-ports-bugs, I'm kinda busy right now sorry.
Comment 3 Gabor Kovesdan freebsd_committer freebsd_triage 2006-12-22 14:18:16 UTC 
Responsible Changed
From-To: freebsd-ports-bugs->gabor

Take.
Comment 4 dfilter service freebsd_committer freebsd_triage 2006-12-25 20:08:22 UTC 
gabor       2006-12-25 20:08:15 UTC

  FreeBSD ports repository

  Modified files:
    security             Makefile 
  Added files:
    security/pantera     Makefile distinfo pkg-descr pkg-plist 
    security/pantera/files pantera.sh.in pkg-message.in 
    security/pantera/scripts pantera-install.sh 
  Log:
  Overview:
  Pantera uses an improved version of SpikeProxy to provide a powerful web
  application analysis engine.
  
  Goals:
  The primary goal of Pantera is to combine automated capabilities with complete
  manual testing to get the best penetration testing results.
  
  WWW: http://www.owasp.org/index.php/Category:OWASP_Pantera_Web_Assessment_Studio_Project
  
  PR:             ports/105291
  Submitted by:   Yonatan <onatan at gmail.com>
  
  Revision  Changes    Path
  1.845     +1 -0      ports/security/Makefile
  1.1       +43 -0     ports/security/pantera/Makefile (new)
  1.1       +3 -0      ports/security/pantera/distinfo (new)
  1.1       +5 -0      ports/security/pantera/files/pantera.sh.in (new)
  1.1       +9 -0      ports/security/pantera/files/pkg-message.in (new)
  1.1       +9 -0      ports/security/pantera/pkg-descr (new)
  1.1       +277 -0    ports/security/pantera/pkg-plist (new)
  1.1       +101 -0    ports/security/pantera/scripts/pantera-install.sh (new)
_______________________________________________
cvs-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/cvs-all
To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
Comment 5 Gabor Kovesdan freebsd_committer freebsd_triage 2006-12-25 20:12:26 UTC 
State Changed
From-To: open->closed

Committed with changes: 
- Use SUB_FILES and SUB_LIST to process pantera.sh and pkg-message. You 
can use this method with any file, you just need to place the 
unedited version into the files subdirectory with a .in ending. 
This is done in the post-patch stage and you will find the processed files 
in WRKDIR. 
- This sort of dependency using with MySQL might create conflicts and 
doesn't allow the user to choose the desired version at all. You 
can solve this by using USE_MYSQL and MYSQL_VER. 

Thanks for your work on this port! 

Regards, 
Gabor Kovesdan