def run(self, params={}):
resource_helper = ResourceHelper(self.connection.session, self.logger)
endpoint = endpoints.User.users(self.connection.console_url, params.get('user_id'))
self.logger.info("Using %s ..." % endpoint)
# Get the existing details so the specific role ID key can be modified
payload = resource_helper.resource_request(endpoint=endpoint)
# Delete keys not required for user update
del(payload['links'])
del(payload['role']['name'])
del(payload['role']['privileges'])
# Set role and permissions
payload['role']['id'] = params.get('role_id')
payload['role']['allAssetGroups'] = params.get('access_all_asset_groups')
payload['role']['allSites'] = params.get('access_all_sites')
# Validate/fix the user configuration
payload = resource_helper.validate_user(self.connection.console_url, payload)
# Modify the role if validated
response = resource_helper.resource_request(endpoint=endpoint, method='put', payload=payload)
return response
def run(self, params={}):
resource_helper = ResourceHelper(self.connection.session, self.logger)
name = params.get("name")
address = params.get("address")
endpoint = endpoints.ScanEngine.scan_engines(
self.connection.console_url)
engines = resource_helper.resource_request(endpoint=endpoint)
# Not paged for some reason...
engines = engines['resources']
# Process filters
if name == '':
name = None
if address == '':
address = None
if name:
regex = re.compile(name, re.IGNORECASE)
filtered_engines = []
for e in engines:
if regex.match(e['name']):
filtered_engines.append(e)
self.logger.info("Returning %d scan engines based on filters..." %
(len(filtered_engines)))
engines = filtered_engines
if address:
regex = re.compile(address, re.IGNORECASE)
filtered_engines = []
for e in engines:
if regex.match(e['address']):
filtered_engines.append(e)
self.logger.info("Returning %d scan engines based on filters..." %
(len(filtered_engines)))
engines = filtered_engines
# Remove the default engine pool if it's in the list...
for idx, e in enumerate(engines):
if e['name'] == 'Default Engine Pool':
del (engines[idx])
# Request engine pools separately because the API is broken atm
for e in engines:
endpoint = endpoints.ScanEngine.scan_engine_pools(
self.connection.console_url, e['id'])
scan_engine_pools_response = resource_helper.resource_request(
endpoint=endpoint)
pools = []
for pool in scan_engine_pools_response['resources']:
pools.append(pool['id'])
e['enginePools'] = pools
return {"scan_engines": engines}
def run(self, params={}):
resource_helper = ResourceHelper(self.connection.session, self.logger)
engine_id = params.get('id')
endpoint = endpoints.ScanEngine.scan_engines(self.connection.console_url, engine_id)
scan_engine_response = resource_helper.resource_request(endpoint=endpoint)
# Request engine pools separately because the API is broken atm
endpoint = endpoints.ScanEngine.scan_engine_pools(self.connection.console_url, engine_id)
scan_engine_pools_response = resource_helper.resource_request(endpoint=endpoint)
pools = []
for pool in scan_engine_pools_response['resources']:
pools.append(pool['id'])
scan_engine_response['enginePools'] = pools
return {"scan_engine": scan_engine_response}
def run(self, params={}):
resource_helper = ResourceHelper(self.connection.session, self.logger)
site_id = params.get('id')
state = params.get('active')
params = {"active": state}
#
# If a filter was provided, first get the site name because it's not provided
# in the results from the site scans endpoint and this action should be
# consistent even when the API is not.
#
if site_id:
endpoint = endpoints.Site.sites(self.connection.console_url,
site_id)
response = resource_helper.resource_request(endpoint)
site_name = response['name']
endpoint = endpoints.Scan.site_scans(self.connection.console_url,
site_id)
else:
site_name = None
endpoint = endpoints.Scan.scans(self.connection.console_url)
response = resource_helper.paged_resource_request(endpoint=endpoint,
params=params)
# Add the name and ID if necessary
if site_id:
for r in response:
r['siteId'] = site_id
r['siteName'] = site_name
return {"scans": response}
def run(self, params={}):
resource_helper = ResourceHelper(self.connection.session, self.logger)
cve_id = params.get('cve_id')
endpoint = endpoints.Vulnerability.vulnerability_checks(
self.connection.console_url)
self.logger.info(f"Using {endpoint}...")
params = {"search": cve_id}
results = resource_helper.paged_resource_request(endpoint=endpoint,
method='get',
params=params)
# Get unique vulnerability IDs
vuln_ids = set()
for r in results:
vuln_ids.add(r['vulnerability'])
self.logger.info(
f"Received {len(vuln_ids)} vulnerability IDs from search, getting details..."
)
# Get vulnerability details
vulns = []
for v in vuln_ids:
endpoint = endpoints.Vulnerability.vulnerability(
self.connection.console_url, v)
response = resource_helper.resource_request(endpoint=endpoint)
vulns.append(response)
return {"vulnerabilities": vulns}
def run(self, params={}):
resource_helper = ResourceHelper(self.connection.session, self.logger)
name = params.get("name")
endpoint = endpoints.ScanEnginePool.scan_engine_pools(self.connection.console_url)
engine_pools = resource_helper.resource_request(endpoint=endpoint)
# Not paged for some reason...
engine_pools = engine_pools['resources']
# Process filters
if name == '':
name = None
if name:
regex = re.compile(name, re.IGNORECASE)
filtered_engine_pools = []
for e in engine_pools:
if regex.match(e['name']):
filtered_engine_pools.append(e)
self.logger.info("Returning %d scan engine pools based on filters..." % (len(filtered_engine_pools)))
engine_pools = filtered_engine_pools
# Add an engines key to the default engine pool if it's in the list...
for e in engine_pools:
if e['name'] == 'Default Engine Pool':
e['engines'] = []
return {"scan_engine_pools": engine_pools}
def run(self, params={}):
resource_helper = ResourceHelper(self.connection.session, self.logger)
payload = {}
scope = {}
submit = {}
scope['id'] = params.get('scope')
scope['type'] = params.get('type')
if scope['type'] == 'Instance':
if params.get('key', '') != '':
scope['key'] = params.get('key')
if params.get('port', 0) != 0:
scope['port'] = params.get('port')
scope['vulnerability'] = params.get('vulnerability')
submit['reason'] = params.get('reason', 'Other')
submit['comment'] = params.get('comment',
'Created with InsightConnect')
payload['scope'] = scope
payload['submit'] = submit
payload['expires'] = params.get('expiration', '')
if payload['expires'] == '':
payload.pop('expires', None)
payload['state'] = 'Under Review'
endpoint = endpoints.VulnerabilityException.vulnerability_exceptions(
self.connection.console_url)
response = resource_helper.resource_request(endpoint=endpoint,
method='post',
payload=payload)
return response
def run(self, params={}):
resource_helper = ResourceHelper(self.connection.session, self.logger)
tag_id = params.get("id")
endpoint = endpoints.Tag.tags(self.connection.console_url, tag_id)
self.logger.info("Using %s ..." % endpoint)
tag = resource_helper.resource_request(endpoint)
return {"tag": tag}
def run(self, params={}):
resource_helper = ResourceHelper(self.connection.session, self.logger)
scan_id = params.get('id')
status = params.get('status')
endpoint = endpoints.Scan.scan_status(self.connection.console_url, scan_id, status)
response = resource_helper.resource_request(endpoint=endpoint, method='post')
return response
def run(self, params={}):
resource_helper = ResourceHelper(self.connection.session, self.logger)
site_id = params.get("id")
endpoint = endpoints.Site.sites(self.connection.console_url, site_id)
self.logger.info("Using %s ..." % endpoint)
site = resource_helper.resource_request(endpoint)
return {"site": site}
def run(self, params={}):
resource_helper = ResourceHelper(self.connection.session, self.logger)
tag_id = params.get("id")
endpoint = endpoints.Tag.tag_asset_groups(self.connection.console_url, tag_id)
self.logger.info("Using %s ..." % endpoint)
response = resource_helper.resource_request(endpoint=endpoint, method='delete')
return response
def run(self, params={}):
resource_helper = ResourceHelper(self.connection.session, self.logger)
site_id = params.get("site_id")
endpoint = endpoints.Scan.site_scans(self.connection.console_url,
site_id)
self.logger.info("Using %s ..." % endpoint)
response = resource_helper.resource_request(endpoint=endpoint, method='post')
return response
def run(self, params={}):
resource_helper = ResourceHelper(self.connection.session, self.logger)
asset_group_id = params.get("id")
endpoint = endpoints.AssetGroup.asset_groups(
self.connection.console_url, asset_group_id)
self.logger.info("Using %s ..." % endpoint)
asset_group = resource_helper.resource_request(endpoint)
return {"asset_group": asset_group}
def run(self, params={}):
resource_helper = ResourceHelper(self.connection.session, self.logger)
endpoint = endpoints.User.user_sites(self.connection.console_url,
params.get('user_id'), params.get('site_id'))
self.logger.info("Using %s ..." % endpoint)
response = resource_helper.resource_request(endpoint=endpoint, method='put')
return response
def run(self, params={}):
resource_helper = ResourceHelper(self.connection.session, self.logger)
id = params.get('id')
endpoint = endpoints.Vulnerability.vulnerability(
self.connection.console_url, id)
self.logger.info(f"Using {endpoint}...")
response = resource_helper.resource_request(endpoint=endpoint)
return {"vulnerability": response}
def run(self, params={}):
resource_helper = ResourceHelper(self.connection.session, self.logger)
endpoint = endpoints.AuthenticationSource.authentication_sources(
self.connection.console_url, params.get('id'))
self.logger.info("Using %s ..." % endpoint)
response = resource_helper.resource_request(endpoint=endpoint)
return {"authentication_source": response}
def run(self, params={}):
resource_helper = ResourceHelper(self.connection.session, self.logger)
self.logger.info(f"Deleting site ID {params.get(Input.ID)}")
endpoint = endpoints.Site.sites(self.connection.console_url, params.get(Input.ID))
response = resource_helper.resource_request(endpoint=endpoint,
method='delete')
return response
def run(self, params={}):
resource_helper = ResourceHelper(self.connection.session, self.logger)
endpoint = endpoints.User.users(self.connection.console_url,
params.get('id'))
self.logger.info("Using %s ..." % endpoint)
response = resource_helper.resource_request(endpoint)
return {"user": response}
def run(self, params={}):
resource_helper = ResourceHelper(self.connection.session, self.logger)
endpoint = endpoints.ScanEnginePool.scan_engine_pools(
self.connection.console_url, params['id'])
response = resource_helper.resource_request(endpoint=endpoint,
method='delete')
return response
def run(self, params={}):
resource_helper = ResourceHelper(self.connection.session, self.logger)
asset_id = params.get(Input.ID)
endpoint = endpoints.Asset.assets(self.connection.console_url,
asset_id)
self.logger.info("Using %s ..." % endpoint)
asset = resource_helper.resource_request(endpoint)
return {Output.ASSET: asset}
def run(self, params={}):
resource_helper = ResourceHelper(self.connection.session, self.logger)
endpoint = endpoints.User.user_asset_groups(self.connection.console_url, params.get('user_id'))
payload = params.get('asset_group_ids')
self.logger.info("Using %s ..." % endpoint)
response = resource_helper.resource_request(endpoint=endpoint, method='put', payload=payload)
return response
def run(self, params={}):
resource_helper = ResourceHelper(self.connection.session, self.logger)
id_ = params['exception_id']
endpoint = endpoints.VulnerabilityException.vulnerability_exception(
self.connection.console_url, id_)
response = resource_helper.resource_request(endpoint=endpoint,
method='delete')
return response
def run(self, params={}):
resource_helper = ResourceHelper(self.connection.session, self.logger)
tag_id = params.get('id')
self.logger.info("Deleting tag ID %d" % tag_id)
endpoint = endpoints.Tag.tags(self.connection.console_url, tag_id)
response = resource_helper.resource_request(endpoint=endpoint,
method='delete')
return response
def run(self, params={}):
scope = params.get(Input.INCLUDED_TARGETS)
resource_helper = ResourceHelper(self.connection.session, self.logger)
endpoint = endpoints.Site.site_included_targets(
self.connection.console_url, params.get(Input.ID))
# Pull current site scope in order to append to list instead of overwriting
if not params.get(Input.OVERWRITE):
current_scope = resource_helper.resource_request(endpoint=endpoint,
method='get')
self.logger.info(f"Appending to current list of included targets")
scope.extend(current_scope['addresses'])
self.logger.info(f"Using {endpoint} ...")
response = resource_helper.resource_request(endpoint=endpoint,
method='put',
payload=scope)
return {"id": params.get(Input.ID), "links": response['links']}
def run(self, params={}):
resource_helper = ResourceHelper(self.connection.session, self.logger)
engine_pool_id = params.get('id')
endpoint = endpoints.ScanEnginePool.scan_engine_pools(
self.connection.console_url, engine_pool_id)
response = resource_helper.resource_request(endpoint=endpoint)
# Add the engines key if it is the Default Engine Pool
if response['name'] == 'Default Engine Pool':
response['engines'] = []
return {"scan_engine_pool": response}
def run(self, params={}):
resource_helper = ResourceHelper(self.connection.session, self.logger)
asset_id = params.get(Input.ASSET_ID)
endpoint = endpoints.Asset.asset_software(self.connection.console_url,
asset_id)
self.logger.info("Using %s ..." % endpoint)
software = resource_helper.resource_request(endpoint=endpoint)
return {Output.SOFTWARE: software['resources']}
def run(self, params={}):
resource_helper = ResourceHelper(self.connection.session, self.logger)
tag_id = params.get("id")
endpoint = endpoints.Tag.tag_asset_groups(self.connection.console_url, tag_id)
self.logger.info("Using %s ..." % endpoint)
response = resource_helper.resource_request(endpoint=endpoint)
if 'resources' in response:
return {"asset_group_ids": response['resources']}
else:
return {"asset_group_ids": []}
def run(self, params={}):
resource_helper = ResourceHelper(self.connection.session, self.logger)
asset_group_id = params.get("asset_group_id")
tag_id = params.get("tag_id")
endpoint = endpoints.AssetGroup.asset_group_tags(
self.connection.console_url, asset_group_id, tag_id)
self.logger.info("Using %s ..." % endpoint)
response = resource_helper.resource_request(endpoint=endpoint,
method='put')
return response
def run(self, params={}):
resource_helper = ResourceHelper(self.connection.session, self.logger)
endpoint = endpoints.User.users(self.connection.console_url,
params.get('id'))
self.logger.info("Using %s ..." % endpoint)
# Get the existing details so the specific key can be modified
payload = resource_helper.resource_request(endpoint=endpoint)
# Delete keys not required for user update
del (payload['links'])
del (payload['role']['name'])
del (payload['role']['privileges'])
# Set status
payload['enabled'] = True
response = resource_helper.resource_request(endpoint=endpoint,
method='put',
payload=payload)
return response
def run(self, params={}):
resource_helper = ResourceHelper(self.connection.session, self.logger)
asset_group_id = params.get("id")
search_criteria = params.get("searchCriteria")
endpoint = endpoints.AssetGroup.asset_group_search_criteria(
self.connection.console_url, asset_group_id)
self.logger.info("Using %s ..." % endpoint)
response = resource_helper.resource_request(endpoint=endpoint,
method='put',
payload=search_criteria)
return response