Python OssIndexDevauditParser Exemples, dojo.tools.ossindex_devaudit.parser.OssIndexDevauditParser Python Exemples

Exemple #1

0

Afficher le fichier

 def test_ossindex_devaudit_parser_with_no_cve_returns_info_severity(self):
     testfile = open(
         "dojo/unittests/scans/ossindex_devaudit_sample/ossindex_devaudit_vuln_no_cvssscore.json"
     )
     parser = OssIndexDevauditParser()
     findings = parser.get_findings(testfile, Test())
     testfile.close()
     self.assertTrue(len(findings) == 1)

Exemple #2

0

Afficher le fichier

 def test_ossindex_devaudit_parser_with_no_vulns_has_no_findings(self):
     testfile = open(
         "dojo/unittests/scans/ossindex_devaudit_sample/ossindex_devaudit_no_vuln.json"
     )
     parser = OssIndexDevauditParser()
     findings = parser.get_findings(testfile, Test())
     testfile.close()
     self.assertEqual(0, len(findings))

Exemple #3

0

Afficher le fichier

 def test_ossindex_devaudit_parser_with_multiple_vulns_has_multiple_finding(self):
     testfile = open(
         "dojo/unittests/scans/ossindex_devaudit_sample/ossindex_devaudit_multiple_vulns.json"
     )
     parser = OssIndexDevauditParser()
     findings = parser.get_findings(testfile, Test())
     testfile.close()
     self.assertTrue(len(findings) > 1)

Exemple #4

0

Afficher le fichier

 def test_ossindex_devaudit_parser_with_one_critical_vuln_has_one_finding(
         self):
     testfile = open(
         get_unit_tests_path() +
         "/scans/ossindex_devaudit_sample/ossindex_devaudit_one_vuln.json")
     parser = OssIndexDevauditParser()
     findings = parser.get_findings(testfile, Test())
     testfile.close()
     self.assertEqual(1, len(findings))

Exemple #5

0

Afficher le fichier

 def test_ossindex_devaudit_parser_with_null_cwe_shows_1035(self):
     testfile = open(
         "dojo/unittests/scans/ossindex_devaudit_sample/ossindex_devaudit_null_cwe.json"
     )
     parser = OssIndexDevauditParser()
     findings = parser.get_findings(testfile, Test())
     testfile.close()
     if len(findings) > 0:
         for item in findings:
             self.assertTrue(item.cwe == 1035)

Exemple #6

0

Afficher le fichier

 def test_ossindex_devaudit_parser_with_missing_reference_shows_empty(self):
     testfile = open(
         "dojo/unittests/scans/ossindex_devaudit_sample/ossindex_devaudit_missing_reference.json"
     )
     parser = OssIndexDevauditParser()
     findings = parser.get_findings(testfile, Test())
     testfile.close()
     if len(findings) > 0:
         for item in findings:
             self.assertTrue(item.references == "")

Exemple #7

0

Afficher le fichier

 def test_ossindex_devaudit_parser_get_severity_shows_low(self):
     testfile = open(
         "dojo/unittests/scans/ossindex_devaudit_sample/ossindex_devaudit_severity_low.json"
     )
     parser = OssIndexDevauditParser()
     findings = parser.get_findings(testfile, Test())
     testfile.close()
     if len(findings) > 0:
         for item in findings:
             self.assertTrue(item.severity == "Low")

Exemple #8

0

Afficher le fichier

    def test_ossindex_devaudit_parser_with_reference_shows_reference(self):
        testfile = open(
            get_unit_tests_path() +
            "/scans/ossindex_devaudit_sample/ossindex_devaudit_one_vuln.json")
        parser = OssIndexDevauditParser()
        findings = parser.get_findings(testfile, Test())
        testfile.close()

        if len(findings) > 0:
            for item in findings:
                self.assertTrue(item.references != "")

Exemple #9

0

Afficher le fichier

 def test_ossindex_devaudit_parser_get_severity_shows_medium(self):
     testfile = open(
         get_unit_tests_path() +
         "/scans/ossindex_devaudit_sample/ossindex_devaudit_severity_medium.json"
     )
     parser = OssIndexDevauditParser()
     findings = parser.get_findings(testfile, Test())
     testfile.close()
     if len(findings) > 0:
         for item in findings:
             self.assertTrue(item.severity == "Medium")

Exemple #10

0

Afficher le fichier

 def test_ossindex_devaudit_parser_with_one_critical_vuln_has_one_finding(
         self):
     testfile = open(
         "dojo/unittests/scans/ossindex_devaudit_sample/ossindex_devaudit_one_vuln.json"
     )
     parser = OssIndexDevauditParser(testfile, Test())
     testfile.close()
     self.assertEqual(1, len(parser.items))

Exemple #11

0

Afficher le fichier

 def test_ossindex_devaudit_parser_with_empty_cwe_shows_1035(self):
     testfile = open(
         "dojo/unittests/scans/ossindex_devaudit_sample/ossindex_devaudit_empty_cwe.json"
     )
     parser = OssIndexDevauditParser(testfile, Test())
     testfile.close()
     if len(parser.items) > 0:
         for item in parser.items:
             self.assertTrue(item.cwe == 1035)

Exemple #12

0

Afficher le fichier

 def test_ossindex_devaudit_parser_get_severity_shows_medium(self):
     testfile = open(
         "dojo/unittests/scans/ossindex_devaudit_sample/ossindex_devaudit_severity_medium.json"
     )
     parser = OssIndexDevauditParser(testfile, Test())
     testfile.close()
     if len(parser.items) > 0:
         for item in parser.items:
             self.assertTrue(item.severity == "Medium")

Exemple #13

0

Afficher le fichier

    def test_ossindex_devaudit_parser_with_reference_shows_reference(self):
        testfile = open(
            "dojo/unittests/scans/ossindex_devaudit_sample/ossindex_devaudit_one_vuln.json"
        )
        parser = OssIndexDevauditParser(testfile, Test())
        testfile.close()

        if len(parser.items) > 0:
            for item in parser.items:
                self.assertTrue(item.references != "")

Exemple #14

0

Afficher le fichier

 def test_ossindex_devaudit_parser_without_file_has_no_findings(self):
     parser = OssIndexDevauditParser(None, Test())
     self.assertEqual(0, len(parser.items))

Exemple #15

0

Afficher le fichier

Fichier : factory.py Projet : sandeshreads/dojotest

def import_parser_factory(file, test, active, verified, scan_type=None):
    if scan_type is None:
        scan_type = test.test_type.name
    if scan_type == "Burp Scan":
        parser = BurpXmlParser(file, test)
    elif scan_type == "Burp Enterprise Scan":
        parser = BurpEnterpriseHtmlParser(file, test)
    elif scan_type == "Burp REST API":
        parser = BurpApiParser(file, test)
    elif scan_type == "Nessus Scan":
        filename = file.name.lower()
        if filename.endswith("csv"):
            parser = NessusCSVParser(file, test)
        elif filename.endswith("xml") or filename.endswith("nessus"):
            parser = NessusXMLParser(file, test)
    elif scan_type == "Clair Scan":
        parser = ClairParser(file, test)
    elif scan_type == "Nmap Scan":
        parser = NmapXMLParser(file, test)
    elif scan_type == "Nikto Scan":
        parser = NiktoXMLParser(file, test)
    elif scan_type == "Nexpose Scan":
        parser = NexposeFullXmlParser(file, test)
    elif scan_type == "Veracode Scan":
        parser = VeracodeXMLParser(file, test)
    elif scan_type == "Checkmarx Scan":
        parser = CheckmarxXMLParser(file, test)
    elif scan_type == "Checkmarx Scan detailed":
        parser = CheckmarxXMLParser(file, test, 'detailed')
    elif scan_type == "Contrast Scan":
        parser = ContrastCSVParser(file, test)
    elif scan_type == "Crashtest Security JSON File":
        parser = CrashtestSecurityJsonParser(file, test)
    elif scan_type == "Crashtest Security XML File":
        parser = CrashtestSecurityXmlParser(file, test)
    elif scan_type == "Bandit Scan":
        parser = BanditParser(file, test)
    elif scan_type == "ESLint Scan":
        parser = ESLintParser(file, test)
    elif scan_type == "ZAP Scan":
        parser = ZapXmlParser(file, test)
    elif scan_type == "AppSpider Scan":
        parser = AppSpiderXMLParser(file, test)
    elif scan_type == "Arachni Scan":
        parser = ArachniJSONParser(file, test)
    elif scan_type == 'VCG Scan':
        parser = VCGParser(file, test)
    elif scan_type == 'Dependency Check Scan':
        parser = DependencyCheckParser(file, test)
    elif scan_type == 'Dependency Track Finding Packaging Format (FPF) Export':
        parser = DependencyTrackParser(file, test)
    elif scan_type == 'Retire.js Scan':
        parser = RetireJsParser(file, test)
    elif scan_type == 'Node Security Platform Scan':
        parser = NspParser(file, test)
    elif scan_type == 'NPM Audit Scan':
        parser = NpmAuditParser(file, test)
    elif scan_type == 'PHP Symfony Security Check':
        parser = PhpSymfonySecurityCheckParser(file, test)
    elif scan_type == 'Generic Findings Import':
        parser = GenericFindingUploadCsvParser(file, test, active, verified)
    elif scan_type == 'Qualys Scan':
        parser = QualysParser(file, test)
    elif scan_type == 'Qualys Infrastructure Scan (WebGUI XML)':
        parser = QualysInfraScanParser(file, test)
    elif scan_type == 'Qualys Webapp Scan':
        parser = QualysWebAppParser(file, test)
    elif scan_type == "OpenVAS CSV":
        parser = OpenVASUploadCsvParser(file, test)
    elif scan_type == 'Snyk Scan':
        parser = SnykParser(file, test)
    elif scan_type == 'SKF Scan':
        parser = SKFCsvParser(file, test)
    elif scan_type == 'SSL Labs Scan':
        parser = SSLlabsParser(file, test)
    elif scan_type == 'Trufflehog Scan':
        parser = TruffleHogJSONParser(file, test)
    elif scan_type == 'Clair Klar Scan':
        parser = ClairKlarParser(file, test)
    elif scan_type == 'Gosec Scanner':
        parser = GosecScannerParser(file, test)
    elif scan_type == 'Trustwave Scan (CSV)':
        parser = TrustwaveUploadCsvParser(file, test)
    elif scan_type == 'Netsparker Scan':
        parser = NetsparkerParser(file, test)
    elif scan_type == 'PHP Security Audit v2':
        parser = PhpSecurityAuditV2(file, test)
    elif scan_type == 'Acunetix Scan':
        parser = AcunetixScannerParser(file, test)
    elif scan_type == 'Fortify Scan':
        parser = FortifyXMLParser(file, test)
    elif scan_type == 'SonarQube Scan':
        parser = SonarQubeHtmlParser(file, test)
    elif scan_type == 'SonarQube Scan detailed':
        parser = SonarQubeHtmlParser(file, test, 'detailed')
    elif scan_type == SCAN_SONARQUBE_API:
        parser = SonarQubeApiImporter(test)
    elif scan_type == 'MobSF Scan':
        parser = MobSFParser(file, test)
    elif scan_type == 'AWS Scout2 Scan':
        parser = AWSScout2Parser(file, test)
    elif scan_type == 'Scout Suite Scan':
        parser = ScoutSuiteParser(file, test)
    elif scan_type == 'AWS Prowler Scan':
        parser = AWSProwlerParser(file, test)
    elif scan_type == 'Brakeman Scan':
        parser = BrakemanScanParser(file, test)
    elif scan_type == 'SpotBugs Scan':
        parser = SpotbugsXMLParser(file, test)
    elif scan_type == 'Safety Scan':
        parser = SafetyParser(file, test)
    elif scan_type == 'DawnScanner Scan':
        parser = DawnScannerParser(file, test)
    elif scan_type == 'Anchore Engine Scan':
        parser = AnchoreEngineScanParser(file, test)
    elif scan_type == 'Bundler-Audit Scan':
        parser = BundlerAuditParser(file, test)
    elif scan_type == 'Twistlock Image Scan':
        parser = TwistlockParser(file, test)
    elif scan_type == 'IBM AppScan DAST':
        parser = IbmAppScanDASTXMLParser(file, test)
    elif scan_type == 'Kiuwan Scan':
        parser = KiuwanCSVParser(file, test)
    elif scan_type == 'Blackduck Hub Scan':
        parser = BlackduckHubCSVParser(file, test)
    elif scan_type == 'Blackduck Component Risk':
        parser = BlackduckHubParser(file, test)
    elif scan_type == 'Sonatype Application Scan':
        parser = SonatypeJSONParser(file, test)
    elif scan_type == 'Openscap Vulnerability Scan':
        parser = OpenscapXMLParser(file, test)
    elif scan_type == 'Immuniweb Scan':
        parser = ImmuniwebXMLParser(file, test)
    elif scan_type == 'Wapiti Scan':
        parser = WapitiXMLParser(file, test)
    elif scan_type == 'Cobalt.io Scan':
        parser = CobaltCSVParser(file, test)
    elif scan_type == 'Mozilla Observatory Scan':
        parser = MozillaObservatoryJSONParser(file, test)
    elif scan_type == 'Whitesource Scan':
        parser = WhitesourceJSONParser(file, test)
    elif scan_type == 'Microfocus Webinspect Scan':
        parser = MicrofocusWebinspectXMLParser(file, test)
    elif scan_type == 'Wpscan':
        parser = WpscanJSONParser(file, test)
    elif scan_type == 'Sslscan':
        parser = SslscanXMLParser(file, test)
    elif scan_type == 'JFrog Xray Scan':
        parser = XrayJSONParser(file, test)
    elif scan_type == 'Sslyze Scan':
        parser = SSLyzeXMLParser(file, test)
    elif scan_type == 'SSLyze 3 Scan (JSON)':
        parser = SSLyzeJSONParser(file, test)
    elif scan_type == 'Testssl Scan':
        parser = TestsslCSVParser(file, test)
    elif scan_type == 'Hadolint Dockerfile check':
        parser = HadolintParser(file, test)
    elif scan_type == 'Aqua Scan':
        parser = AquaJSONParser(file, test)
    elif scan_type == 'HackerOne Cases':
        parser = HackerOneJSONParser(file, test)
    elif scan_type == 'Xanitizer Scan':
        parser = XanitizerXMLParser(file, test)
    elif scan_type == 'Trivy Scan':
        parser = TrivyParser(file, test)
    elif scan_type == 'Outpost24 Scan':
        parser = Outpost24Parser(file, test)
    elif scan_type == 'DSOP Scan':
        parser = DsopParser(file, test)
    elif scan_type == 'Anchore Enterprise Policy Check':
        parser = AnchoreEnterprisePolicyCheckParser(file, test)
    elif scan_type == 'Gitleaks Scan':
        parser = GitleaksJSONParser(file, test)
    elif scan_type == 'Harbor Vulnerability Scan':
        parser = HarborVulnerabilityParser(file, test)
    elif scan_type == 'Github Vulnerability Scan':
        parser = GithubVulnerabilityParser(file, test)
    elif scan_type == 'Choctaw Hog Scan':
        parser = ChoctawhogParser(file, test)
    elif scan_type == 'GitLab SAST Report':
        parser = GitlabSastReportParser(file, test)
    elif scan_type == 'GitLab Dependency Scanning Report':
        parser = GitlabDepScanReportParser(file, test)
    elif scan_type == 'Yarn Audit Scan':
        parser = YarnAuditParser(file, test)
    elif scan_type == 'BugCrowd Scan':
        parser = BugCrowdCSVParser(file, test)
    elif scan_type == 'HuskyCI Report':
        parser = HuskyCIReportParser(file, test)
    elif scan_type == 'CCVS Report':
        parser = CCVSReportParser(file, test)
    elif scan_type == 'AWS Security Hub Scan':
        parser = AwsSecurityFindingFormatParser(file, test)
    elif scan_type == 'Semgrep JSON Report':
        parser = SemgrepJSONParser(file, test)
    elif scan_type == 'Risk Recon API Importer':
        parser = RiskReconParser(file, test)
    elif scan_type == 'DrHeader JSON Importer':
        parser = DrHeaderJSONParser(file, test)
    elif scan_type == 'Checkov Scan':
        parser = CheckovParser(file, test)
    elif scan_type == 'kube-bench Scan':
        parser = KubeBenchParser(file, test)
    elif scan_type == 'ORT evaluated model Importer':
        parser = OrtParser(file, test)
    elif scan_type == 'SARIF':
        parser = SarifParser(file, test)
    elif scan_type == 'OssIndex Devaudit SCA Scan Importer':
        parser = OssIndexDevauditParser(file, test)
    elif scan_type == 'Scantist Scan':
        parser = ScantistJSONParser(file, test)
    else:
        raise ValueError('Unknown Test Type')

    return parser