Permalink
Browse files

Added some writing on README

  • Loading branch information...
1 parent ece2637 commit 20985c2cb1ffe15be89a976aa25fa4d13159c6ce @thesp0nge committed May 16, 2013
Showing with 34 additions and 59 deletions.
  1. +1 −0 .ruby-gemset
  2. +1 −0 .ruby-version
  3. +0 −48 .rvmrc
  4. +32 −11 README.md
View
@@ -0,0 +1 @@
+codesake
View
@@ -0,0 +1 @@
+ruby-1.9.3-p429
View
48 .rvmrc
@@ -1,48 +0,0 @@
-#!/usr/bin/env bash
-
-# This is an RVM Project .rvmrc file, used to automatically load the ruby
-# development environment upon cd'ing into the directory
-
-# First we specify our desired <ruby>[@<gemset>], the @gemset name is optional,
-# Only full ruby name is supported here, for short names use:
-# echo "rvm use 1.9.3" > .rvmrc
-environment_id="ruby-1.9.3-p194@codesake"
-
-# Uncomment the following lines if you want to verify rvm version per project
-# rvmrc_rvm_version="1.16.10 (stable)" # 1.10.1 seams as a safe start
-# eval "$(echo ${rvm_version}.${rvmrc_rvm_version} | awk -F. '{print "[[ "$1*65536+$2*256+$3" -ge "$4*65536+$5*256+$6" ]]"}' )" || {
-# echo "This .rvmrc file requires at least RVM ${rvmrc_rvm_version}, aborting loading."
-# return 1
-# }
-
-# First we attempt to load the desired environment directly from the environment
-# file. This is very fast and efficient compared to running through the entire
-# CLI and selector. If you want feedback on which environment was used then
-# insert the word 'use' after --create as this triggers verbose mode.
-if [[ -d "${rvm_path:-$HOME/.rvm}/environments"
- && -s "${rvm_path:-$HOME/.rvm}/environments/$environment_id" ]]
-then
- \. "${rvm_path:-$HOME/.rvm}/environments/$environment_id"
- [[ -s "${rvm_path:-$HOME/.rvm}/hooks/after_use" ]] &&
- \. "${rvm_path:-$HOME/.rvm}/hooks/after_use" || true
-else
- # If the environment file has not yet been created, use the RVM CLI to select.
- rvm --create "$environment_id" || {
- echo "Failed to create RVM environment '${environment_id}'."
- return 1
- }
-fi
-
-# If you use bundler, this might be useful to you:
-# if [[ -s Gemfile ]] && {
-# ! builtin command -v bundle >/dev/null ||
-# builtin command -v bundle | GREP_OPTIONS= \grep $rvm_path/bin/bundle >/dev/null
-# }
-# then
-# printf "%b" "The rubygem 'bundler' is not installed. Installing it now.\n"
-# gem install bundler
-# fi
-# if [[ -s Gemfile ]] && builtin command -v bundle >/dev/null
-# then
-# bundle install | GREP_OPTIONS= \grep -vE '^Using|Your bundle is complete'
-# fi
View
@@ -8,7 +8,9 @@ frameworks.
## Useful links
www: [http://codesake.com](http://codesake.com)
+
twitter: [https://twitter.com/codesake](https://twitter.com/codesake) #dawn hashtag
+
github: [https://github.com/codesake/codesake\_dawn](https://github.com/codesake/codesake\_dawn)
## Installation
@@ -55,13 +57,36 @@ $ dawn [options] target
The options you can specify tell down the MVC used in your application and some
triggers you may want to be active during the scan.
+### Scanning a Sinatra web application
+
+dawn will scan application stored in hello_world directory which is a Sinatra application
+
+```
+$ dawn -s hello_world
+```
+
+### Scanning a Ruby on Rails web application
+
+dawn will scan application stored in hello_world directory which is a Ruby on Rails application
+
+```
+$ dawn -r hello_world
+```
+
+### Scanning a Padrino web application
+
+dawn will scan application stored in hello_world directory which is a Padrino application
+
```
-$ dawn -s hello_world #=> dawn will scan application stored in hello_world directory which is a Sinatra application
-$ dawn -r hello_world #=> dawn will scan application stored in hello_world directory which is a Ruby on Rails application
-$ dawn -p hello_world #=> dawn will scan application stored in hello_world directory which is a Padrino application
+$ dawn -p hello_world
```
-In output, dawn will put all security checks that are failed during the scan. In example, this is the output of a scan performed over a very simple Sinatra application:
+### As output you get
+
+As output, dawn will put all security checks that are failed during the scan.
+In example, this is the output of a scan performed over a very simple Sinatra
+application:
+
```
$ bundle exec bin/dawn -s target
@@ -78,6 +103,8 @@ $ bundle exec bin/dawn -s target
08:09:11 [!] Vulnerable crack gem version found: 0.3.1
[*] dawn is shutting down at 08:09:11
```
+
+
You can also dump all security checks in the knowledge base by using the -k
flag:
@@ -88,6 +115,7 @@ $ dawn -k|--list-knowledge-base
## Thanks to
[saten](https://github.com/saten): first issue posted about a typo in the README
+
[presidentbeef](https://githbu.com/presidentbeef): for his outstanding work that inspired me creating dawn
## LICENSE
@@ -115,10 +143,3 @@ LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
-## Contributing
-
-1. Fork it
-2. Create your feature branch (`git checkout -b my-new-feature`)
-3. Commit your changes (`git commit -am 'Add some feature'`)
-4. Push to the branch (`git push origin my-new-feature`)
-5. Create new Pull Request

0 comments on commit 20985c2

Please sign in to comment.