Skip to content
Security Testing Tool
Python
Find file
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.
.gitignore
README.md
config.txt
corechecks.py
djangochecks.py
garmr.py
reporter.py
scanner.py

README.md

I NO LONG MAINTAIN THIS. Please follow Yvan's Fork

Garmr

Garmr is a tool to inspect the responses from websites for basic security requirements.

Garmr includes a set of core test cases implemented in corechecks that are derived from the Secure Coding Guidelines that can be found at [https://wiki.mozilla.org/WebAppSec/Secure_Coding_Guidelines]

Installation

This version of Garmr :

Usage

usage: garmr.py [-h] [-u TARGETS] [-m MODULES] [-f TARGET_FILES] [-p] [-d]

optional arguments: -h, --help show this help message and exit -u TARGETS, --url TARGETS add a target to test -m MODULES, --module MODULES load a test suite -f TARGET_FILES, --file TARGET_FILES File with urls to test -p, --force-passive Force passives to be run for each active test -d, --dns Skip DNS resolution when registering a target.

Tasks

  • Implement sequences (i.e. a series of ActiveTests that once invoked, maintains a cookie jar until the list of URLs is exhausted)
  • Implement a proper detailed reporter; currently a range of data is accumulated, but never reported.
  • Implement more checks
Something went wrong with that request. Please try again.