Glue is a framework for running a series of tools. Generally, it is intended as a backbone for automating a security analysis pipeline of tools.
There are several ways to control which tools you want to run when one invokes Glue. The first is “Stages”. Stages in glue just group certain tasks that are related. They are:
+ File – File system (av, fim)
+ Code – Source code (brakeman)
+ Live – To run against a live system (ZAP)
When invoking glue, we can control what runs by specifying stages (labels) or by specifying specific tasks.
glue v0.9.3 – Application Security Automation.
Dependencies:
* clamav
* hashdeep
* rm (*nix)
* git
* mount (*nix)
* docker
Latest Changelog v0.9.3 15/1/2017:
* Add error handling. Testing docker image.
v0.9.2
* Add Bandit
v0.9.1
* Clean up directories for java tooling.
Usage and install:
apt-get update && apt-get install -y git-core sudo curl zlib1g-dev build-essential libssl-dev libreadline-dev libyaml-dev libsqlite3-dev sqlite3 libxml2-dev libxslt1-dev libffi-dev libgdbm-dev libncurses5-dev automake libtool bison libffi-dev gnupg patch gawk g++ gcc make libc6-dev libcurl3-dev autoconf libtool ncurses-dev zlib1g libreadline6-dev libreadline6 openssl libcurl4-openssl-dev libgmp-dev clamav md5deep nodejs npm default-jre unzip python python-pip git clone https://github.com/owasp/glue cd glue -- RVM will set to 2.3.1 with Gemset Glue gem install bundler bundle install Running in Development cd lib ../bin/glue -h
Source: https://github.com/owasp