Generator for Shepherd Modules

modules/generators/structured_content/ss_modules/secgen_local/local.rb

@@ -0,0 +1,88 @@
+#!/usr/bin/ruby
+require_relative '../../../../../lib/objects/local_string_generator.rb'
+require 'fileutils'
+
+class SSModuleListGenerator < StringGenerator
+  attr_accessor :filter
+
+  LOCAL_DIR = File.expand_path('../../',__FILE__)
+  TEMPLATE_PATH = "#{LOCAL_DIR}/templates/active-modules"
+
+  def initialize
+    super
+    self.filter = ''
+  end
+
+  def run
+    read_arguments
+    self.outputs = []
+    modules = File.new(TEMPLATE_PATH)
+    if not self.filter.empty?
+      self.filter.split(',').each { |criteria|
+        IO.foreach(modules) { |line|
+          # Very basic filter to capture matches based on a filter string
+          if "#{line}".match(criteria)
+            self.outputs << "#{line}"
+          end
+        }
+      }
+    else
+      modules.each { |line| self.outputs << "#{line}"}
+    end
+    puts self.outputs
+  end
+
+  def read_arguments
+    if ARGV.size == 0
+      begin
+        args_array = []
+        ARGF.each do |arg|
+          arg.strip.split(' ').each do |split|
+            args_array << split
+          end
+        end
+        ARGV.unshift(*args_array)
+      rescue
+        # Do nothing...
+      end
+    end
+
+    opts = get_options
+
+    # process option arguments
+    opts.each do |opt, arg|
+      if opt == '--filter'
+        self.filter = arg
+      end
+    end
+  end
+
+  def get_options_array
+    super + [['--filter', GetoptLong::OPTIONAL_ARGUMENT]]
+  end
+
+  def process_options(opt, arg)
+    unless option_is_valid(opt)
+      Print.err "Argument not valid: #{arg}"
+      usage
+      exit
+    end
+
+    case opt
+      when '--filter'
+        usage
+    end
+  end
+
+  def usage
+    Print.err "Usage:
+   #{$0} [--options]
+
+   OPTIONS:
+     --filter [String]
+"
+    exit
+  end
+end
+
+SSModuleListGenerator.new.run

modules/generators/structured_content/ss_modules/secgen_metadata.xml

@@ -0,0 +1,22 @@
+<?xml version="1.0"?>
+
+<generator xmlns="http://www.github/cliffe/SecGen/generator"
+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    xsi:schemaLocation="http://www.github/cliffe/SecGen/generator">
+
+    <name>Filezilla Config File Generator</name>
+    <author>Jack Biggs</author>
+    <module_license>MIT</module_license>
+    <description>Creates a Filezilla config file which includes a host, a port and a password</description>
+
+    <type>string_generator</type>
+    <type>local_calculation</type>
+    <platform>linux</platform>
+
+    <read_fact>host</read_fact>
+    <read_fact>port</read_fact>
+    <read_fact>password</read_fact>
+
+    <output_type>config_file</output_type>
+
+</generator>

modules/generators/structured_content/ss_modules/templates/active-modules

@@ -0,0 +1,55 @@
+Broken Session Management
+Session Management Challenge 1
+Session Management Challenge 2
+Session Management Challenge 3
+Session Management Challenge 4
+Session Management Challenge 5
+Session Management Challenge 6
+Session Management Challenge 7
+Session Management Challenge 8
+Failure to Restrict URL Access
+Failure to Restrict URL Access 1
+Failure to Restrict URL Access 2
+Failure to Restrict URL Access 3
+Security Misconfiguration
+Security Misconfig Cookie Flag
+Unvalidated Redirects and Forwards
+Poor Data Validation
+Poor Data Validation 1
+Poor Data Validation 2
+Insecure Direct Object References
+Insecure Direct Object Reference Bank
+Insecure Direct Object Reference Challenge 1
+Insecure Direct Object Reference Challenge 2
+Cross Site Scripting
+Cross Site Scripting 1
+Cross Site Scripting 2
+Cross Site Scripting 3
+Cross Site Scripting 4
+Cross Site Scripting 5
+Cross Site Scripting 6
+SQL Injection
+SQL Injection 1
+SQL Injection 2
+SQL Injection 3
+SQL Injection 4
+SQL Injection 5
+SQL Injection 6
+SQL Injection 7
+SQL Injection Escaping
+SQL Injection Stored Procedure
+Cross Site Request Forgery
+CSRF 1
+CSRF 2
+CSRF 3
+CSRF 4
+CSRF 5
+CSRF 6
+CSRF 7
+CSRF JSON
+Insecure Cryptographic Storage
+Insecure Cryptographic Storage Challenge 1
+Insecure Cryptographic Storage Challenge 2
+Insecure Cryptographic Storage Challenge 3
+Insecure Cryptographic Storage Challenge 4
+Insecure Cryptographic Storage Home Made Key