gauntlt is a framework for behaviour-driven security.
The gauntlt project is under active development and is not ready for production use but we are looking for community feedback and involvement on the project. Please file issues via github and follow the project on twitter: @gauntlt.
Before you start, please note that gauntlt is tested regularly against ruby 1.9.3. We don't test againt older versions of ruby. Keep in mind that you run gauntlt separately from the application it targets, so it does not matter whether the targeted application uses ruby.
Clone the git repo
$ git clone email@example.com:thegauntlet/gauntlt.git $ cd gauntlt
$ gem install bundler
Note, you may see errors in bundle related to the curb gem. It is looking for curl dependencies. In ubuntu you can do a sudo apt-get install libcurl4-openssl-dev
Run a specific gauntlt attack
# general format $ bin/gauntlt attack --name <attack_name> --host <hostname> # for example, run the nmap test on yahoo (-n & -H are equivalent to --name & --host) $ bin/gauntlt attack -n nmap -H yahoo.com # list defined tests $ bin/gauntlt attack --list # get help $ bin/gauntlt help
We are adding different features into gauntlt rignt now. Please submit issues via github and tag them as enhancements. The core team meets weekly and will divide out the enhancement requests into our monthly releases.
Below are some tools we are targeting but don't let that stop you from adding your favorite hacking tool.
curl w3af sqlmap arachni
ADD A MODULE
See the wiki on how to add a module into gauntlt. We would love your contributions.
gauntlt is licensed under The MIT License. See the LICENSE file in the repo or visit gauntlt.mit-license.org for details.