Glue is a framework for running a series of tools. Generally, it is intended as a backbone for automating a security analysis pipeline of tools.
There are several ways to control which tools you want to run when one invokes Glue. The first is “Stages”. Stages in glue just group certain tasks that are related. They are:
+ File – File system (av, fim)
+ Code – Source code (brakeman)
+ Live – To run against a live system (ZAP)
When invoking glue, we can control what runs by specifying stages (labels) or by specifying specific tasks.
* rm (*nix)
* mount (*nix)
Latest Changelog v0.9.3 15/1/2017:
* Add error handling. Testing docker image.
* Add Bandit
* Clean up directories for java tooling.
Usage and install:
apt-get update && apt-get install -y git-core sudo curl zlib1g-dev build-essential libssl-dev libreadline-dev libyaml-dev libsqlite3-dev sqlite3 libxml2-dev libxslt1-dev libffi-dev libgdbm-dev libncurses5-dev automake libtool bison libffi-dev gnupg patch gawk g++ gcc make libc6-dev libcurl3-dev autoconf libtool ncurses-dev zlib1g libreadline6-dev libreadline6 openssl libcurl4-openssl-dev libgmp-dev clamav md5deep nodejs npm default-jre unzip python python-pip
git clone https://github.com/owasp/glue
cd glue -- RVM will set to 2.3.1 with Gemset Glue
gem install bundler
Running in Development