README.rdoc in tarantula-0.0.5 vs README.rdoc in tarantula-0.0.8.1

@@ -2,18 +2,10 @@
 
 == DESCRIPTION
 
 Tarantula is a big fuzzy spider. It crawls your Rails application, fuzzing data to see what breaks.
 
-== Dependencies
-
-htmlentities
-hpricot
-facets >= 2.4.3
-actionpack
-activesupport
-
 == Usage
 
    #!sh
    rake tarantula:setup
 
@@ -22,12 +14,10 @@
    require 'relevance/tarantula'
 
    # in your test
    def test_with_login
        post '/sessions/create', :password => 'your-pass'
-       assert_response :redirect
-       assert_redirected_to '/'
        follow_redirect!
        tarantula_crawl(self)
    end
 
 If you want to set custom options, you can get access to the crawler and set properties before running it. For example, this would turn on HTMLTidy.
@@ -42,13 +32,13 @@
        t.crawl '/'
    end
 
 Assuming your project is at /work/project/:
 
-         #!sh
-         cd /work/project
-         rake tarantula:test
+   #!sh
+   cd /work/project
+   rake tarantula:test
 
 == Verbose Mode
 
 If you run the test you will get a report in tmp/tarantula. You can also set VERBOSE=true to see more detail as the test runs.
 
@@ -60,47 +50,67 @@
 tell Tarantula to allow 404s for URLs matching a regexp:
 
      t = tarantula_crawler(self)
      t.allow_404_for %r{/users/\d+/}
 
+== Custom Attack Handlers
+
+You can specify the attack strings that Tarantula throws at your application.
+
+    def test_tarantula
+      t = tarantula_crawler(self)
+
+      Relevance::Tarantula::AttackFormSubmission.attacks << { 
+        :name => :xss,
+        :input => "<script>gotcha!</script>",
+        :output => "<script>gotcha!</script>",
+      }
+
+      Relevance::Tarantula::AttackFormSubmission.attacks << { 
+        :name => :sql_injection,
+        :input => "a'; DROP TABLE posts;",
+      }
+
+      t.handlers << Relevance::Tarantula::AttackHandler.new
+      t.fuzzers << Relevance::Tarantula::AttackFormSubmission
+      t.times_to_crawl = 2
+      t.crawl "/posts"
+    end
+
+This example adds custom attacks for both SQL injection and XSS.  It also tells tarantula to crawl the app 2 times.  This
+is important for XSS attacks because the results won't appear until the second time tarantula performs the crawl.
+
 == Install
 
+See the rakefile for dependencies, or just let Rubygems handle it.
+
 The latest and greatest gem will always be available from Github:
 
     gem install relevance-tarantula --source http://gems.github.com
 
-You can also grab it from Rubyforge, where we will push stable releases but may not be as bleeding edge as the Github gem.
+To setup tarantula in your application add the following line into either config/environment.rb or config/environments/test.rb (preferred).
+This assumes that you have Rails 2.1 or higher installed.
 
-		gem install tarantula
+    config.gem 'relevance-tarantula', :source => "http://gems.github.com", :lib => 'relevance/tarantula'
 
-== Bugs/Requests
+Since rails doesn't (yet) support loading rake tasks that live inside gems you will need to update your Rakefile.  This assumes that you have vendored tarantula.  Simply run
+	
+	cd vendor/gems
+    gem unpack relevance-tarantula
 
-Please submit your bug reports, patches or feature requests as a ticket under the component "tarantula" on our Trac instance here: 
+You can then add the following line into your Rakefile, substituting the proper version of relevance-tarantula in the path.
 
-http://opensource.thinkrelevance.com/
+    load File.join(RAILS_ROOT, "vendor/gems/relevance-tarantula-0.0.8.1/tasks/tarantula_tasks.rake")
 
-You'll have to create an account (Sorry!  Otherwise we'd get way too much spam).
+You can also grab it from Rubyforge, where we will push stable releases but may not be as bleeding edge as the Github gem.
 
-== License and Copyright
+    gem install tarantula
 
-(The MIT License)
+== Bugs/Requests
 
-Copyright (c) 2008 Relevance, Inc. - http://thinkrelevance.com
+Please submit your bug reports, patches or feature requests at Lighthouse:
 
-Permission is hereby granted, free of charge, to any person obtaining
-a copy of this software and associated documentation files (the
-'Software'), to deal in the Software without restriction, including
-without limitation the rights to use, copy, modify, merge, publish,
-distribute, sublicense, and/or sell copies of the Software, and to
-permit persons to whom the Software is furnished to do so, subject to
-the following conditions:
+http://relevance.lighthouseapp.com/projects/17868-tarantula/overview
 
-The above copyright notice and this permission notice shall be
-included in all copies or substantial portions of the Software.
+== License
 
-THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND,
-EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
-IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
-CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
-TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
-SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
\ No newline at end of file
+Tarantula is released under the MIT license.