def updated_nessus_parser(root, project_id, scan_id): global agent, description, fname, plugin_modification_date, plugin_name, plugin_publication_date, plugin_type, risk_factor, script_version, solution, synopsis, plugin_output, see_also, scan_ip, pluginName, pluginID, protocol, severity, svc_name, pluginFamily, port, vuln_color, total_vul, total_high, total_medium, total_low, target, report_name date_time = datetime.datetime.now() for data in root: if data.tag == "Report": report_name = data.attrib["name"] for reportHost in data.iter("ReportHost"): try: for key, value in reportHost.items(): target = value scan_id = uuid.uuid4() scan_status = "100" scan_dump = NetworkScanDb( ip=target, scan_id=scan_id, date_time=date_time, project_id=project_id, scan_status=scan_status, scanner="Nessus", ) scan_dump.save() for ReportItem in reportHost.iter("ReportItem"): for key, value in ReportItem.attrib.items(): if key == "pluginName": pluginName = value if key == "pluginID": pluginID = value if key == "protocol": protocol = value if key == "severity": severity = value if key == "svc_name": svc_name = value if key == "pluginFamily": pluginFamily = value if key == "port": port = value try: agent = ReportItem.find("agent").text except: agent = "NA" try: description = ReportItem.find("description").text except: description = "NA" try: fname = ReportItem.find("fname").text except: fname = "NA" try: plugin_modification_date = ReportItem.find( "plugin_modification_date").text except: plugin_modification_date = "NA" try: plugin_name = ReportItem.find("plugin_name").text except: plugin_name = "NA" try: plugin_publication_date = ReportItem.find( "plugin_publication_date").text except: plugin_publication_date = "NA" try: plugin_type = ReportItem.find("plugin_type").text except: plugin_type = "NA" try: risk_factor = ReportItem.find("risk_factor").text except: risk_factor = "NA" try: script_version = ReportItem.find( "script_version").text except: script_version = "NA" try: see_also = ReportItem.find("see_also").text except: see_also = "NA" try: solution = ReportItem.find("solution").text except: solution = "NA" try: synopsis = ReportItem.find("synopsis").text except: synopsis = "NA" try: plugin_output = ReportItem.find( "plugin_output").text except: plugin_output = "NA" vuln_id = uuid.uuid4() if risk_factor == "Critical": vuln_color = "danger" risk_factor = "High" elif risk_factor == "High": vuln_color = "danger" risk_factor = "High" elif risk_factor == "Medium": vuln_color = "warning" risk_factor = "Medium" elif risk_factor == "Low": vuln_color = "info" risk_factor = "Low" else: risk_factor = "Low" vuln_color = "info" dup_data = target + plugin_name + severity + port duplicate_hash = hashlib.sha256( dup_data.encode("utf-8")).hexdigest() match_dup = (NetworkScanResultsDb.objects.filter( dup_hash=duplicate_hash).values( "dup_hash").distinct()) lenth_match = len(match_dup) if lenth_match == 0: duplicate_vuln = "No" global false_positive false_p = NetworkScanResultsDb.objects.filter( false_positive_hash=duplicate_hash) fp_lenth_match = len(false_p) if fp_lenth_match == 1: false_positive = "Yes" else: false_positive = "No" if risk_factor == "None": risk_factor = "Low" all_data_save = NetworkScanResultsDb( project_id=project_id, scan_id=scan_id, date_time=date_time, title=pluginName, ip=target, vuln_id=vuln_id, description=description, solution=solution, severity=risk_factor, port=port, false_positive=false_positive, vuln_status="Open", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, severity_color=vuln_color, scanner="Nessus", ) all_data_save.save() else: duplicate_vuln = "Yes" all_data_save = NetworkScanResultsDb( project_id=project_id, scan_id=scan_id, date_time=date_time, title=pluginName, ip=target, vuln_id=vuln_id, description=description, solution=solution, severity=risk_factor, port=port, false_positive="Duplicate", vuln_status="Duplicate", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, severity_color=vuln_color, scanner="Nessus", ) all_data_save.save() except: continue for reportHost in data.iter("ReportHost"): try: for key, value in reportHost.items(): target = value target_filter = NetworkScanResultsDb.objects.filter( ip=target, vuln_status="Open", vuln_duplicate="No", ) duplicate_count = NetworkScanResultsDb.objects.filter( ip=target, vuln_duplicate="Yes") target_total_vuln = len(target_filter) target_total_high = len( target_filter.filter(severity="High")) target_total_medium = len( target_filter.filter(severity="Medium")) target_total_low = len( target_filter.filter(severity="Low")) target_total_duplicate = len( duplicate_count.filter(vuln_duplicate="Yes")) NetworkScanDb.objects.filter(ip=target).update( date_time=date_time, total_vul=target_total_vuln, high_vul=target_total_high, medium_vul=target_total_medium, low_vul=target_total_low, total_dup=target_total_duplicate, ) except: continue trend_update() subject = "Archery Tool Scan Status - Nessus Report Uploaded" message = ("Nessus Scanner has completed the scan " " %s <br> Total: %s <br>High: %s <br>" "Medium: %s <br>Low %s" % (scan_id, total_vul, total_high, total_medium, total_low)) email_sch_notify(subject=subject, message=message)
def npmaudit_report_json(data, project_id, scan_id, username): """ :param data: :param project_id: :param scan_id: :return: """ date_time = datetime.now() global vul_col for vuln in data['advisories']: title = data['advisories'][vuln]['title'] found_by = data['advisories'][vuln]['found_by'] reported_by = data['advisories'][vuln]['reported_by'] module_name = data['advisories'][vuln]['module_name'] cves = data['advisories'][vuln]['cves'] vulnerable_versions = data['advisories'][vuln]['vulnerable_versions'] patched_versions = data['advisories'][vuln]['patched_versions'] overview = data['advisories'][vuln]['overview'] recommendation = data['advisories'][vuln]['recommendation'] references = data['advisories'][vuln]['references'] access = data['advisories'][vuln]['access'] severity = data['advisories'][vuln]['severity'] cwe = data['advisories'][vuln]['cwe'] metadata = data['advisories'][vuln]['metadata'] url = data['advisories'][vuln]['url'] findings = (data['advisories'][vuln]['findings']) vuln_versions = {} for find in findings: vuln_versions[find['version']] = [find['paths']] if not title: title = "not found" if not found_by: found_by = "not found" if not reported_by: reported_by = "not found" if not module_name: module_name = "not found" if not cves: cves = "not found" if not vulnerable_versions: vulnerable_versions = "not found" if not patched_versions: patched_versions = "not found" if not recommendation: recommendation = "not found" if not overview: overview = "not found" if not references: references = "not found" if not access: access = "not found" if not severity: severity = "not found" if not cwe: cwe = "not found" if not url: url = "not found" if severity == "critical": severity = 'High' vul_col = "danger" if severity == "high": severity = 'High' vul_col = "danger" elif severity == 'moderate': severity = 'Medium' vul_col = "warning" elif severity == 'low': severity = 'Low' vul_col = "info" elif severity == 'info': severity = 'Low' vul_col = "info" vul_id = uuid.uuid4() dup_data = str(title) + str(severity) + str(module_name) duplicate_hash = hashlib.sha256(dup_data.encode('utf-8')).hexdigest() match_dup = npmaudit_scan_results_db.objects.filter( username=username, dup_hash=duplicate_hash).values('dup_hash') lenth_match = len(match_dup) if lenth_match == 0: duplicate_vuln = 'No' false_p = npmaudit_scan_results_db.objects.filter( username=username, false_positive_hash=duplicate_hash) fp_lenth_match = len(false_p) if fp_lenth_match == 1: false_positive = 'Yes' else: false_positive = 'No' save_all = npmaudit_scan_results_db( vuln_id=vul_id, date_time=date_time, scan_id=scan_id, project_id=project_id, vul_col=vul_col, vuln_status='Open', dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive=false_positive, version=vuln_versions, title=title, found_by=found_by, reported_by=reported_by, module_name=module_name, cves=cves, vulnerable_versions=vulnerable_versions, patched_versions=patched_versions, overview=overview, recommendation=recommendation, references=references, access=access, severity=severity, cwe=cwe, url=url, username=username, ) save_all.save() else: duplicate_vuln = 'Yes' save_all = npmaudit_scan_results_db( vuln_id=vul_id, date_time=date_time, scan_id=scan_id, project_id=project_id, vul_col=vul_col, vuln_status='Duplicate', dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive='Duplicate', version=vuln_versions, title=title, found_by=found_by, reported_by=reported_by, module_name=module_name, cves=cves, vulnerable_versions=vulnerable_versions, patched_versions=patched_versions, overview=overview, recommendation=recommendation, references=references, access=access, severity=severity, cwe=cwe, url=url, username=username, ) save_all.save() all_findbugs_data = npmaudit_scan_results_db.objects.filter( username=username, scan_id=scan_id, false_positive='No') duplicate_count = npmaudit_scan_results_db.objects.filter( username=username, scan_id=scan_id, vuln_duplicate='Yes') total_vul = len(all_findbugs_data) total_high = len(all_findbugs_data.filter(severity="High")) total_medium = len(all_findbugs_data.filter(severity="Medium")) total_low = len(all_findbugs_data.filter(severity="Low")) total_duplicate = len(duplicate_count.filter(vuln_duplicate='Yes')) npmaudit_scan_db.objects.filter(username=username, scan_id=scan_id).update( total_vul=total_vul, date_time=date_time, high_vul=total_high, medium_vul=total_medium, low_vul=total_low, total_dup=total_duplicate) trend_update(username=username) subject = 'Archery Tool Scan Status - Trivy Report Uploaded' message = 'Trivy Scanner has completed the scan ' \ ' %s <br> Total: %s <br>High: %s <br>' \ 'Medium: %s <br>Low %s' % ("npm-audit", total_vul, total_high, total_medium, total_low) email_sch_notify(subject=subject, message=message)
def trivy_report_json(data, project_id, scan_id, username): """ :param data: :param project_id: :param scan_id: :return: """ date_time = datetime.now() vul_col = '' for vuln_data in data: vuln = vuln_data['Vulnerabilities'] if vuln is not None: for issue in vuln: try: VulnerabilityID = issue['VulnerabilityID'] except Exception as e: VulnerabilityID = "Not Found" print(e) try: PkgName = issue['PkgName'] except Exception as e: PkgName = "Not Found" print(e) try: InstalledVersion = issue['InstalledVersion'] except Exception as e: InstalledVersion = "Not Found" print(e) try: FixedVersion = issue['FixedVersion'] except Exception as e: FixedVersion = "Not Found" print(e) try: Title = issue['Title'] except Exception as e: Title = "Not Found" print(e) try: Description = issue['Description'] except Exception as e: Description = "Not Found" print(e) try: Severity = issue['Severity'] except Exception as e: Severity = "Not Found" print(e) try: References = issue['References'] except Exception as e: References = "Not Found" print(e) if Severity == "CRITICAL": Severity = 'High' vul_col = "danger" if Severity == "HIGH": Severity = 'High' vul_col = "danger" if Severity == 'MEDIUM': Severity = 'Medium' vul_col = "warning" if Severity == 'LOW': Severity = 'Low' vul_col = "info" if Severity == 'UNKNOWN': Severity = 'Low' vul_col = "info" vul_id = uuid.uuid4() dup_data = str(VulnerabilityID) + str(Severity) + str(PkgName) duplicate_hash = hashlib.sha256(dup_data.encode('utf-8')).hexdigest() match_dup = trivy_scan_results_db.objects.filter(username=username, dup_hash=duplicate_hash).values('dup_hash') lenth_match = len(match_dup) if lenth_match == 0: duplicate_vuln = 'No' false_p = trivy_scan_results_db.objects.filter(username=username, false_positive_hash=duplicate_hash) fp_lenth_match = len(false_p) if fp_lenth_match == 1: false_positive = 'Yes' else: false_positive = 'No' save_all = trivy_scan_results_db( vuln_id=vul_id, scan_id=scan_id, date_time=date_time, project_id=project_id, VulnerabilityID=VulnerabilityID, PkgName=PkgName, InstalledVersion=InstalledVersion, FixedVersion=FixedVersion, Title=Title, Description=Description, Severity=Severity, References=References, vul_col=vul_col, vuln_status='Open', dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive=false_positive, username=username, ) save_all.save() else: duplicate_vuln = 'Yes' save_all = trivy_scan_results_db( vuln_id=vul_id, scan_id=scan_id, date_time=date_time, project_id=project_id, VulnerabilityID=VulnerabilityID, PkgName=PkgName, InstalledVersion=InstalledVersion, FixedVersion=FixedVersion, Title=Title, Description=Description, Severity=Severity, References=References, vul_col=vul_col, vuln_status='Duplicate', dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive='Duplicate', username=username, ) save_all.save() all_findbugs_data = trivy_scan_results_db.objects.filter(username=username, scan_id=scan_id, false_positive='No') duplicate_count = trivy_scan_results_db.objects.filter(username=username, scan_id=scan_id, vuln_duplicate='Yes') total_vul = len(all_findbugs_data) total_high = len(all_findbugs_data.filter(Severity="High")) total_medium = len(all_findbugs_data.filter(Severity="Medium")) total_low = len(all_findbugs_data.filter(Severity="Low")) total_duplicate = len(duplicate_count.filter(vuln_duplicate='Yes')) trivy_scan_db.objects.filter(scan_id=scan_id).update(username=username, total_vul=total_vul, date_time=date_time, high_vul=total_high, medium_vul=total_medium, low_vul=total_low, total_dup=total_duplicate ) trend_update(username=username) subject = 'Archery Tool Scan Status - Trivy Report Uploaded' message = 'Trivy Scanner has completed the scan ' \ ' %s <br> Total: %s <br>High: %s <br>' \ 'Medium: %s <br>Low %s' % (Target, total_vul, total_high, total_medium, total_low) email_sch_notify(subject=subject, message=message)
def xml_parser(self): """ :param root: :param project_id: :param scan_id: :return: """ date_time = datetime.now() global name, classname, risk, ShortMessage, LongMessage, sourcepath, vul_col, ShortDescription, Details, lenth_match, duplicate_hash, vul_id, total_vul, total_high, total_medium, total_low, details, message for bug in self.root: if bug.tag == "BugInstance": name = bug.attrib["type"] priority = bug.attrib["priority"] for BugInstance in bug: if BugInstance.tag == "ShortMessage": global ShortMessage ShortMessage = BugInstance.text if BugInstance.tag == "LongMessage": global LongMessage LongMessage = BugInstance.text if BugInstance.tag == "Class": global classname try: classname = BugInstance.attrib["classname"] except: classname = 'na' if BugInstance.tag == "SourceLine": global sourcepath, sourcefile try: sourcepath = BugInstance.attrib["sourcepath"] except: sourcepath = 'NA' try: sourcefile = BugInstance.attrib["sourcefile"] except: sourcefile = 'NA' for data in bug: for message_data in data: if message_data.tag == 'Message': message = message_data.text if priority == "1": risk = "High" vul_col = "danger" elif priority == "2": risk = "Medium" vul_col = "warning" elif priority == "3": risk = "Low" vul_col = "info" vul_id = uuid.uuid4() dup_data = str(ShortMessage) + str(message) + str( sourcepath) + str(risk) duplicate_hash = hashlib.sha256( dup_data.encode("utf-8")).hexdigest() match_dup = StaticScanResultsDb.objects.filter( dup_hash=duplicate_hash).values("dup_hash") lenth_match = len(match_dup) details = self.find_bug_pattern(name) if lenth_match == 0: duplicate_vuln = "No" false_p = StaticScanResultsDb.objects.filter( false_positive_hash=duplicate_hash) fp_lenth_match = len(false_p) if fp_lenth_match == 1: false_positive = "Yes" else: false_positive = "No" save_all = StaticScanResultsDb( vuln_id=vul_id, date_time=date_time, scan_id=self.scan_id, project_id=self.project_id, title=str(ShortMessage), severity=risk, description="<b>Finding Path & Line:</b> %s" % str(message) + "<br><br>" "<b>Finding Classes:</b> %s" % str(classname) + "<br><br>" "<b>Finding Source Path</b>: %s" % str(sourcepath) + "<br><br>" + str(ShortMessage) + "<br><br>" + str(LongMessage) + "<br><br>" + str(details), # + "\n\n" # + str(classname), fileName=str(message), severity_color=vul_col, vuln_status="Open", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive=false_positive, scanner="Findbugs", ) save_all.save() else: duplicate_vuln = "Yes" save_all = StaticScanResultsDb( vuln_id=vul_id, date_time=date_time, scan_id=self.scan_id, project_id=self.project_id, title=str(ShortMessage), severity=risk, description="<b>Finding Path & Line:</b> %s" % str(message) + "<br><br>" "<b>Finding Classes:</b> %s" % str(classname) + "<br><br>" "<b>Finding Source Path</b>: %s" % str(sourcepath) + "<br><br>" + str(ShortMessage) + "<br><br>" + str(LongMessage) + "<br><br>" + str(details), # + "\n\n" # + str(classname), fileName=str(message), severity_color=vul_col, vuln_status="Duplicate", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive="Duplicate", scanner="Findbugs", ) save_all.save() # if bug.tag == "BugPattern": # for BugPattern in bug: # name = bug.attrib["type"] # if BugPattern.tag == "ShortDescription": # ShortDescription = BugPattern.text # if BugPattern.tag == "Details": # global Details # Details = BugPattern.text # print(Details) # StaticScanResultsDb.objects.filter(vuln_id=vul_id, title=name).update( # description=str(Details) # + "\n\n" # + str(ShortMessage) # + "\n\n" # + str(LongMessage) # + "\n\n" # + str(classname), # ) all_findbugs_data = StaticScanResultsDb.objects.filter( scan_id=self.scan_id, false_positive="No") duplicate_count = StaticScanResultsDb.objects.filter( scan_id=self.scan_id, vuln_duplicate="Yes") total_vul = len(all_findbugs_data) total_high = len(all_findbugs_data.filter(severity="High")) total_medium = len(all_findbugs_data.filter(severity="Medium")) total_low = len(all_findbugs_data.filter(severity="Low")) total_duplicate = len(duplicate_count.filter(vuln_duplicate="Yes")) StaticScansDb.objects.filter(scan_id=self.scan_id).update( total_vul=total_vul, date_time=date_time, high_vul=total_high, medium_vul=total_medium, low_vul=total_low, total_dup=total_duplicate, scanner="Findbugs", ) trend_update() subject = "Archery Tool Scan Status - Findbugs Report Uploaded" message = ( "Findbugs Scanner has completed the scan " " %s <br> Total: %s <br>High: %s <br>" "Medium: %s <br>Low %s" % (self.scan_id, total_vul, total_high, total_medium, total_low)) email_sch_notify(subject=subject, message=message)
def tfsec_report_json(data, project_id, scan_id, username): """ :param data: :param project_id: :param scan_id: :return: """ date_time = datetime.now() global vul_col for vuln in data['results']: rule_id = vuln['rule_id'] link = vuln['link'] filename = vuln['location']['filename'] start_line = vuln['location']['start_line'] end_line = vuln['location']['end_line'] description = vuln['description'] severity = vuln['severity'] if severity == "ERROR": severity = 'High' vul_col = "danger" elif severity == 'WARNING': severity = 'Medium' vul_col = "warning" elif severity == 'INFO': severity = 'Info' vul_col = "info" vul_id = uuid.uuid4() dup_data = str(rule_id) + str(severity) + str(filename) duplicate_hash = hashlib.sha256(dup_data.encode('utf-8')).hexdigest() match_dup = tfsec_scan_results_db.objects.filter( username=username, dup_hash=duplicate_hash).values('dup_hash') lenth_match = len(match_dup) if lenth_match == 0: duplicate_vuln = 'No' false_p = tfsec_scan_results_db.objects.filter( username=username, false_positive_hash=duplicate_hash) fp_lenth_match = len(false_p) if fp_lenth_match == 1: false_positive = 'Yes' else: false_positive = 'No' save_all = tfsec_scan_results_db( vuln_id=vul_id, scan_id=scan_id, date_time=date_time, project_id=project_id, vul_col=vul_col, vuln_status='Open', dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive=false_positive, rule_id=rule_id, filename=filename, severity=severity, description=description, link=link, start_line=start_line, end_line=end_line, username=username, ) save_all.save() else: duplicate_vuln = 'Yes' save_all = tfsec_scan_results_db( vuln_id=vul_id, scan_id=scan_id, date_time=date_time, project_id=project_id, vul_col=vul_col, vuln_status='Duplicate', dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive='Duplicate', rule_id=rule_id, filename=filename, severity=severity, description=description, link=link, start_line=start_line, end_line=end_line, username=username, ) save_all.save() all_findbugs_data = tfsec_scan_results_db.objects.filter( username=username, scan_id=scan_id, false_positive='No') duplicate_count = tfsec_scan_results_db.objects.filter( username=username, scan_id=scan_id, vuln_duplicate='Yes') total_vul = len(all_findbugs_data) total_high = len(all_findbugs_data.filter(severity="High")) total_medium = len(all_findbugs_data.filter(severity="Medium")) total_low = len(all_findbugs_data.filter(severity="Low")) total_duplicate = len(duplicate_count.filter(vuln_duplicate='Yes')) tfsec_scan_db.objects.filter(username=username, scan_id=scan_id).update( total_vul=total_vul, date_time=date_time, high_vul=total_high, medium_vul=total_medium, low_vul=total_low, total_dup=total_duplicate) trend_update(username=username) subject = 'Archery Tool Scan Status - tfsec Report Uploaded' message = 'tfsec Scanner has completed the scan ' \ ' %s <br> Total: %s <br>High: %s <br>' \ 'Medium: %s <br>Low %s' % ("tfsec", total_vul, total_high, total_medium, total_low) email_sch_notify(subject=subject, message=message)
def whitesource_report_json(data, project_id, scan_id, username): """ :param data: :param project_id: :param scan_id: :return: """ date_time = datetime.now() global vul_col, project vuln = data['vulnerabilities'] for issues in vuln: name = issues['name'] severity = issues['severity'] score = issues['score'] cvss3_severity = issues['cvss3_severity'] cvss3_score = issues['cvss3_score'] publishDate = issues['publishDate'] lastUpdatedDate = issues['lastUpdatedDate'] scoreMetadataVector = issues['scoreMetadataVector'] url = issues['url'] description = issues['description'] project = issues['project'] product = issues['product'] cvss3Attributes = issues['cvss3Attributes'] library = issues['library'] topFix = issues['topFix'] #allFixes = issues['allFixes'] filename = issues['library']['filename'] sha1 = issues['library']['sha1'] version = issues['library']['version'] groupId = issues['library']['groupId'] if severity == "high": severity = 'High' vul_col = "danger" elif severity == 'medium': severity = 'Medium' vul_col = "warning" elif severity == 'low': severity = 'Low' vul_col = "info" vul_id = uuid.uuid4() dup_data = str(name) + str(severity) + str(project) duplicate_hash = hashlib.sha256(dup_data.encode('utf-8')).hexdigest() match_dup = whitesource_scan_results_db.objects.filter( username=username, dup_hash=duplicate_hash).values('dup_hash') lenth_match = len(match_dup) if lenth_match == 0: duplicate_vuln = 'No' false_p = whitesource_scan_results_db.objects.filter( username=username, false_positive_hash=duplicate_hash) fp_lenth_match = len(false_p) if fp_lenth_match == 1: false_positive = 'Yes' else: false_positive = 'No' save_all = whitesource_scan_results_db( vuln_id=vul_id, scan_id=scan_id, date_time=date_time, project_id=project_id, vul_col=vul_col, vuln_status='Open', dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive=false_positive, name=name, severity=severity, score=score, cvss3_severity=cvss3_severity, cvss3_score=cvss3_score, publishDate=publishDate, lastUpdatedDate=lastUpdatedDate, scoreMetadataVector=scoreMetadataVector, url=url, description=description, project=project, product=product, cvss3Attributes=cvss3Attributes, library=library, topFix=topFix, # allFixes=allFixes, filename=filename, sha1=sha1, version=version, groupId=groupId, username=username, ) save_all.save() else: duplicate_vuln = 'Yes' save_all = whitesource_scan_results_db( vuln_id=vul_id, scan_id=scan_id, date_time=date_time, project_id=project_id, vul_col=vul_col, vuln_status='Duplicate', dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive='Duplicate', name=name, severity=severity, score=score, cvss3_severity=cvss3_severity, cvss3_score=cvss3_score, publishDate=publishDate, lastUpdatedDate=lastUpdatedDate, scoreMetadataVector=scoreMetadataVector, url=url, description=description, project=project, product=product, cvss3Attributes=cvss3Attributes, library=library, topFix=topFix, # allFixes=allFixes, filename=filename, sha1=sha1, version=version, groupId=groupId, username=username, ) save_all.save() all_findbugs_data = whitesource_scan_results_db.objects.filter( username=username, scan_id=scan_id, false_positive='No') duplicate_count = whitesource_scan_results_db.objects.filter( username=username, scan_id=scan_id, vuln_duplicate='Yes') total_vul = len(all_findbugs_data) total_high = len(all_findbugs_data.filter(severity="High")) total_medium = len(all_findbugs_data.filter(severity="Medium")) total_low = len(all_findbugs_data.filter(severity="Low")) total_duplicate = len(duplicate_count.filter(vuln_duplicate='Yes')) whitesource_scan_db.objects.filter( username=username, scan_id=scan_id).update(project_name=project, date_time=date_time, total_vul=total_vul, high_vul=total_high, medium_vul=total_medium, low_vul=total_low, total_dup=total_duplicate) trend_update(username=username) subject = 'Archery Tool Scan Status - whitesource Report Uploaded' message = 'whitesource Scanner has completed the scan ' \ ' %s <br> Total: %s <br>High: %s <br>' \ 'Medium: %s <br>Low %s' % ("whitesource", total_vul, total_high, total_medium, total_low) email_sch_notify(subject=subject, message=message)
def updated_nessus_parser(root, project_id, scan_id, username): global agent, description, fname, \ plugin_modification_date, plugin_name, \ plugin_publication_date, plugin_type, \ risk_factor, script_version, solution, \ synopsis, plugin_output, see_also, scan_ip, \ pluginName, pluginID, protocol, severity, \ svc_name, pluginFamily, port, vuln_color, total_vul, total_high, total_medium, total_low, target, report_name date_time = datetime.datetime.now() for data in root: if data.tag == 'Report': report_name = data.attrib['name'] scan_status = "100" scan_dump = nessus_scan_db( report_name=report_name, target=target, scan_id=scan_id, date_time=date_time, project_id=project_id, scan_status=scan_status, username=username ) scan_dump.save() for reportHost in data.iter('ReportHost'): try: for key, value in reportHost.items(): target = value except: continue for ReportItem in reportHost.iter('ReportItem'): for key, value in ReportItem.attrib.items(): if key == 'pluginName': pluginName = value # print ("pluginName = "+str(value)) if key == 'pluginID': pluginID = value # print ("pluginID = "+str(value)) if key == 'protocol': protocol = value # print ("protocol = "+str(value)) if key == 'severity': severity = value # print ("severity = "+str(value)) if key == 'svc_name': svc_name = value # print ("svc_name = "+str(value)) if key == 'pluginFamily': pluginFamily = value # print ("pluginFamily = "+str(value)) if key == 'port': port = value # print ("port = "+str(value)) try: agent = ReportItem.find('agent').text except: agent = "NA" try: description = ReportItem.find('description').text except: description = "NA" try: fname = ReportItem.find('fname').text except: fname = "NA" try: plugin_modification_date = ReportItem.find('plugin_modification_date').text except: plugin_modification_date = "NA" try: plugin_name = ReportItem.find('plugin_name').text except: plugin_name = "NA" try: plugin_publication_date = ReportItem.find('plugin_publication_date').text except: plugin_publication_date = "NA" try: plugin_type = ReportItem.find('plugin_type').text except: plugin_type = "NA" try: risk_factor = ReportItem.find('risk_factor').text except: risk_factor = "NA" try: script_version = ReportItem.find('script_version').text except: script_version = "NA" try: see_also = ReportItem.find('see_also').text except: see_also = "NA" try: solution = ReportItem.find('solution').text except: solution = "NA" try: synopsis = ReportItem.find('synopsis').text except: synopsis = "NA" try: plugin_output = ReportItem.find('plugin_output').text except: plugin_output = "NA" vuln_id = uuid.uuid4() if risk_factor == 'Critical': vuln_color = 'danger' risk_factor = 'High' elif risk_factor == 'High': vuln_color = 'danger' risk_factor = 'High' elif risk_factor == 'Medium': vuln_color = 'warning' risk_factor = 'Medium' elif risk_factor == 'Low': vuln_color = 'info' risk_factor = 'Low' else: risk_factor = 'Low' vuln_color = 'info' dup_data = target + plugin_name + severity + port duplicate_hash = hashlib.sha256(dup_data.encode('utf-8')).hexdigest() match_dup = nessus_scan_results_db.objects.filter(username=username, dup_hash=duplicate_hash).values('dup_hash').distinct() lenth_match = len(match_dup) if lenth_match == 0: duplicate_vuln = 'No' global false_positive false_p = nessus_scan_results_db.objects.filter(username=username, false_positive_hash=duplicate_hash) fp_lenth_match = len(false_p) if fp_lenth_match == 1: false_positive = 'Yes' else: false_positive = 'No' if risk_factor == 'None': risk_factor = 'Low' all_data_save = nessus_scan_results_db(project_id=project_id, report_name=report_name, scan_id=scan_id, date_time=date_time, target=target, vuln_id=vuln_id, agent=agent, description=description, fname=fname, plugin_modification_date=plugin_modification_date, plugin_name=plugin_name, plugin_publication_date=plugin_publication_date, plugin_type=plugin_type, risk_factor=risk_factor, script_version=script_version, see_also=see_also, solution=solution, synopsis=synopsis, plugin_output=plugin_output, pluginName=pluginName, pluginID=pluginID, protocol=protocol, severity=severity, svc_name=svc_name, pluginFamily=pluginFamily, port=port, false_positive=false_positive, vuln_status='Open', dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, severity_color=vuln_color, username=username, ) all_data_save.save() del_na = nessus_scan_results_db.objects.filter(username=username, plugin_name='NA') del_na.delete() else: duplicate_vuln = 'Yes' all_data_save = nessus_scan_results_db(project_id=project_id, scan_id=scan_id, target=target, vuln_id=vuln_id, date_time=date_time, agent=agent, description=description, fname=fname, plugin_modification_date=plugin_modification_date, plugin_name=plugin_name, plugin_publication_date=plugin_publication_date, plugin_type=plugin_type, risk_factor=risk_factor, script_version=script_version, see_also=see_also, solution=solution, synopsis=synopsis, plugin_output=plugin_output, pluginName=pluginName, pluginID=pluginID, protocol=protocol, severity=severity, svc_name=svc_name, pluginFamily=pluginFamily, port=port, false_positive='Duplicate', vuln_status='Duplicate', dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, severity_color=vuln_color, username=username, ) all_data_save.save() del_na = nessus_scan_results_db.objects.filter(username=username, plugin_name='NA') del_na.delete() ov_all_vul = nessus_scan_results_db.objects.filter(username=username, scan_id=scan_id) total_duplicate = len(ov_all_vul.filter(vuln_duplicate='Yes')) nessus_scan_db.objects.filter(username=username, scan_id=scan_id) \ .update( total_dup=total_duplicate, target=target, ) target_filter = nessus_scan_results_db.objects.filter(username=username, scan_id=scan_id, target=target, vuln_status='Open', vuln_duplicate='No' ) duplicate_count = nessus_scan_results_db.objects.filter(username=username, scan_id=scan_id, target=target, vuln_duplicate='Yes') target_total_vuln = len(target_filter) target_total_high = len(target_filter.filter(risk_factor="High")) target_total_medium = len(target_filter.filter(risk_factor="Medium")) target_total_low = len(target_filter.filter(risk_factor="Low")) target_total_duplicate = len(duplicate_count.filter(vuln_duplicate='Yes')) target_scan_dump = nessus_targets_db( report_name=report_name, target=target, scan_id=scan_id, date_time=date_time, project_id=project_id, username=username, total_vuln=target_total_vuln, total_high=target_total_high, total_medium=target_total_medium, total_low=target_total_low, total_dup=target_total_duplicate, ) target_scan_dump.save() ov_all_vul = nessus_scan_results_db.objects.filter(username=username, scan_id=scan_id, vuln_status='Open', vuln_duplicate='No' ) duplicate_count_report = nessus_scan_results_db.objects.filter(username=username, scan_id=scan_id, vuln_duplicate='Yes') total_vuln = len(ov_all_vul) total_high = len(ov_all_vul.filter(risk_factor="High")) total_medium = len(ov_all_vul.filter(risk_factor="Medium")) total_low = len(ov_all_vul.filter(risk_factor="Low")) total_duplicate = len(duplicate_count_report.filter(vuln_duplicate='Yes')) nessus_scan_db.objects.filter(username=username, scan_id=scan_id) \ .update(total_vuln=total_vuln, total_high=total_high, total_medium=total_medium, total_low=total_low, total_dup=total_duplicate, target=target, ) trend_update(username=username) subject = 'Archery Tool Scan Status - Nessus Report Uploaded' message = 'Nessus Scanner has completed the scan ' \ ' %s <br> Total: %s <br>High: %s <br>' \ 'Medium: %s <br>Low %s' % (scan_id, total_vul, total_high, total_medium, total_low) email_sch_notify(subject=subject, message=message)
def xml_parser(root, project_id, scan_id): global url, Scheme, Host, Port, AttackMethod, VulnerableSession, TriggerSession, VulnerabilityID, Severity, Name, ReportSection, HighlightSelections, RawResponse, SectionText, vuln_id, severity_name, vul_col, target date_time = datetime.now() for data in root: if data.tag == "Name": target = data.text for issues in data: for issue in issues: if issue.tag == "URL": url = issue.text if issue.tag == "Host": Host = issue.text if issue.tag == "Port": Port = issue.text if issue.tag == "AttackMethod": AttackMethod = issue.text if issue.tag == "VulnerableSession": VulnerableSession = issue.text if issue.tag == "Severity": Severity = issue.text if issue.tag == "Name": Name = issue.text for d_issue in issue: if d_issue.tag == "SectionText": SectionText = issue.text vuln_id = uuid.uuid4() if Severity == "4": Severity = "High" vul_col = "danger" elif Severity == "3": Severity = "High" vul_col = "danger" elif Severity == "2": Severity = "Medium" vul_col = "warning" elif Severity == "1": Severity = "Low" vul_col = "info" else: Severity = "Low" vul_col = "info" dup_data = Name + url + Severity duplicate_hash = hashlib.sha256(dup_data.encode("utf-8")).hexdigest() match_dup = ( WebScanResultsDb.objects.filter(dup_hash=duplicate_hash) .values("dup_hash") .distinct() ) lenth_match = len(match_dup) if lenth_match == 0: duplicate_vuln = "No" false_p = WebScanResultsDb.objects.filter( false_positive_hash=duplicate_hash ) fp_lenth_match = len(false_p) global false_positive if fp_lenth_match == 1: false_positive = "Yes" elif lenth_match == 0: false_positive = "No" else: false_positive = "No" if Name is None: continue else: dump_data = WebScanResultsDb( scan_id=scan_id, vuln_id=vuln_id, project_id=project_id, url=url, date_time=date_time, title=Name, severity=Severity, severity_color=vul_col, description=str(Host) + str(Port) + str(SectionText) + str(AttackMethod), instance=VulnerableSession, false_positive=false_positive, vuln_status="Open", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, scanner="Webinspect", ) dump_data.save() else: duplicate_vuln = "Yes" dump_data = WebScanResultsDb( scan_id=scan_id, vuln_id=vuln_id, project_id=project_id, url=url, date_time=date_time, title=Name, severity=Severity, severity_color=vul_col, description=str(Host) + str(Port) + str(SectionText) + str(AttackMethod), instance=VulnerableSession, false_positive="Duplicate", vuln_status="Duplicate", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, scanner="Webinspect", ) dump_data.save() webinspect_all_vul = WebScanResultsDb.objects.filter( scan_id=scan_id, false_positive="No" ) duplicate_count = WebScanResultsDb.objects.filter( scan_id=scan_id, vuln_duplicate="Yes" ) total_high = len(webinspect_all_vul.filter(severity="High")) total_medium = len(webinspect_all_vul.filter(severity="Medium")) total_low = len(webinspect_all_vul.filter(severity="Low")) total_info = len(webinspect_all_vul.filter(severity="Information")) total_duplicate = len(duplicate_count.filter(vuln_duplicate="Yes")) total_vul = total_high + total_medium + total_low + total_info WebScansDb.objects.filter(scan_id=scan_id).update( total_vul=total_vul, scan_url=target, date_time=date_time, high_vul=total_high, medium_vul=total_medium, low_vul=total_low, info_vul=total_info, total_dup=total_duplicate, ) trend_update() subject = "Archery Tool Scan Status - Webinspect Report Uploaded" message = ( "Webinspect Scanner has completed the scan " " %s <br> Total: %s <br>High: %s <br>" "Medium: %s <br>Low %s" % (Host, total_vul, total_high, total_medium, total_low) ) email_sch_notify(subject=subject, message=message)
def xml_parser(root, project_id, scan_id, target_url): date_time = datetime.now() global name, description, remedy_guidance, remedy_code, severity, check, digest, references, vector, remarks, page, signature, proof, trusted, platform_type, platform_name, url, action, body, vuln_id, vul_col, ref_key, ref_values, vector_input_key, vector_input_values, vector_source_key, vector_source_values, page_body_data, request_url, request_method, request_raw, response_ip, response_raw_headers for issue in root: for data in issue: if data.tag == "issue": for vuln in data: vuln_id = uuid.uuid4() if vuln.tag == "name": if vuln.text is None: name = "NA" else: name = vuln.text if vuln.tag == "description": if vuln.text is None: description = "NA" else: description = vuln.text if vuln.tag == "remedy_guidance": if vuln.text is None: remedy_guidance = "NA" else: remedy_guidance = vuln.text if vuln.tag == "severity": if vuln.text is None: severity = "NA" else: severity = vuln.text if vuln.tag == "references": for ref_vuln in vuln: dat = ref_vuln.attrib for key, values in dat.items(): if key is None: ref_key = "NA" else: ref_key = key if values is None: ref_values = "NA" else: ref_values = values if vuln.tag == "vector": for vec_vuln in vuln: if vec_vuln.tag == "inputs": for vec_input in vec_vuln: dat = vec_input.attrib for key, values in dat.items(): if key is None: vector_input_key = "NA" else: vector_input_key = key if values is None: vector_input_values = "NA" else: vector_input_values = values if vec_vuln.tag == "source": for vec_source in vec_vuln: source_dat = vec_source.attrib for key, values in source_dat.items(): if key is None: vector_source_key = "NA" else: vector_source_key = key if values in None: vector_source_values = "NA" else: vector_source_values = values if vuln.tag == "page": for page_body in vuln: if page_body.tag == "body": page_body_dat = page_body.text if page_body_dat is None: page_body_data = "NA" else: page_body_data = page_body_dat for req in vuln: if req.tag == "request": for req_dat in req: if req_dat.tag == "url": req_url = req_dat.text if req_url is None: request_url = "NA" else: request_url = req_url if req_dat.tag == "method": req_method = req_dat.text if req_method is None: request_method = "NA" else: request_method = req_method if req_dat.tag == "raw": if req_dat.text is None: request_raw = "NA" else: request_raw = req_dat.text if req.tag == "response": for res_dat in req: if res_dat.tag == "ip_address": res_ip = res_dat.text if res_ip is None: response_ip = "NA" else: response_ip = res_dat.text if res_dat.tag == "raw_headers": res_raw_headers = res_dat.text if res_raw_headers is None: response_raw_headers = "NA" else: response_raw_headers = res_dat.text if vuln.tag == "proof": proof = vuln.text if vuln.text is None: proof = "NA" else: proof = vuln.text for extra_data in vuln: for extra_vuln in extra_data: if extra_vuln.tag == "url": if extra_vuln.text is None: url = "NA" else: url = extra_vuln.text if extra_vuln.tag == "action": if extra_vuln.text is None: action = "NA" else: action = extra_vuln.text if extra_vuln.tag == "body": if extra_vuln.text is None: body = "NA" else: body = extra_vuln.text details = (description + "\n\n" + str(proof) + "\n\n" + str(ref_values) + "\n\n" + str(page_body_data)) dup_data = name + url + severity duplicate_hash = hashlib.sha256( dup_data.encode("utf-8")).hexdigest() match_dup = (WebScanResultsDb.objects.filter( vuln_duplicate=duplicate_hash, scanner="Arachni").values("dup_hash").distinct()) lenth_match = len(match_dup) if severity == "high": vul_col = "danger" severity = "High" elif severity == "medium": vul_col = "warning" severity = "Medium" elif severity == "low": severity = "Low" vul_col = "info" else: severity = "Low" vul_col = "info" if lenth_match == 0: duplicate_vuln = "No" false_p = WebScanResultsDb.objects.filter( false_positive_hash=duplicate_hash) fp_lenth_match = len(false_p) global false_positive if fp_lenth_match == 1: false_positive = "Yes" elif fp_lenth_match == 0: false_positive = "No" else: false_positive = "No" dump_data = WebScanResultsDb( vuln_id=vuln_id, scan_id=scan_id, date_time=date_time, severity_color=vul_col, project_id=project_id, title=name, description=details, solution=remedy_guidance, severity=severity, url=url, false_positive=false_positive, vuln_status="Open", false_positive_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, scanner="Arachni", ) dump_data.save() else: duplicate_vuln = "Yes" dump_data = WebScanResultsDb( vuln_id=vuln_id, scan_id=scan_id, date_time=date_time, severity_color=vul_col, project_id=project_id, title=name, description=details, solution=remedy_guidance, severity=severity, url=url, false_positive="Duplicate", vuln_status="Duplicate", false_positive_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, scanner="Arachni", ) dump_data.save() arachni_all_vul = WebScanResultsDb.objects.filter(scan_id=scan_id, false_positive="No", scanner="Arachni") duplicate_count = WebScanResultsDb.objects.filter(scan_id=scan_id, vuln_duplicate="Yes", scanner="Arachni") total_high = len(arachni_all_vul.filter(severity="High")) total_medium = len(arachni_all_vul.filter(severity="Medium")) total_low = len(arachni_all_vul.filter(severity="Low")) total_info = len(arachni_all_vul.filter(severity="Informational")) total_duplicate = len(duplicate_count.filter(vuln_duplicate="Yes")) total_vul = total_high + total_medium + total_low + total_info print(total_high) print(total_low) print(total_medium) print(total_info) WebScansDb.objects.filter(scan_id=scan_id).update( scan_url=target_url, total_vul=total_vul, date_time=date_time, high_vul=total_high, medium_vul=total_medium, low_vul=total_low, info_vul=total_info, scan_status="100", total_dup=total_duplicate, scanner="Arachni", ) trend_update() subject = "Archery Tool Scan Status - Arachni Report Uploaded" message = ("Arachni Scanner has completed the scan " " %s <br> Total: %s <br>High: %s <br>" "Medium: %s <br>Low %s" % (url, total_vul, total_high, total_medium, total_low)) email_sch_notify(subject=subject, message=message)
def nodejsscan_report_json(data, project_id, scan_id): """ :param data: :param project_id: :param scan_id: :return: """ date_time = datetime.now() global vul_col, severity for vuln in data["sec_issues"]: for vuln_dat in data["sec_issues"][vuln]: with open( "scanners/scanner_parser/staticscanner_parser/nodejsscan_vuln.json" ) as f: vuln_name = json.load(f) for v in vuln_name["vuln"]: if v["name"] == vuln_dat["title"]: severity = v["severity"] title = vuln_dat["title"] filename = vuln_dat["filename"] path = vuln_dat["path"] sha2 = vuln_dat["sha2"] tag = vuln_dat["tag"] description = vuln_dat["description"] line = vuln_dat["line"] lines = vuln_dat["lines"] if severity == "High": vul_col = "danger" elif severity == "Medium": vul_col = "warning" elif severity == "Low": vul_col = "info" vul_id = uuid.uuid4() dup_data = str(title) + str(severity) + str(filename) + str(line) duplicate_hash = hashlib.sha256(dup_data.encode("utf-8")).hexdigest() match_dup = StaticScanResultsDb.objects.filter( dup_hash=duplicate_hash ).values("dup_hash") lenth_match = len(match_dup) if lenth_match == 0: duplicate_vuln = "No" false_p = StaticScanResultsDb.objects.filter( false_positive_hash=duplicate_hash ) fp_lenth_match = len(false_p) if fp_lenth_match == 1: false_positive = "Yes" else: false_positive = "No" save_all = StaticScanResultsDb( vuln_id=vul_id, scan_id=scan_id, date_time=date_time, project_id=project_id, severity_color=vul_col, vuln_status="Open", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive=false_positive, title=title, fileName=filename, severity=severity, filePath=path, description=str(description) + "\n\n" + str(line) + "\n\n" + str(lines), scanner="Nodejsscan", ) save_all.save() else: duplicate_vuln = "Yes" save_all = StaticScanResultsDb( vuln_id=vul_id, scan_id=scan_id, date_time=date_time, project_id=project_id, severity_color=vul_col, vuln_status="Duplicate", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive="Duplicate", title=title, fileName=filename, severity=severity, filePath=path, description=str(description) + "\n\n" + str(line) + "\n\n" + str(lines), scanner="Nodejsscan", ) save_all.save() all_findbugs_data = StaticScanResultsDb.objects.filter( scan_id=scan_id, false_positive="No" ) duplicate_count = StaticScanResultsDb.objects.filter( scan_id=scan_id, vuln_duplicate="Yes" ) total_vul = len(all_findbugs_data) total_high = len(all_findbugs_data.filter(severity="High")) total_medium = len(all_findbugs_data.filter(severity="Medium")) total_low = len(all_findbugs_data.filter(severity="Low")) total_duplicate = len(duplicate_count.filter(vuln_duplicate="Yes")) StaticScansDb.objects.filter(scan_id=scan_id).update( total_vul=total_vul, date_time=date_time, high_vul=total_high, medium_vul=total_medium, low_vul=total_low, total_dup=total_duplicate, scanner="Nodejsscan", ) trend_update() subject = "Archery Tool Scan Status - Nodejsscan Report Uploaded" message = ( "Nodejsscan Scanner has completed the scan " " %s <br> Total: %s <br>High: %s <br>" "Medium: %s <br>Low %s" % ("Nodejsscan", total_vul, total_high, total_medium, total_low) ) email_sch_notify(subject=subject, message=message)
def xml_parser(root, project_id, scan_id): """ ZAP Proxy scanner xml report parser. :param root: :param project_id: :param scan_id: :return: """ date_time = datetime.now() global vul_col, risk, reference, url, solution, instance, alert, desc, riskcode, vuln_id, false_positive, duplicate_hash, duplicate_vuln, scan_url, title for child in root: d = child.attrib scan_url = d["name"] for alert in root.iter("alertitem"): inst = [] for vuln in alert: vuln_id = uuid.uuid4() if vuln.tag == "alert": alert = vuln.text if vuln.tag == "name": title = vuln.text if vuln.tag == "solution": solution = vuln.text if vuln.tag == "reference": reference = vuln.text if vuln.tag == "riskcode": riskcode = vuln.text for instances in vuln: for ii in instances: instance = {} dd = re.sub(r"<[^>]*>", " ", ii.text) instance[ii.tag] = dd inst.append(instance) if vuln.tag == "desc": desc = vuln.text if riskcode == "3": vul_col = "danger" risk = "High" elif riskcode == "2": vul_col = "warning" risk = "Medium" elif riskcode == "1": vul_col = "info" risk = "Low" else: vul_col = "info" risk = "Low" if title == "None": print(title) else: duplicate_hash = check_false_positive(title=title, severity=risk, scan_url=scan_url) match_dup = (WebScanResultsDb.objects.filter( dup_hash=duplicate_hash).values("dup_hash").distinct()) lenth_match = len(match_dup) if lenth_match == 0: duplicate_vuln = "No" vuln_status = "Open" else: duplicate_vuln = "Yes" false_positive = "Duplicate" vuln_status = "Duplicate" data_store = WebScanResultsDb( vuln_id=vuln_id, severity_color=vul_col, scan_id=scan_id, date_time=date_time, project_id=project_id, url=scan_url, title=title, solution=solution, instance=inst, reference=reference, description=desc, severity=risk, false_positive=false_positive, jira_ticket="NA", vuln_status=vuln_status, dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, scanner="Zap", ) data_store.save() false_p = WebScanResultsDb.objects.filter( false_positive_hash=duplicate_hash) fp_lenth_match = len(false_p) if fp_lenth_match == 1: false_positive = "Yes" else: false_positive = "No" zap_all_vul = WebScanResultsDb.objects.filter(scan_id=scan_id, false_positive="No") duplicate_count = WebScanResultsDb.objects.filter(scan_id=scan_id, vuln_duplicate="Yes") total_high = len(zap_all_vul.filter(severity="High")) total_medium = len(zap_all_vul.filter(severity="Medium")) total_low = len(zap_all_vul.filter(severity="Low")) total_info = len(zap_all_vul.filter(severity="Informational")) total_duplicate = len(duplicate_count.filter(vuln_duplicate="Yes")) total_vul = total_high + total_medium + total_low + total_info WebScansDb.objects.filter(scan_id=scan_id).update( total_vul=total_vul, date_time=date_time, high_vul=total_high, medium_vul=total_medium, low_vul=total_low, info_vul=total_info, total_dup=total_duplicate, scan_url=scan_url, ) if total_vul == total_duplicate: WebScansDb.objects.filter(scan_id=scan_id).update( total_vul=total_vul, date_time=date_time, high_vul=total_high, medium_vul=total_medium, low_vul=total_low, total_dup=total_duplicate, ) trend_update() subject = "Archery Tool Scan Status - ZAP Report Uploaded" message = ("ZAP Scanner has completed the scan " " %s <br> Total: %s <br>High: %s <br>" "Medium: %s <br>Low %s" % (scan_url, total_vul, total_high, total_medium, total_low)) email_sch_notify(subject=subject, message=message)
def twistlock_report_json(data, project_id, scan_id, username): """ :param data: :param project_id: :param scan_id: :return: """ """ { "results": [ { "id": "sha256:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx", "distro": "Debian GNU/Linux 9 (stretch)", "compliances": [ { "title": "Sensitive information provided in environment variables", "severity": "high", "cause": "The environment variables DD_CELERY_BROKER_PASSWORD,DD_DATABASE_PASSWORD,DD_SECRET_KEY contain sensitive data" } ], "complianceDistribution": { "critical": 0, "high": 1, "medium": 0, "low": 0, "total": 1 }, "vulnerabilities": [ { "id": "CVE-2013-7459", "cvss": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "description": "Heap-based buffer overflow in the ALGnew function in block_templace.c in Python Cryptography Toolkit (aka pycrypto) allows remote attackers to execute arbitrary code as demonstrated by a crafted iv parameter to cryptmsg.py.", "severity": "critical", "packageName": "pycrypto", "packageVersion": "2.6.1", "link": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7459", "riskFactors": { "Attack complexity: low": {}, "Attack vector: network": {}, "Critical severity": {}, "Remote execution": {} } } ], "vulnerabilityDistribution": { "critical": 1, "high": 0, "medium": 0, "low": 0, "total": 1 } } ] } """ global false_positive date_time = datetime.now() vul_col = '' # Parser for above json data vuln = data['results'][0]['vulnerabilities'] for vuln_data in vuln: try: name = vuln_data['id'] except Exception as e: name = "Not Found" try: cvss = vuln_data['cvss'] except Exception as e: cvss = "Not Found" try: vector = vuln_data['vector'] except Exception as e: vector = "Not Found" try: description = vuln_data['description'] except Exception as e: description = "Not Found" try: severity = vuln_data['severity'] if severity == 'critical': severity = 'High' except Exception as e: severity = "Not Found" try: packageName = vuln_data['packageName'] except Exception as e: packageName = "Not Found" try: packageVersion = vuln_data['packageVersion'] except Exception as e: packageVersion = "Not Found" try: link = vuln_data['link'] except Exception as e: link = "Not Found" if severity == "Critical": severity = 'High' vul_col = "danger" if severity == "High": vul_col = "danger" elif severity == 'Medium': vul_col = "warning" elif severity == 'Low': vul_col = "info" elif severity == 'Unknown': severity = "Low" vul_col = "info" elif severity == 'Everything else': severity = "Low" vul_col = "info" vul_id = uuid.uuid4() dup_data = str(name) + str(severity) + str(packageName) duplicate_hash = hashlib.sha256(dup_data.encode('utf-8')).hexdigest() match_dup = twistlock_scan_results_db.objects.filter( username=username, dup_hash=duplicate_hash).values('dup_hash') lenth_match = len(match_dup) if lenth_match == 0: duplicate_vuln = 'No' false_p = twistlock_scan_results_db.objects.filter( username=username, false_positive_hash=duplicate_hash) fp_lenth_match = len(false_p) if fp_lenth_match == 1: false_positive = 'Yes' else: false_positive = 'No' save_all = twistlock_scan_results_db( vuln_id=vul_id, scan_id=scan_id, date_time=date_time, project_id=project_id, vul_col=vul_col, vuln_status='Open', dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive=false_positive, username=username, name=name, cvss=cvss, description=description, Severity=severity, packageName=packageName, packageVersion=packageVersion, link=link, ) save_all.save() else: duplicate_vuln = 'Yes' save_all = twistlock_scan_results_db( vuln_id=vul_id, scan_id=scan_id, date_time=date_time, project_id=project_id, vul_col=vul_col, vuln_status='Duplicate', dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive='Duplicate', username=username, name=name, cvss=cvss, description=description, Severity=severity, packageName=packageName, packageVersion=packageVersion, link=link, ) save_all.save() all_findbugs_data = twistlock_scan_results_db.objects.filter( username=username, scan_id=scan_id, false_positive='No', vuln_duplicate='No') duplicate_count = twistlock_scan_results_db.objects.filter( username=username, scan_id=scan_id, vuln_duplicate='Yes') total_vul = len(all_findbugs_data) total_high = len(all_findbugs_data.filter(Severity="High")) total_medium = len(all_findbugs_data.filter(Severity="Medium")) total_low = len(all_findbugs_data.filter(Severity="Low")) total_duplicate = len(duplicate_count.filter(vuln_duplicate='Yes')) twistlock_scan_db.objects.filter(scan_id=scan_id).update( username=username, date_time=date_time, total_vul=total_vul, high_vul=total_high, medium_vul=total_medium, low_vul=total_low, total_dup=total_duplicate) trend_update(username=username) subject = 'Archery Tool Scan Status - twistlock Report Uploaded' message = 'twistlock Scanner has completed the scan ' \ ' %s <br> Total: %s <br>High: %s <br>' \ 'Medium: %s <br>Low %s' % (Target, total_vul, total_high, total_medium, total_low) email_sch_notify(subject=subject, message=message)
def xml_parser(root, project_id, scan_id, username): """ :param root: :param project_id: :param scan_id: :return: """ date_time = datetime.now() global name, classname, risk, ShortMessage, LongMessage, sourcepath, vul_col, \ ShortDescription, Details, lenth_match, duplicate_hash, vul_id # print root for bug in root: if bug.tag == 'BugInstance': name = bug.attrib['type'] priority = bug.attrib['priority'] for BugInstance in bug: if BugInstance.tag == 'ShortMessage': global ShortMessage ShortMessage = BugInstance.text if BugInstance.tag == 'LongMessage': global LongMessage LongMessage = BugInstance.text if BugInstance.tag == 'Class': global classname classname = BugInstance.attrib['classname'] if BugInstance.tag == 'SourceLine': global sourcepath, sourcefile sourcepath = BugInstance.attrib['sourcepath'] sourcefile = BugInstance.attrib['sourcefile'] if priority == "1": risk = 'High' vul_col = "danger" elif priority == '2': risk = 'Medium' vul_col = "warning" elif priority == '3': risk = 'Medium' vul_col = "info" vul_id = uuid.uuid4() dup_data = name + classname + risk duplicate_hash = hashlib.sha256(dup_data.encode('utf-8')).hexdigest() match_dup = findbugs_scan_results_db.objects.filter(username=username, dup_hash=duplicate_hash).values('dup_hash') lenth_match = len(match_dup) if lenth_match == 0: duplicate_vuln = 'No' false_p = findbugs_scan_results_db.objects.filter(username=username, false_positive_hash=duplicate_hash) fp_lenth_match = len(false_p) if fp_lenth_match == 1: false_positive = 'Yes' else: false_positive = 'No' save_all = findbugs_scan_results_db( vuln_id=vul_id, date_time=date_time, scan_id=scan_id, project_id=project_id, name=name, priority=priority, ShortMessage=ShortMessage, LongMessage=LongMessage, classname=classname, sourcepath=sourcepath, vul_col=vul_col, vuln_status='Open', dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive=false_positive, risk=risk, username=username ) save_all.save() else: duplicate_vuln = 'Yes' save_all = findbugs_scan_results_db( vuln_id=vul_id, scan_id=scan_id, date_time=date_time, project_id=project_id, name=name, priority=priority, ShortMessage=ShortMessage, LongMessage=LongMessage, classname=classname, sourcepath=sourcepath, vul_col=vul_col, vuln_status='Duplicate', dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive='Duplicate', risk=risk, username=username ) save_all.save() if bug.tag == 'BugPattern': for BugPattern in bug: name = bug.attrib['type'] if BugPattern.tag == 'ShortDescription': ShortDescription = BugPattern.text if BugPattern.tag == 'Details': global Details Details = BugPattern.text findbugs_scan_results_db.objects.filter(username=username, scan_id=scan_id, name=name).update( ShortDescription=ShortDescription, Details=Details, ) all_findbugs_data = findbugs_scan_results_db.objects.filter(username=username, scan_id=scan_id, false_positive='No') duplicate_count = findbugs_scan_results_db.objects.filter(username=username, scan_id=scan_id, vuln_duplicate='Yes') total_vul = len(all_findbugs_data) total_high = len(all_findbugs_data.filter(priority="1")) total_medium = len(all_findbugs_data.filter(priority="2")) total_low = len(all_findbugs_data.filter(priority="3")) total_duplicate = len(duplicate_count.filter(vuln_duplicate='Yes')) findbugs_scan_db.objects.filter(username=username, scan_id=scan_id).update( total_vul=total_vul, date_time=date_time, high_vul=total_high, medium_vul=total_medium, low_vul=total_low, total_dup=total_duplicate ) trend_update(username=username) subject = 'Archery Tool Scan Status - Findbugs Report Uploaded' message = 'Findbugs Scanner has completed the scan ' \ ' %s <br> Total: %s <br>High: %s <br>' \ 'Medium: %s <br>Low %s' % (scan_id, total_vul, total_high, total_medium, total_low) email_sch_notify(subject=subject, message=message)
def checkmarx_report_xml(data, project_id, scan_id): """ :param data: :param project_id: :param scan_id: :return: """ date_time = datetime.now() global vul_col, project, result, result_data, file_name, inst, code_data project = data.attrib["ProjectName"] scan_details = data.attrib for dat in data: query = dat.attrib name = dat.attrib["name"] severity = dat.attrib["Severity"] code_data = [] result_data_all = [] for dd in dat: result_data = dd.attrib file_name = dd.attrib["FileName"] result_data_all.append(dd.attrib) for d in dd.findall(".//Code"): result = d.text instance = {} instance[file_name] = d.text code_data.append(instance) if severity == "High": vul_col = "danger" elif severity == "Medium": vul_col = "warning" elif severity == "Low": vul_col = "info" else: severity = "Low" vul_col = "info" vul_id = uuid.uuid4() dup_data = str(name) + str(severity) + str(file_name) duplicate_hash = hashlib.sha256(dup_data.encode("utf-8")).hexdigest() match_dup = StaticScanResultsDb.objects.filter( dup_hash=duplicate_hash).values("dup_hash") lenth_match = len(match_dup) if lenth_match == 0: duplicate_vuln = "No" false_p = StaticScanResultsDb.objects.filter( false_positive_hash=duplicate_hash) fp_lenth_match = len(false_p) if fp_lenth_match == 1: false_positive = "Yes" else: false_positive = "No" save_all = StaticScanResultsDb( vuln_id=vul_id, scan_id=scan_id, date_time=date_time, project_id=project_id, severity_color=vul_col, vuln_status="Open", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive=false_positive, title=name, severity=severity, description=str(scan_details), fileName=file_name, scanner="Checkmarx", ) save_all.save() else: duplicate_vuln = "Yes" save_all = StaticScanResultsDb( vuln_id=vul_id, scan_id=scan_id, date_time=date_time, project_id=project_id, severity_color=vul_col, vuln_status="Duplicate", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive="Duplicate", title=name, severity=severity, description=str(scan_details), fileName=file_name, scanner="Checkmarx", ) save_all.save() all_findbugs_data = StaticScanResultsDb.objects.filter(scan_id=scan_id, false_positive="No") duplicate_count = StaticScanResultsDb.objects.filter(scan_id=scan_id, vuln_duplicate="Yes") total_high = len(all_findbugs_data.filter(severity="High")) total_medium = len(all_findbugs_data.filter(severity="Medium")) total_low = len(all_findbugs_data.filter(severity="Low")) total_vul = len(all_findbugs_data) total_duplicate = len(duplicate_count.filter(vuln_duplicate="Yes")) StaticScansDb.objects.filter(scan_id=scan_id).update( project_name=project, date_time=date_time, total_vul=total_vul, high_vul=total_high, medium_vul=total_medium, low_vul=total_low, total_dup=total_duplicate, scanner="Checkmarx", ) trend_update() subject = "Archery Tool Scan Status - checkmarx Report Uploaded" message = ("checkmarx Scanner has completed the scan " " %s <br> Total: %s <br>High: %s <br>" "Medium: %s <br>Low %s" % ("checkmarx", total_vul, total_high, total_medium, total_low)) email_sch_notify(subject=subject, message=message)
def burp_scan_data(root, project_id, scan_id): date_time = datetime.now() """ The function parse the burp result as xml data and stored into archery database. :param xml_data: :return: """ global vuln_id, burp_status, vul_col, issue_description, issue_remediation, issue_reference, issue_vulnerability_classifications, vul_col, severity, name, path, host, location, confidence, types, serialNumber, request_datas, response_datas, url for issue in root: for data in issue: vuln_id = uuid.uuid4() if data.tag == "name": global name if data.text is None: name = "NA" else: name = data.text if data.tag == "host": global host if data.text is None: host = "NA" else: host = data.text if data.tag == "path": global path if data.text is None: path = "NA" else: path = data.text if data.tag == "location": global location if data.text is None: location = "NA" else: location = data.text if data.tag == "severity": global severity if data.text is None: severity = "NA" else: severity = data.text if data.tag == "requestresponse": global requestresponse if data.text is None: requestresponse = "NA" else: requestresponse = data.text for d in data: req = d.tag met = d.attrib if req == "request": global request_datas reqst = d.text request_datas = base64.b64decode(reqst) # reqst if req == "response": global response_datas res_dat = d.text response_datas = base64.b64decode(res_dat) # res_dat for key, items in met.items(): global methods if key == "method": methods = items if data.tag == "issueBackground": global issue_description if data.text is None: issue_description = "NA" else: issue_description = data.text if data.tag == "remediationBackground": global issue_remediation if data.text is None: issue_remediation = "NA" else: issue_remediation = data.text if data.tag == "references": global issue_reference if data.text is None: issue_reference = "NA" else: issue_reference = data.text if data.tag == "vulnerabilityClassifications": global issue_vulnerability_classifications if data.text is None: issue_vulnerability_classifications = "NA" else: issue_vulnerability_classifications = data.text details = ( str(issue_description) + str("\n") + str(request_datas) + str("\n\n") + str(response_datas) + str("\n\n") + str("\n\n") + str(issue_description) + str("\n\n") + str(issue_vulnerability_classifications) ) if severity == "High": vul_col = "danger" elif severity == "Medium": vul_col = "warning" elif severity == "Low": vul_col = "info" else: severity = "Low" vul_col = "info" vuln_id = uuid.uuid4() dup_data = name + host + location + details + severity duplicate_hash = hashlib.sha256(dup_data.encode("utf-8")).hexdigest() match_dup = ( WebScanResultsDb.objects.filter(dup_hash=duplicate_hash, scanner="Burp") .values("dup_hash") .distinct() ) lenth_match = len(match_dup) if lenth_match == 0: duplicate_vuln = "No" false_p = WebScanResultsDb.objects.filter( false_positive_hash=duplicate_hash, scanner="Burp" ) fp_lenth_match = len(false_p) global false_positive if fp_lenth_match == 1: false_positive = "Yes" elif lenth_match == 0: false_positive = "No" else: false_positive = "No" url = host + location try: data_dump = WebScanResultsDb( scan_id=scan_id, vuln_id=vuln_id, url=url, title=name, solution=issue_remediation, description=details, reference=issue_reference, project_id=project_id, severity_color=vul_col, severity=severity, date_time=date_time, false_positive=false_positive, vuln_status="Open", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, scanner="Burp", ) data_dump.save() except Exception as e: print(e) else: duplicate_vuln = "Yes" try: data_dump = WebScanResultsDb( scan_id=scan_id, vuln_id=vuln_id, url=url, title=name, solution=issue_remediation, description=issue_description, reference=issue_reference, project_id=project_id, severity_color=vul_col, severity=severity, date_time=date_time, false_positive="Duplicate", vuln_status="Duplicate", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, scanner="Burp", ) data_dump.save() except Exception as e: print(e) burp_all_vul = WebScanResultsDb.objects.filter( scan_id=scan_id, scanner="Burp", false_positive="No" ) duplicate_count = WebScanResultsDb.objects.filter( scan_id=scan_id, scanner="Burp", vuln_duplicate="Yes" ) total_vul = len(burp_all_vul) total_high = len(burp_all_vul.filter(severity="High")) total_medium = len(burp_all_vul.filter(severity="Medium")) total_low = len(burp_all_vul.filter(severity="Low")) total_info = len(burp_all_vul.filter(severity="Information")) total_duplicate = len(duplicate_count.filter(vuln_duplicate="Yes")) WebScansDb.objects.filter(scan_id=scan_id, scanner="Burp").update( scan_url=host, date_time=date_time, total_vul=total_vul, high_vul=total_high, medium_vul=total_medium, low_vul=total_low, info_vul=total_info, total_dup=total_duplicate, ) print(host) trend_update() subject = "Archery Tool Scan Status - Burp Report Uploaded" message = ( "Burp Scanner has completed the scan " " %s <br> Total: %s <br>High: %s <br>" "Medium: %s <br>Low %s" % (host, total_vul, total_high, total_medium, total_low) ) email_sch_notify(subject=subject, message=message) try: email_notification.email_notify() except Exception as e: print(e) HttpResponse(status=201)
def xml_parser(root, project_id, scan_id, username): global url, \ Scheme, \ Host, \ Port, \ AttackMethod, \ VulnerableSession, \ TriggerSession, \ VulnerabilityID, \ Severity, \ Name, \ ReportSection, \ HighlightSelections, \ RawResponse, \ SectionText, \ vuln_id, severity_name, vul_col date_time = datetime.now() for data in root: for issues in data: for issue in issues: if issue.tag == 'URL': url = issue.text if issue.tag == 'Host': Host = issue.text if issue.tag == 'Port': Port = issue.text if issue.tag == 'AttackMethod': AttackMethod = issue.text if issue.tag == 'VulnerableSession': VulnerableSession = issue.text if issue.tag == 'TriggerSession': TriggerSession = issue.text if issue.tag == 'VulnerabilityID': VulnerabilityID = issue.text if issue.tag == 'Severity': Severity = issue.text if issue.tag == 'Name': Name = issue.text if issue.tag == 'ReportSection': ReportSection = issue.text if issue.tag == 'HighlightSelections': HighlightSelections = issue.text if issue.tag == 'RawResponse': RawResponse = issue.text for d_issue in issue: if d_issue.tag == 'SectionText': SectionText = issue.text vuln_id = uuid.uuid4() if Severity == "4": Severity = 'High' vul_col = "danger" elif Severity == "3": Severity = 'High' vul_col = 'danger' elif Severity == "2": Severity = 'Medium' vul_col = "warning" elif Severity == '1': Severity = 'Low' vul_col = "info" else: Severity = 'Low' vul_col = "info" dup_data = Name + url + Severity duplicate_hash = hashlib.sha256( dup_data.encode('utf-8')).hexdigest() match_dup = webinspect_scan_result_db.objects.filter( username=username, dup_hash=duplicate_hash).values('dup_hash').distinct() lenth_match = len(match_dup) if lenth_match == 0: duplicate_vuln = 'No' false_p = webinspect_scan_result_db.objects.filter( username=username, false_positive_hash=duplicate_hash) fp_lenth_match = len(false_p) global false_positive if fp_lenth_match == 1: false_positive = 'Yes' elif lenth_match == 0: false_positive = 'No' else: false_positive = 'No' if Name is None: print(Name) else: dump_data = webinspect_scan_result_db( scan_id=scan_id, vuln_id=vuln_id, vuln_url=url, date_time=date_time, host=Host, port=Port, attackmethod=AttackMethod, vulnerablesession=VulnerableSession, triggerSession=TriggerSession, vulnerabilityID=VulnerabilityID, severity=Severity, name=Name, reportSection=ReportSection, highlightSelections=HighlightSelections, rawResponse=RawResponse, SectionText=SectionText, severity_name=severity_name, vuln_color=vul_col, false_positive=false_positive, vuln_status='Open', dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, project_id=project_id, username=username) dump_data.save() else: duplicate_vuln = 'Yes' dump_data = webinspect_scan_result_db( scan_id=scan_id, vuln_id=vuln_id, vuln_url=url, date_time=date_time, host=Host, port=Port, attackmethod=AttackMethod, vulnerablesession=VulnerableSession, triggerSession=TriggerSession, vulnerabilityID=VulnerabilityID, severity=Severity, name=Name, reportSection=ReportSection, highlightSelections=HighlightSelections, rawResponse=RawResponse, SectionText=SectionText, severity_name=severity_name, vuln_color=vul_col, false_positive='Duplicate', vuln_status='Duplicate', dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, project_id=project_id, username=username) dump_data.save() webinspect_all_vul = webinspect_scan_result_db.objects.filter( username=username, scan_id=scan_id, false_positive='No') duplicate_count = webinspect_scan_result_db.objects.filter( username=username, scan_id=scan_id, vuln_duplicate='Yes') total_critical = len(webinspect_all_vul.filter(severity='Critical')) total_high = len(webinspect_all_vul.filter(severity="High")) total_medium = len(webinspect_all_vul.filter(severity="Medium")) total_low = len(webinspect_all_vul.filter(severity="Low")) total_info = len(webinspect_all_vul.filter(severity="Information")) total_duplicate = len(duplicate_count.filter(vuln_duplicate='Yes')) total_vul = total_critical + total_high + total_medium + total_low + total_info webinspect_scan_db.objects.filter(username=username, scan_id=scan_id).update( total_vul=total_vul, date_time=date_time, high_vul=total_high, medium_vul=total_medium, low_vul=total_low, critical_vul=total_critical, info_vul=total_info, total_dup=total_duplicate) trend_update(username=username) subject = 'Archery Tool Scan Status - Webinspect Report Uploaded' message = 'Webinspect Scanner has completed the scan ' \ ' %s <br> Total: %s <br>High: %s <br>' \ 'Medium: %s <br>Low %s' % (Host, total_vul, total_high, total_medium, total_low) email_sch_notify(subject=subject, message=message)
def twistlock_report_json(data, project_id, scan_id): """ :param data: :param project_id: :param scan_id: :return: """ """ { "results": [ { "id": "sha256:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx", "distro": "Debian GNU/Linux 9 (stretch)", "compliances": [ { "title": "Sensitive information provided in environment variables", "severity": "high", "cause": "The environment variables DD_CELERY_BROKER_PASSWORD,DD_DATABASE_PASSWORD,DD_SECRET_KEY contain sensitive data" } ], "complianceDistribution": { "critical": 0, "high": 1, "medium": 0, "low": 0, "total": 1 }, "vulnerabilities": [ { "id": "CVE-2013-7459", "cvss": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "description": "Heap-based buffer overflow in the ALGnew function in block_templace.c in Python Cryptography Toolkit (aka pycrypto) allows remote attackers to execute arbitrary code as demonstrated by a crafted iv parameter to cryptmsg.py.", "severity": "critical", "packageName": "pycrypto", "packageVersion": "2.6.1", "link": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7459", "riskFactors": { "Attack complexity: low": {}, "Attack vector: network": {}, "Critical severity": {}, "Remote execution": {} } } ], "vulnerabilityDistribution": { "critical": 1, "high": 0, "medium": 0, "low": 0, "total": 1 } } ] } """ global false_positive date_time = datetime.now() vul_col = "" # Parser for above json data vuln = data["results"][0]["vulnerabilities"] for vuln_data in vuln: try: name = vuln_data["id"] except Exception as e: name = "Not Found" try: cvss = vuln_data["cvss"] except Exception as e: cvss = "Not Found" try: vector = vuln_data["vector"] except Exception as e: vector = "Not Found" try: description = vuln_data["description"] except Exception as e: description = "Not Found" try: severity = vuln_data["severity"] if severity == "critical": severity = "High" except Exception as e: severity = "Not Found" try: packageName = vuln_data["packageName"] except Exception as e: packageName = "Not Found" try: packageVersion = vuln_data["packageVersion"] except Exception as e: packageVersion = "Not Found" try: link = vuln_data["link"] except Exception as e: link = "Not Found" if severity == "Critical": severity = "High" vul_col = "danger" if severity == "High": vul_col = "danger" elif severity == "Medium": vul_col = "warning" elif severity == "Low": vul_col = "info" elif severity == "Unknown": severity = "Low" vul_col = "info" elif severity == "Everything else": severity = "Low" vul_col = "info" vul_id = uuid.uuid4() dup_data = str(name) + str(severity) + str(packageName) duplicate_hash = hashlib.sha256(dup_data.encode("utf-8")).hexdigest() match_dup = StaticScanResultsDb.objects.filter( dup_hash=duplicate_hash).values("dup_hash") lenth_match = len(match_dup) if lenth_match == 0: duplicate_vuln = "No" false_p = StaticScanResultsDb.objects.filter( false_positive_hash=duplicate_hash) fp_lenth_match = len(false_p) if fp_lenth_match == 1: false_positive = "Yes" else: false_positive = "No" save_all = StaticScanResultsDb( vuln_id=vul_id, scan_id=scan_id, date_time=date_time, project_id=project_id, severity_color=vul_col, vuln_status="Open", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive=false_positive, title=name, description=str(description) + "\n\n" + str(cvss) + "\n\n" + str(packageVersion), severity=severity, fileName=packageName, references=link, scanner="Twistlock", ) save_all.save() else: duplicate_vuln = "Yes" save_all = StaticScanResultsDb( vuln_id=vul_id, scan_id=scan_id, date_time=date_time, project_id=project_id, severity_color=vul_col, vuln_status="Duplicate", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive="Duplicate", title=name, description=str(description) + "\n\n" + str(cvss) + "\n\n" + str(packageVersion), severity=severity, fileName=packageName, references=link, scanner="Twistlock", ) save_all.save() all_findbugs_data = StaticScanResultsDb.objects.filter(scan_id=scan_id, false_positive="No", vuln_duplicate="No") duplicate_count = StaticScanResultsDb.objects.filter(scan_id=scan_id, vuln_duplicate="Yes") total_vul = len(all_findbugs_data) total_high = len(all_findbugs_data.filter(severity="High")) total_medium = len(all_findbugs_data.filter(severity="Medium")) total_low = len(all_findbugs_data.filter(severity="Low")) total_duplicate = len(duplicate_count.filter(vuln_duplicate="Yes")) StaticScansDb.objects.filter(scan_id=scan_id).update( date_time=date_time, total_vul=total_vul, high_vul=total_high, medium_vul=total_medium, low_vul=total_low, total_dup=total_duplicate, scanner="Twistlock", ) trend_update() subject = "Archery Tool Scan Status - twistlock Report Uploaded" message = ("twistlock Scanner has completed the scan " " %s <br> Total: %s <br>High: %s <br>" "Medium: %s <br>Low %s" % (Target, total_vul, total_high, total_medium, total_low)) email_sch_notify(subject=subject, message=message)
def whitesource_report_json(data, project_id, scan_id): """ :param data: :param project_id: :param scan_id: :return: """ date_time = datetime.now() global vul_col, project vuln = data["vulnerabilities"] for issues in vuln: name = issues["name"] severity = issues["severity"] score = issues["score"] cvss3_severity = issues["cvss3_severity"] cvss3_score = issues["cvss3_score"] publishDate = issues["publishDate"] lastUpdatedDate = issues["lastUpdatedDate"] scoreMetadataVector = issues["scoreMetadataVector"] url = issues["url"] description = issues["description"] project = issues["project"] product = issues["product"] cvss3Attributes = issues["cvss3Attributes"] library = issues["library"] topFix = issues["topFix"] # allFixes = issues['allFixes'] filename = issues["library"]["filename"] sha1 = issues["library"]["sha1"] version = issues["library"]["version"] groupId = issues["library"]["groupId"] if severity == "high": severity = "High" vul_col = "danger" elif severity == "medium": severity = "Medium" vul_col = "warning" elif severity == "low": severity = "Low" vul_col = "info" vul_id = uuid.uuid4() dup_data = str(name) + str(severity) + str(project) duplicate_hash = hashlib.sha256(dup_data.encode("utf-8")).hexdigest() match_dup = StaticScanResultsDb.objects.filter(dup_hash=duplicate_hash).values( "dup_hash" ) lenth_match = len(match_dup) if lenth_match == 0: duplicate_vuln = "No" false_p = StaticScanResultsDb.objects.filter( false_positive_hash=duplicate_hash ) fp_lenth_match = len(false_p) if fp_lenth_match == 1: false_positive = "Yes" else: false_positive = "No" save_all = StaticScanResultsDb( vuln_id=vul_id, scan_id=scan_id, date_time=date_time, project_id=project_id, severity_color=vul_col, vuln_status="Open", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive=false_positive, title=name, severity=severity, references=url, description=str(description) + "\n\n" + str(score) + "\n\n" + str(library) + "\n\n" + str(topFix) + "\n\n", fileName=filename, scanner="Whitesource", ) save_all.save() else: duplicate_vuln = "Yes" save_all = StaticScanResultsDb( vuln_id=vul_id, scan_id=scan_id, date_time=date_time, project_id=project_id, severity_color=vul_col, vuln_status="Duplicate", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive="Duplicate", title=name, severity=severity, references=url, description=str(description) + "\n\n" + str(score) + "\n\n" + str(library) + "\n\n" + str(topFix) + "\n\n", fileName=filename, scanner="Whitesource", ) save_all.save() all_findbugs_data = StaticScanResultsDb.objects.filter( scan_id=scan_id, false_positive="No" ) duplicate_count = StaticScanResultsDb.objects.filter( scan_id=scan_id, vuln_duplicate="Yes" ) total_vul = len(all_findbugs_data) total_high = len(all_findbugs_data.filter(severity="High")) total_medium = len(all_findbugs_data.filter(severity="Medium")) total_low = len(all_findbugs_data.filter(severity="Low")) total_duplicate = len(duplicate_count.filter(vuln_duplicate="Yes")) StaticScansDb.objects.filter(scan_id=scan_id).update( project_name=project, date_time=date_time, total_vul=total_vul, high_vul=total_high, medium_vul=total_medium, low_vul=total_low, total_dup=total_duplicate, scanner="Whitesource", ) trend_update() subject = "Archery Tool Scan Status - whitesource Report Uploaded" message = ( "whitesource Scanner has completed the scan " " %s <br> Total: %s <br>High: %s <br>" "Medium: %s <br>Low %s" % ("whitesource", total_vul, total_high, total_medium, total_low) ) email_sch_notify(subject=subject, message=message)
def debcvescan_report_json(data, project_id, scan_id, username): """ :param data: :param project_id: :param scan_id: :return: """ date_time = datetime.now() vul_col = '' vuln = data['vulnerabilities'] for vuln_data in vuln: try: description = vuln_data['description'] except Exception as e: description = "Not Found" if "DISPUTED" in description: continue try: cve = vuln_data['cve'] except Exception as e: cve = "Not Found" try: severity = vuln_data['severity'] except Exception as e: severity = "Not Found" try: package = vuln_data['package'] except Exception as e: package = "Not Found" try: package_ver = vuln_data['installed_version'] except Exception as e: package_ver = "Not Found" try: fix_ver = vuln_data['fixed_version'] except Exception as e: fix_ver = "Not Found" if severity == 3: severity = "High" vul_col = "danger" elif severity == 2: vul_col = "warning" severity = "Medium" elif severity == 1: vul_col = "info" severity = "Low" else: continue vul_id = uuid.uuid4() dup_data = str(cve) + str(severity) + str(package) duplicate_hash = hashlib.sha256(dup_data.encode('utf-8')).hexdigest() match_dup = debcvescan_scan_results_db.objects.filter( username=username, dup_hash=duplicate_hash).values('dup_hash') lenth_match = len(match_dup) if lenth_match == 0: duplicate_vuln = 'No' false_p = debcvescan_scan_results_db.objects.filter( username=username, false_positive_hash=duplicate_hash) fp_lenth_match = len(false_p) if fp_lenth_match == 1: false_positive = 'Yes' else: false_positive = 'No' save_all = debcvescan_scan_results_db( vuln_id=vul_id, scan_id=scan_id, date_time=date_time, project_id=project_id, description=description, cve=cve, package=package, package_ver=package_ver, fix_ver=fix_ver, Severity=severity, vul_col=vul_col, vuln_status='Open', dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive=false_positive, username=username, ) save_all.save() else: duplicate_vuln = 'Yes' save_all = debcvescan_scan_results_db( vuln_id=vul_id, scan_id=scan_id, date_time=date_time, project_id=project_id, description=description, cve=cve, package=package, package_ver=package_ver, fix_ver=fix_ver, Severity=severity, vul_col=vul_col, vuln_status='Duplicate', dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive='Duplicate', username=username, ) save_all.save() all_findbugs_data = debcvescan_scan_results_db.objects.filter( username=username, scan_id=scan_id, false_positive='No') duplicate_count = debcvescan_scan_results_db.objects.filter( username=username, scan_id=scan_id, vuln_duplicate='Yes') total_vul = len(all_findbugs_data) total_high = len(all_findbugs_data.filter(Severity="High")) total_medium = len(all_findbugs_data.filter(Severity="Medium")) total_low = len(all_findbugs_data.filter(Severity="Low")) total_duplicate = len(duplicate_count.filter(vuln_duplicate='Yes')) debcvescan_scan_db.objects.filter(scan_id=scan_id).update( username=username, total_vul=total_vul, high_vul=total_high, medium_vul=total_medium, low_vul=total_low, total_dup=total_duplicate) trend_update(username=username) subject = 'Archery Tool Scan Status - Debian CVE Scan Report Uploaded' message = 'Debian CVE Scan has completed the scan ' \ ' %s <br> Total: %s <br>High: %s <br>' \ 'Medium: %s <br>Low %s' % (Target, total_vul, total_high, total_medium, total_low) email_sch_notify(subject=subject, message=message)
def nodejsscan_report_json(data, project_id, scan_id, username): """ :param data: :param project_id: :param scan_id: :return: """ date_time = datetime.now() global vul_col, severity for vuln in data['sec_issues']: for vuln_dat in (data['sec_issues'][vuln]): with open( 'scanners/scanner_parser/staticscanner_parser/nodejsscan_vuln.json' ) as f: vuln_name = json.load(f) for v in (vuln_name['vuln']): if v['name'] == vuln_dat['title']: severity = v['severity'] title = vuln_dat['title'] filename = vuln_dat['filename'] path = vuln_dat['path'] sha2 = vuln_dat['sha2'] tag = vuln_dat['tag'] description = vuln_dat['description'] line = vuln_dat['line'] lines = vuln_dat['lines'] if severity == "High": vul_col = "danger" elif severity == 'Medium': vul_col = "warning" elif severity == 'Low': vul_col = "info" vul_id = uuid.uuid4() dup_data = str(title) + str(severity) + str(filename) + str(line) print(dup_data) duplicate_hash = hashlib.sha256( dup_data.encode('utf-8')).hexdigest() print(duplicate_hash) match_dup = nodejsscan_scan_results_db.objects.filter( username=username, dup_hash=duplicate_hash).values('dup_hash') lenth_match = len(match_dup) if lenth_match == 0: duplicate_vuln = 'No' false_p = nodejsscan_scan_results_db.objects.filter( username=username, false_positive_hash=duplicate_hash) fp_lenth_match = len(false_p) if fp_lenth_match == 1: false_positive = 'Yes' else: false_positive = 'No' save_all = nodejsscan_scan_results_db( vuln_id=vul_id, scan_id=scan_id, date_time=date_time, project_id=project_id, vul_col=vul_col, vuln_status='Open', dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive=false_positive, title=title, filename=filename, severity=severity, path=path, sha2=sha2, tag=tag, description=description, line=line, lines=lines, username=username, ) save_all.save() else: duplicate_vuln = 'Yes' save_all = nodejsscan_scan_results_db( vuln_id=vul_id, scan_id=scan_id, date_time=date_time, project_id=project_id, vul_col=vul_col, vuln_status='Duplicate', dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive='Duplicate', title=title, filename=filename, severity=severity, path=path, sha2=sha2, tag=tag, description=description, line=line, lines=lines, username=username, ) save_all.save() all_findbugs_data = nodejsscan_scan_results_db.objects.filter( username=username, scan_id=scan_id, false_positive='No') duplicate_count = nodejsscan_scan_results_db.objects.filter( username=username, scan_id=scan_id, vuln_duplicate='Yes') total_vul = len(all_findbugs_data) total_high = len(all_findbugs_data.filter(severity="High")) total_medium = len(all_findbugs_data.filter(severity="Medium")) total_low = len(all_findbugs_data.filter(severity="Low")) total_duplicate = len(duplicate_count.filter(vuln_duplicate='Yes')) nodejsscan_scan_db.objects.filter(username=username, scan_id=scan_id).update( total_vul=total_vul, date_time=date_time, high_vul=total_high, medium_vul=total_medium, low_vul=total_low, total_dup=total_duplicate) trend_update(username=username) subject = 'Archery Tool Scan Status - Trivy Report Uploaded' message = 'Trivy Scanner has completed the scan ' \ ' %s <br> Total: %s <br>High: %s <br>' \ 'Medium: %s <br>Low %s' % ("Nodejsscan", total_vul, total_high, total_medium, total_low) email_sch_notify(subject=subject, message=message)
def brakeman_report_json(data, project_id, scan_id, username): """ :param data: :param project_id: :param scan_id: :return: """ """ { "scan_info": { "app_path": "/test_app", "rails_version": "4.2.7.1", "security_warnings": 5, "start_time": "2018-10-23 19:32:28 +0300", "end_time": "2018-10-23 19:32:42 +0300", "duration": 3.723474664, "checks_performed": [ "BasicAuth", "BasicAuthTimingAttack", "ContentTag", "CreateWith", "CrossSiteScripting", "DefaultRoutes", "Deserialize", "DetailedExceptions", "DigestDoS", "DynamicFinders", "EscapeFunction", "Evaluation", "Execute", "FileAccess", "FileDisclosure", "FilterSkipping", "ForgerySetting", "HeaderDoS", "I18nXSS", "JRubyXML", "JSONEncoding", "JSONParsing", "LinkTo", "LinkToHref", "MailTo", "MassAssignment", "MimeTypeDoS", "ModelAttrAccessible", "ModelAttributes", "ModelSerialize", "NestedAttributes", "NestedAttributesBypass", "NumberToCurrency", "PermitAttributes", "QuoteTableName", "Redirect", "RegexDoS", "Render", "RenderDoS", "RenderInline", "ResponseSplitting", "RouteDoS", "SQL", "SQLCVEs", "SSLVerify", "SafeBufferManipulation", "SanitizeMethods", "SelectTag", "SelectVulnerability", "Send", "SendFile", "SessionManipulation", "SessionSettings", "SimpleFormat", "SingleQuotes", "SkipBeforeFilter", "StripTags", "SymbolDoSCVE", "TranslateBug", "UnsafeReflection", "ValidationRegex", "WithoutProtection", "XMLDoS", "YAMLParsing" ], "number_of_controllers": 5, "number_of_models": 12, "number_of_templates": 25, "ruby_version": "2.5.1", "brakeman_version": "4.3.1" }, "warnings": [ { "warning_type": "Mass Assignment", "warning_code": 60, "fingerprint": "00a38ca07fd6d6058d0b8664aae5b0ec1e2fd89c59d8d74ee95babab02f6fbdf", "check_name": "ModelAttrAccessible", "message": "Potentially dangerous attribute available for mass assignment", "file": "app/models/test1.rb", "line": null, "link": "https://brakemanscanner.org/docs/warning_types/mass_assignment/", "code": ":test_id", "render_path": null, "location": { "type": "model", "model": "Test1" }, "user_input": null, "confidence": "Weak" }, { "warning_type": "Cross-Site Scripting", "warning_code": 2, "fingerprint": "00ac2b92111049e24c28fa4f315d962c4e81c21a7bb28d7b205c8a32e99f643d", "check_name": "CrossSiteScripting", "message": "Unescaped model attribute", "file": "app/views/test1.html.erb", "line": 88, "link": "https://brakemanscanner.org/docs/warning_types/cross_site_scripting", "code": "Test::Test.find(params[:id]).name(:test)", "render_path": [{"type":"controller","class":"TestController","method":"test_access","line":6,"file":"app/controllers/test1.rb"}], "location": { "type": "template", "template": "test1" }, "user_input": null, "confidence": "High" }, { "warning_type": "SQL Injection", "warning_code": 0, "fingerprint": "0c8be6f7618c44181ab46aa9108a3e3624df7f89146349e4de884f5ae2d35a77", "check_name": "SQL", "message": "Possible SQL injection", "file": "app/models/test2.rb", "line": 260, "link": "https://brakemanscanner.org/docs/warning_types/sql_injection/", "code": "where(\"#{column_name} IS NOT NULL\")", "render_path": null, "location": { "type": "method", "class": "Test", "method": "Test.test_retrieve" }, "user_input": "column_name", "confidence": "Medium" }, { "warning_type": "Dynamic Render Path", "warning_code": 15, "fingerprint": "1c1e1a42a8b8bb0ad2b74bd3b91db2dd48f21062b3fe7e96e45be3ea1faa7c43", "check_name": "Render", "message": "Render path contains parameter value", "file": "app/controllers/test_controller.rb", "line": 5, "link": "https://brakemanscanner.org/docs/warning_types/dynamic_render_path/", "code": "render(action => { :json => (...)})", "render_path": null, "location": { "type": "method", "class": "TestController", "method": "index" }, "user_input": "params[:fields].split(\",\")", "confidence": "Weak" }, { "warning_type": "Attribute Restriction", "warning_code": 19, "fingerprint": "29e2c701f167599ce572ead7c3ff377aac1bc0e71834fe5867f10660e9a42de7", "check_name": "ModelAttributes", "message": "Mass assignment is not restricted using attr_accessible", "file": "app/models/test2.rb", "line": 2, "link": "https://brakemanscanner.org/docs/warning_types/attribute_restriction/", "code": null, "render_path": null, "location": { "type": "method", "model": "Test2::TestParameter" }, "user_input": null, "confidence": "High" } ], "ignored_warnings": [ ], "errors": [ ], "obsolete": [ ] } """ global false_positive date_time = datetime.now() vul_col = '' # Parser for above json data # print(data['warnings']) vuln = data['warnings'] for vuln_data in vuln: try: name = vuln_data['warning_type'] except Exception as e: name = "Not Found" try: warning_code = vuln_data['warning_code'] except Exception as e: warning_code = "Not Found" try: fingerprint = vuln_data['fingerprint'] except Exception as e: fingerprint = "Not Found" try: description = vuln_data['message'] except Exception as e: description = "Not Found" try: check_name = vuln_data['check_name'] except Exception as e: check_name = "Not Found" try: severity = vuln_data['confidence'] if severity == 'Weak': severity = 'Low' except Exception as e: severity = "Not Found" try: file = vuln_data['file'] except Exception as e: file = "Not Found" try: line = vuln_data['line'] except Exception as e: line = "Not Found" try: link = vuln_data['link'] except Exception as e: link = "Not Found" try: code = vuln_data['code'] except Exception as e: code = "Not Found" try: render_path = vuln_data['render_path'] except Exception as e: render_path = "Not Found" if severity == "Critical": severity = 'High' vul_col = "danger" if severity == "High": vul_col = "danger" elif severity == 'Medium': vul_col = "warning" elif severity == 'Low': vul_col = "info" elif severity == 'Unknown': severity = "Low" vul_col = "info" elif severity == 'Everything else': severity = "Low" vul_col = "info" vul_id = uuid.uuid4() dup_data = str(name) + str(severity) + str(file) duplicate_hash = hashlib.sha256(dup_data.encode('utf-8')).hexdigest() match_dup = brakeman_scan_results_db.objects.filter( username=username, dup_hash=duplicate_hash).values('dup_hash') lenth_match = len(match_dup) if lenth_match == 0: duplicate_vuln = 'No' false_p = brakeman_scan_results_db.objects.filter( username=username, false_positive_hash=duplicate_hash) fp_lenth_match = len(false_p) if fp_lenth_match == 1: false_positive = 'Yes' else: false_positive = 'No' save_all = brakeman_scan_results_db( vuln_id=vul_id, scan_id=scan_id, date_time=date_time, project_id=project_id, vul_col=vul_col, vuln_status='Open', dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive=false_positive, username=username, name=name, warning_code=warning_code, description=description, severity=severity, file=file, check_name=check_name, fingerprint=fingerprint, line=line, code=code, render_path=render_path, link=link, ) save_all.save() else: duplicate_vuln = 'Yes' save_all = brakeman_scan_results_db( vuln_id=vul_id, scan_id=scan_id, date_time=date_time, project_id=project_id, vul_col=vul_col, vuln_status='Duplicate', dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive='Duplicate', username=username, name=name, warning_code=warning_code, description=description, severity=severity, file=file, check_name=check_name, fingerprint=fingerprint, line=line, code=code, render_path=render_path, link=link, ) save_all.save() all_findbugs_data = brakeman_scan_results_db.objects.filter( username=username, scan_id=scan_id, false_positive='No', vuln_duplicate='No') duplicate_count = brakeman_scan_results_db.objects.filter( username=username, scan_id=scan_id, vuln_duplicate='Yes') total_vul = len(all_findbugs_data) total_high = len(all_findbugs_data.filter(severity="High")) total_medium = len(all_findbugs_data.filter(severity="Medium")) total_low = len(all_findbugs_data.filter(severity="Low")) total_duplicate = len(duplicate_count.filter(vuln_duplicate='Yes')) brakeman_scan_db.objects.filter(scan_id=scan_id).update( username=username, date_time=date_time, total_vul=total_vul, high_vul=total_high, medium_vul=total_medium, low_vul=total_low, total_dup=total_duplicate) trend_update(username=username) subject = 'Archery Tool Scan Status - brakeman Report Uploaded' message = 'brakeman Scanner has completed the scan ' \ ' %s <br> Total: %s <br>High: %s <br>' \ 'Medium: %s <br>Low %s' % (Target, total_vul, total_high, total_medium, total_low) email_sch_notify(subject=subject, message=message)
def gitlabsast_report_json(data, project_id, scan_id): """ :param data: :param project_id: :param scan_id: :return: """ date_time = datetime.now() vul_col = "" vuln = data["vulnerabilities"] for vuln_data in vuln: try: name = vuln_data["message"] except Exception as e: name = "Not Found" try: description = vuln_data["description"] except Exception as e: description = "Not Found" try: cve = vuln_data["cve"] except Exception as e: cve = "Not Found" try: scanner = vuln_data["scanner"] except Exception as e: scanner = "Not Found" try: location = vuln_data["location"] except Exception as e: location = "Not Found" try: identifiers = vuln_data["identifiers"] except Exception as e: identifiers = "Not Found" try: severity = vuln_data["severity"] except Exception as e: severity = "Not Found" try: file = vuln_data["location"]["file"] except Exception as e: file = "Not Found" if severity == "Critical": severity = "High" vul_col = "danger" if severity == "High": vul_col = "danger" elif severity == "Medium": vul_col = "warning" elif severity == "Low": vul_col = "info" elif severity == "Unknown": severity = "Low" vul_col = "info" elif severity == "Everything else": severity = "Low" vul_col = "info" vul_id = uuid.uuid4() dup_data = str(name) + str(severity) + str(file) duplicate_hash = hashlib.sha256(dup_data.encode("utf-8")).hexdigest() match_dup = StaticScanResultsDb.objects.filter(dup_hash=duplicate_hash).values( "dup_hash" ) lenth_match = len(match_dup) if lenth_match == 0: duplicate_vuln = "No" false_p = StaticScanResultsDb.objects.filter( false_positive_hash=duplicate_hash ) fp_lenth_match = len(false_p) if fp_lenth_match == 1: false_positive = "Yes" else: false_positive = "No" save_all = StaticScanResultsDb( vuln_id=vul_id, scan_id=scan_id, date_time=date_time, project_id=project_id, title=name, description=str(description) + "\n\n" + str(scanner), filePath=location, fileName=file, severity=severity, severity_color=vul_col, vuln_status="Open", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive=false_positive, scanner="Gitlabsast", ) save_all.save() else: duplicate_vuln = "Yes" save_all = StaticScanResultsDb( vuln_id=vul_id, scan_id=scan_id, date_time=date_time, project_id=project_id, title=name, description=description, filePath=location, fileName=file, severity=severity, severity_color=vul_col, vuln_status="Duplicate", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive="Duplicate", scanner="Gitlabsast", ) save_all.save() all_findbugs_data = StaticScanResultsDb.objects.filter( scan_id=scan_id, false_positive="No", vuln_duplicate="No" ) duplicate_count = StaticScanResultsDb.objects.filter( scan_id=scan_id, vuln_duplicate="Yes" ) total_vul = len(all_findbugs_data) total_high = len(all_findbugs_data.filter(severity="High")) total_medium = len(all_findbugs_data.filter(severity="Medium")) total_low = len(all_findbugs_data.filter(severity="Low")) total_duplicate = len(duplicate_count.filter(vuln_duplicate="Yes")) StaticScansDb.objects.filter(scan_id=scan_id).update( date_time=date_time, total_vul=total_vul, high_vul=total_high, medium_vul=total_medium, low_vul=total_low, total_dup=total_duplicate, scanner="Gitlabsast", ) trend_update() subject = "Archery Tool Scan Status - GitLab SAST Report Uploaded" message = ( "GitLab SAST Scanner has completed the scan " " %s <br> Total: %s <br>High: %s <br>" "Medium: %s <br>Low %s" % (Target, total_vul, total_high, total_medium, total_low) ) email_sch_notify(subject=subject, message=message)
def npmaudit_report_json(data, project_id, scan_id): """ :param data: :param project_id: :param scan_id: :return: """ date_time = datetime.now() global vul_col for vuln in data["advisories"]: title = data["advisories"][vuln]["title"] found_by = data["advisories"][vuln]["found_by"] reported_by = data["advisories"][vuln]["reported_by"] module_name = data["advisories"][vuln]["module_name"] cves = data["advisories"][vuln]["cves"] vulnerable_versions = data["advisories"][vuln]["vulnerable_versions"] patched_versions = data["advisories"][vuln]["patched_versions"] overview = data["advisories"][vuln]["overview"] recommendation = data["advisories"][vuln]["recommendation"] references = data["advisories"][vuln]["references"] access = data["advisories"][vuln]["access"] severity = data["advisories"][vuln]["severity"] cwe = data["advisories"][vuln]["cwe"] metadata = data["advisories"][vuln]["metadata"] url = data["advisories"][vuln]["url"] findings = data["advisories"][vuln]["findings"] vuln_versions = {} for find in findings: vuln_versions[find["version"]] = [find["paths"]] if not title: title = "not found" if not found_by: found_by = "not found" if not reported_by: reported_by = "not found" if not module_name: module_name = "not found" if not cves: cves = "not found" if not vulnerable_versions: vulnerable_versions = "not found" if not patched_versions: patched_versions = "not found" if not recommendation: recommendation = "not found" if not overview: overview = "not found" if not references: references = "not found" if not access: access = "not found" if not severity: severity = "not found" if not cwe: cwe = "not found" if not url: url = "not found" if severity == "critical": severity = "High" vul_col = "danger" if severity == "high": severity = "High" vul_col = "danger" elif severity == "moderate": severity = "Medium" vul_col = "warning" elif severity == "low": severity = "Low" vul_col = "info" elif severity == "info": severity = "Low" vul_col = "info" vul_id = uuid.uuid4() dup_data = str(title) + str(severity) + str(module_name) duplicate_hash = hashlib.sha256(dup_data.encode("utf-8")).hexdigest() match_dup = StaticScanResultsDb.objects.filter( dup_hash=duplicate_hash).values("dup_hash") lenth_match = len(match_dup) if lenth_match == 0: duplicate_vuln = "No" false_p = StaticScanResultsDb.objects.filter( false_positive_hash=duplicate_hash) fp_lenth_match = len(false_p) if fp_lenth_match == 1: false_positive = "Yes" else: false_positive = "No" save_all = StaticScanResultsDb( vuln_id=vul_id, date_time=date_time, scan_id=scan_id, project_id=project_id, severity_color=vul_col, vuln_status="Open", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive=false_positive, title=title, description=str(overview) + "\n\n" + str(vuln_versions) + "\n\n" + str(reported_by) + "\n\n" + str(module_name) + "\n\n" + str(cves) + "\n\n" + str(vuln_versions) + "\n\n" + str(patched_versions), solution=recommendation, references=references, severity=severity, scanner="Npmaudit", ) save_all.save() else: duplicate_vuln = "Yes" save_all = StaticScanResultsDb( vuln_id=vul_id, date_time=date_time, scan_id=scan_id, project_id=project_id, severity_color=vul_col, vuln_status="Duplicate", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive="Duplicate", title=title, description=str(overview) + "\n\n" + str(vuln_versions) + "\n\n" + str(reported_by) + "\n\n" + str(module_name) + "\n\n" + str(cves) + "\n\n" + str(vuln_versions) + "\n\n" + str(patched_versions), solution=recommendation, references=references, severity=severity, scanner="Npmaudit", ) save_all.save() all_findbugs_data = StaticScanResultsDb.objects.filter(scan_id=scan_id, false_positive="No") duplicate_count = StaticScanResultsDb.objects.filter(scan_id=scan_id, vuln_duplicate="Yes") total_vul = len(all_findbugs_data) total_high = len(all_findbugs_data.filter(severity="High")) total_medium = len(all_findbugs_data.filter(severity="Medium")) total_low = len(all_findbugs_data.filter(severity="Low")) total_duplicate = len(duplicate_count.filter(vuln_duplicate="Yes")) StaticScansDb.objects.filter(scan_id=scan_id).update( total_vul=total_vul, date_time=date_time, high_vul=total_high, medium_vul=total_medium, low_vul=total_low, total_dup=total_duplicate, scanner="Npmaudit", ) trend_update() subject = "Archery Tool Scan Status - Npmaudit Report Uploaded" message = ("Npmaudit Scanner has completed the scan " " %s <br> Total: %s <br>High: %s <br>" "Medium: %s <br>Low %s" % ("npm-audit", total_vul, total_high, total_medium, total_low)) email_sch_notify(subject=subject, message=message)
def xml_parser(root, project_id, scan_id): global vuln_url, vuln_type, vuln_severity, vuln_certainty, vuln_rawrequest, vuln_rawresponse, vuln_extrainformation, vuln_classification, vuln_id, vul_col, description, impact, actionsToTake, remedy, requiredSkillsForExploitation, externalReferences, remedyReferences, proofOfConcept, proofs, target date_time = datetime.now() for data in root: if data.tag == "target": for url in data: if url.tag == "url": target = url.text for vuln in data: if vuln.tag == "url": vuln_url = vuln.text if vuln.tag == "type": vuln_type = vuln.text if vuln.tag == "severity": if vuln.text == "Important": vuln_severity = "High" else: vuln_severity = vuln.text if vuln.tag == "certainty": vuln_certainty = vuln.text if vuln.tag == "rawrequest": vuln_rawrequest = vuln.text if vuln.tag == "rawresponse": vuln_rawresponse = vuln.text if vuln.tag == "extrainformation": vuln_extrainformation = vuln.text if vuln.tag == "classification": vuln_classification = vuln.text if vuln.tag == "description": description = vuln.text if vuln.tag == "impact": impact = vuln.text if vuln.tag == "actionsToTake": actionsToTake = vuln.text if vuln.tag == "remedy": remedy = vuln.text if vuln.tag == "requiredSkillsForExploitation": requiredSkillsForExploitation = vuln.text if vuln.tag == "externalReferences": externalReferences = vuln.text if vuln.tag == "remedyReferences": remedyReferences = vuln.text if vuln.tag == "proofOfConcept": proofOfConcept = vuln.text if vuln.tag == "proofs": proofs = vuln.text vuln_id = uuid.uuid4() if vuln_severity == "Critical": vuln_severity = "High" vul_col = "danger" elif vuln_severity == "High": vul_col = "danger" elif vuln_severity == "Medium": vul_col = "warning" elif vuln_severity == "Low": vul_col = "info" else: vuln_severity = "Low" vul_col = "info" dup_data = str(vuln_type) + str(vuln_url) + str(vuln_severity) duplicate_hash = hashlib.sha256(dup_data.encode("utf-8")).hexdigest() match_dup = (WebScanResultsDb.objects.filter( dup_hash=duplicate_hash).values("dup_hash").distinct()) lenth_match = len(match_dup) if lenth_match == 0: duplicate_vuln = "No" false_p = WebScanResultsDb.objects.filter( false_positive_hash=duplicate_hash) fp_lenth_match = len(false_p) global false_positive if fp_lenth_match == 1: false_positive = "Yes" elif lenth_match == 0: false_positive = "No" else: false_positive = "No" dump_data = WebScanResultsDb( scan_id=scan_id, project_id=project_id, date_time=date_time, vuln_id=vuln_id, title=vuln_type, url=vuln_url, severity=vuln_severity, false_positive=false_positive, severity_color=vul_col, description=description, solution=str(remedy) + "\n\n" + str(actionsToTake), reference=str(externalReferences) + "\n\n" + str(remedyReferences), vuln_status="Open", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, scanner="Netsparker", ) dump_data.save() else: duplicate_vuln = "Yes" dump_data = WebScanResultsDb( scan_id=scan_id, project_id=project_id, date_time=date_time, vuln_id=vuln_id, url=vuln_url, title=vuln_type, severity=vuln_severity, false_positive="Duplicate", vuln_status="Duplicate", severity_color=vul_col, description=description, solution=remedy + "\n\n" + str(actionsToTake), reference=externalReferences + "\n\n" + str(remedyReferences), dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, scanner="Netsparker", ) dump_data.save() netsparker_all_vul = WebScanResultsDb.objects.filter(scan_id=scan_id, false_positive="No", scanner="Netsparker") duplicate_count = WebScanResultsDb.objects.filter(scan_id=scan_id, vuln_duplicate="Yes", scanner="Netsparker") total_high = len(netsparker_all_vul.filter(severity="High")) total_medium = len(netsparker_all_vul.filter(severity="Medium")) total_low = len(netsparker_all_vul.filter(severity="Low")) total_info = len(netsparker_all_vul.filter(severity="Information")) total_duplicate = len(duplicate_count.filter(vuln_duplicate="Yes")) total_vul = total_high + total_medium + total_low + total_info WebScansDb.objects.filter(scan_id=scan_id).update( total_vul=total_vul, date_time=date_time, high_vul=total_high, medium_vul=total_medium, low_vul=total_low, info_vul=total_info, total_dup=total_duplicate, scan_url=target, scanner="Netsparker", ) trend_update() subject = "Archery Tool Scan Status - Netsparker Report Uploaded" message = ("Netsparker Scanner has completed the scan " " %s <br> Total: %s <br>High: %s <br>" "Medium: %s <br>Low %s" % (target, total_vul, total_high, total_medium, total_low)) email_sch_notify(subject=subject, message=message)
def xml_parser(root, project_id, scan_id, username): global vuln_url, vuln_type, vuln_severity, vuln_certainty, vuln_rawrequest, \ vuln_rawresponse, vuln_extrainformation, vuln_classification, vuln_id, \ vul_col, description, impact, actionsToTake, remedy, requiredSkillsForExploitation, \ externalReferences, remedyReferences, proofOfConcept, proofs date_time = datetime.now() for data in root: if data.tag == "target": for url in data: if url.tag == 'url': target = url.text for vuln in data: if vuln.tag == 'url': vuln_url = vuln.text if vuln.tag == 'type': vuln_type = vuln.text if vuln.tag == 'severity': if vuln.text == 'Important': vuln_severity = 'High' else: vuln_severity = vuln.text if vuln.tag == 'certainty': vuln_certainty = vuln.text if vuln.tag == 'rawrequest': vuln_rawrequest = vuln.text if vuln.tag == 'rawresponse': vuln_rawresponse = vuln.text if vuln.tag == 'extrainformation': vuln_extrainformation = vuln.text if vuln.tag == 'classification': vuln_classification = vuln.text if vuln.tag == 'description': description = vuln.text if vuln.tag == 'impact': impact = vuln.text if vuln.tag == 'actionsToTake': actionsToTake = vuln.text if vuln.tag == 'remedy': remedy = vuln.text if vuln.tag == 'requiredSkillsForExploitation': requiredSkillsForExploitation = vuln.text if vuln.tag == 'externalReferences': externalReferences = vuln.text if vuln.tag == 'remedyReferences': remedyReferences = vuln.text if vuln.tag == 'proofOfConcept': proofOfConcept = vuln.text if vuln.tag == 'proofs': proofs = vuln.text vuln_id = uuid.uuid4() if vuln_severity == "Critical": vuln_severity = "High" vul_col = "danger" elif vuln_severity == "High": vul_col = 'danger' elif vuln_severity == 'Medium': vul_col = "warning" elif vuln_severity == 'Low': vul_col = "info" else: vuln_severity = "Low" vul_col = "info" dup_data = str(vuln_type) + str(vuln_url) + str(vuln_severity) duplicate_hash = hashlib.sha256(dup_data.encode('utf-8')).hexdigest() match_dup = netsparker_scan_result_db.objects.filter(username=username, dup_hash=duplicate_hash).values('dup_hash').distinct() lenth_match = len(match_dup) if lenth_match == 0: duplicate_vuln = 'No' false_p = netsparker_scan_result_db.objects.filter(username=username, false_positive_hash=duplicate_hash) fp_lenth_match = len(false_p) global false_positive if fp_lenth_match == 1: false_positive = 'Yes' elif lenth_match == 0: false_positive = 'No' else: false_positive = 'No' dump_data = netsparker_scan_result_db(scan_id=scan_id, project_id=project_id, date_time=date_time, vuln_id=vuln_id, vuln_url=vuln_url, type=vuln_type, severity=vuln_severity, certainty=vuln_certainty, rawrequest=vuln_rawrequest, rawresponse=vuln_rawresponse, extrainformation=vuln_extrainformation, classification=vuln_classification, false_positive=false_positive, vuln_color=vul_col, description=description, impact=impact, actionsToTake=actionsToTake, remedy=remedy, requiredSkillsForExploitation=requiredSkillsForExploitation, externalReferences=externalReferences, remedyReferences=remedyReferences, proofOfConcept=proofOfConcept, proofs=proofs, vuln_status='Open', dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, username=username ) dump_data.save() else: duplicate_vuln = 'Yes' dump_data = netsparker_scan_result_db(scan_id=scan_id, project_id=project_id, vuln_id=vuln_id, date_time=date_time, vuln_url=vuln_url, type=vuln_type, severity=vuln_severity, certainty=vuln_certainty, rawrequest=vuln_rawrequest, rawresponse=vuln_rawresponse, extrainformation=vuln_extrainformation, classification=vuln_classification, false_positive='Duplicate', vuln_color=vul_col, description=description, impact=impact, actionsToTake=actionsToTake, remedy=remedy, requiredSkillsForExploitation=requiredSkillsForExploitation, externalReferences=externalReferences, remedyReferences=remedyReferences, proofOfConcept=proofOfConcept, proofs=proofs, vuln_status='Duplicate', dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, username=username ) dump_data.save() netsparker_all_vul = netsparker_scan_result_db.objects.filter(username=username, scan_id=scan_id, false_positive='No') duplicate_count = netsparker_scan_result_db.objects.filter(username=username, scan_id=scan_id, vuln_duplicate='Yes') total_critical = len(netsparker_all_vul.filter(severity='Critical')) total_high = len(netsparker_all_vul.filter(severity="High")) total_medium = len(netsparker_all_vul.filter(severity="Medium")) total_low = len(netsparker_all_vul.filter(severity="Low")) total_info = len(netsparker_all_vul.filter(severity="Information")) total_duplicate = len(duplicate_count.filter(vuln_duplicate='Yes')) total_vul = total_critical + total_high + total_medium + total_low + total_info netsparker_scan_db.objects.filter(username=username, scan_id=scan_id).update(total_vul=total_vul, date_time=date_time, high_vul=total_high, medium_vul=total_medium, low_vul=total_low, critical_vul=total_critical, info_vul=total_info, total_dup=total_duplicate, url=target ) if total_vul == total_duplicate: netsparker_scan_db.objects.filter(username=username, scan_id=scan_id).update(total_vul=total_vul, high_vul=total_high, date_time=date_time, medium_vul=total_medium, low_vul=total_low, critical_vul=total_critical, info_vul=total_info, total_dup=total_duplicate, url=target ) trend_update(username=username) subject = 'Archery Tool Scan Status - Netsparker Report Uploaded' message = 'Netsparker Scanner has completed the scan ' \ ' %s <br> Total: %s <br>High: %s <br>' \ 'Medium: %s <br>Low %s' % (target, total_vul, total_high, total_medium, total_low) email_sch_notify(subject=subject, message=message)
def retirejs_report_json(data, project_id, scan_id): """ :param data: :param project_id: :param scan_id: :return: """ date_time = datetime.now() global component, files, severity for f in data: files = f["file"] for components in data: component = components["results"][0]["component"] for versions in data: global version version = versions["results"][0]["version"] for vuln in data: global identifires identifires = vuln["results"][0]["vulnerabilities"][0][ "identifiers"] for key, value in identifires.items(): if key == "CVE": for cve_v in value: global cve cve = cve_v if key == "issue": global issue issue = value if key == "bug": global bug bug = value if key == "summary": global summary summary = value for infos in data: global info info = infos["results"][0]["vulnerabilities"][0]["info"] for severities in data: global severity severity = severities["results"][0]["vulnerabilities"][0][ "severity"] date_time = datetime.now() vul_id = uuid.uuid4() global vul_col if severity == "HIGH": vul_col = "danger" elif severity == "MEDIUM": vul_col = "warning" elif severity == "LOW": vul_col = "info" dup_data = files + component + severity duplicate_hash = hashlib.sha256(dup_data.encode("utf-8")).hexdigest() match_dup = (StaticScanResultsDb.objects.filter( dup_hash=duplicate_hash).values("dup_hash").distinct()) lenth_match = len(match_dup) if lenth_match == 1: duplicate_vuln = "Yes" elif lenth_match == 0: duplicate_vuln = "No" else: duplicate_vuln = "None" false_p = StaticScanResultsDb.objects.filter( false_positive_hash=duplicate_hash) fp_lenth_match = len(false_p) if fp_lenth_match == 1: false_positive = "Yes" else: false_positive = "No" save_all = StaticScanResultsDb( scan_id=scan_id, date_time=date_time, scan_date=date_time, project_id=project_id, vuln_id=vul_id, fileName=files, # component=component, # CVE=cve, title=issue, # bug=bug, description=summary, # info=info, severity=severity, # false_positive=false_positive, vuln_status="Open", # dup_hash=duplicate_hash, # vuln_duplicate=duplicate_vuln, # version=version, scanner="Retirejs", ) save_all.save() trend_update()
def gitlabsast_report_json(data, project_id, scan_id, username): """ :param data: :param project_id: :param scan_id: :return: """ date_time = datetime.now() vul_col = '' vuln = data['vulnerabilities'] for vuln_data in vuln: try: name = vuln_data['name'] except Exception as e: name = "Not Found" try: message = vuln_data['message'] except Exception as e: message = "Not Found" try: description = vuln_data['description'] except Exception as e: description = "Not Found" try: cve = vuln_data['cve'] except Exception as e: cve = "Not Found" try: scanner = vuln_data['scanner'] except Exception as e: scanner = "Not Found" try: location = vuln_data['location'] except Exception as e: location = "Not Found" try: identifiers = vuln_data['identifiers'] except Exception as e: identifiers = "Not Found" try: severity = vuln_data['severity'] except Exception as e: severity = "Not Found" try: file = vuln_data['location']['file'] except Exception as e: file = "Not Found" if severity == "Critical": severity = 'High' vul_col = "danger" if severity == "High": vul_col = "danger" elif severity == 'Medium': vul_col = "warning" elif severity == 'Low': vul_col = "info" elif severity == 'Unknown': severity = "Low" vul_col = "info" elif severity == 'Everything else': severity = "Low" vul_col = "info" vul_id = uuid.uuid4() dup_data = str(message) + str(severity) + str(file) duplicate_hash = hashlib.sha256(dup_data.encode('utf-8')).hexdigest() match_dup = gitlabsast_scan_results_db.objects.filter( username=username, dup_hash=duplicate_hash).values('dup_hash') lenth_match = len(match_dup) if lenth_match == 0: duplicate_vuln = 'No' false_p = gitlabsast_scan_results_db.objects.filter( username=username, false_positive_hash=duplicate_hash) fp_lenth_match = len(false_p) if fp_lenth_match == 1: false_positive = 'Yes' else: false_positive = 'No' save_all = gitlabsast_scan_results_db( vuln_id=vul_id, scan_id=scan_id, date_time=date_time, project_id=project_id, name=name, message=message, description=description, cve=cve, gl_scanner=scanner, location=location, file=file, Severity=severity, identifiers=identifiers, vul_col=vul_col, vuln_status='Open', dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive=false_positive, username=username, ) save_all.save() else: duplicate_vuln = 'Yes' save_all = gitlabsast_scan_results_db( vuln_id=vul_id, scan_id=scan_id, project_id=project_id, date_time=date_time, name=name, message=message, description=description, cve=cve, gl_scanner=scanner, location=location, file=file, Severity=severity, identifiers=identifiers, vul_col=vul_col, vuln_status='Duplicate', dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive='Duplicate', username=username, ) save_all.save() all_findbugs_data = gitlabsast_scan_results_db.objects.filter( username=username, scan_id=scan_id, false_positive='No', vuln_duplicate='No') duplicate_count = gitlabsast_scan_results_db.objects.filter( username=username, scan_id=scan_id, vuln_duplicate='Yes') total_vul = len(all_findbugs_data) total_high = len(all_findbugs_data.filter(Severity="High")) total_medium = len(all_findbugs_data.filter(Severity="Medium")) total_low = len(all_findbugs_data.filter(Severity="Low")) total_duplicate = len(duplicate_count.filter(vuln_duplicate='Yes')) gitlabsast_scan_db.objects.filter(scan_id=scan_id).update( username=username, date_time=date_time, total_vul=total_vul, high_vul=total_high, medium_vul=total_medium, low_vul=total_low, total_dup=total_duplicate) trend_update(username=username) subject = 'Archery Tool Scan Status - GitLab SAST Report Uploaded' message = 'GitLab SAST Scanner has completed the scan ' \ ' %s <br> Total: %s <br>High: %s <br>' \ 'Medium: %s <br>Low %s' % (Target, total_vul, total_high, total_medium, total_low) email_sch_notify(subject=subject, message=message)
def xml_parser(root, project_id, scan_id): """ :param root: :param project_id: :param scan_id: :return: """ date_time = datetime.now() global ScanName, ScanShortName, ScanStartURL, ScanStartTime, ScanFinishTime, ScanScanTime, ScanAborted, ScanResponsive, ScanResponsive, ScanBanner, ScanOs, ScanWebServer, ScanTechnologies, ScanCrawler, ScanReportItems, VulnName, VulnModuleName, VulnDetails, VulnAffects, VulnParameter, VulnAOP_SourceFile, VulnAOP_SourceLine, VulnAOP_Additional, VulnIsFalsePositive, VulnSeverity, VulnType, VulnImpact, VulnDescription, VulnDetailedInformation, VulnRecommendation, VulnTechnicalDetails, VulnCWEList, VulnCVEList, VulnCVSS, VulnCVSS3, VulnReferences, vul_col, risk, UriName, VulnUrl, FullURL for scan in root: for reports in scan: if reports.tag == "Name": ScanName = reports.text if reports.tag == "ShortName": ScanShortName = reports.text if reports.tag == "StartURL": ScanStartURL = reports.text if reports.tag == "StartTime": ScanStartTime = reports.text if reports.tag == "FinishTime": ScanFinishTime = reports.text if reports.tag == "ScanTime": ScanScanTime = reports.text if reports.tag == "Aborted": ScanAborted = reports.text if reports.tag == "Responsive": ScanResponsive = reports.text if reports.tag == "Banner": ScanBanner = reports.text if reports.tag == "Os": ScanOs = reports.text if reports.tag == "WebServer": ScanWebServer = reports.text if reports.tag == "Technologies": ScanTechnologies = reports.text if reports.tag == "Crawler": ScanCrawler = reports.text if reports.tag == "ReportItems": ScanReportItems = reports.text if reports.tag == "ReportItems": ScanReportItems = reports.text for report_item in reports: for ReportItem in report_item: # print ReportItem # print(ReportItem.tag) if ReportItem.tag == "Name": VulnName = ReportItem.text if ReportItem.tag == "ModuleName": VulnModuleName = ReportItem.text if ReportItem.tag == "Details": VulnDetails = ReportItem.text if ReportItem.tag == "Affects": VulnAffects = ScanStartURL + ReportItem.text if ReportItem.tag == "Parameter": VulnParameter = ReportItem.text if ReportItem.tag == "AOP_SourceFile": VulnAOP_SourceFile = ReportItem.text if ReportItem.tag == "AOP_SourceLine": VulnAOP_SourceLine = ReportItem.text if ReportItem.tag == "AOP_Additional": VulnAOP_Additional = ReportItem.text if ReportItem.tag == "IsFalsePositive": VulnIsFalsePositive = ReportItem.text if ReportItem.tag == "Severity": VulnSeverity = ReportItem.text if ReportItem.tag == "Type": VulnType = ReportItem.text if ReportItem.tag == "Impact": VulnImpact = ReportItem.text if ReportItem.tag == "Description": VulnDescription = ReportItem.text if ReportItem.tag == "DetailedInformation": VulnDetailedInformation = ReportItem.text if ReportItem.tag == "Recommendation": VulnRecommendation = ReportItem.text if ReportItem.tag == "TechnicalDetails": VulnTechnicalDetails = ReportItem.text if ReportItem.tag == "CWEList": VulnCWEList = ReportItem.text if ReportItem.tag == "CVEList": VulnCVEList = ReportItem.text if ReportItem.tag == "CVSS": VulnCVSS = ReportItem.text if ReportItem.tag == "CVSS3": VulnCVSS3 = ReportItem.text if ReportItem.tag == "References": VulnReferences = ReportItem.text if VulnSeverity == "high": vul_col = "danger" risk = "High" elif VulnSeverity == "medium": vul_col = "warning" risk = "Medium" elif VulnSeverity == "low": vul_col = "info" risk = "Low" else: vul_col = "info" risk = "Low" if VulnName is None: print(VulnName) else: for c_url in root.findall(".//SiteFile"): for vuln_url in c_url: if vuln_url.tag == "Name": UriName = vuln_url.text if vuln_url.tag == "URL": VulnUrl = vuln_url.text if vuln_url.tag == "FullURL": FullURL = vuln_url.text vuln_id = uuid.uuid4() dup_data = VulnName + FullURL + risk duplicate_hash = hashlib.sha256( dup_data.encode("utf-8")).hexdigest() match_dup = (WebScanResultsDb.objects.filter( dup_hash=duplicate_hash).values("dup_hash").distinct()) lenth_match = len(match_dup) if lenth_match == 0: duplicate_vuln = "No" false_p = WebScanResultsDb.objects.filter( false_positive_hash=duplicate_hash) fp_lenth_match = len(false_p) if fp_lenth_match == 1: false_positive = "Yes" else: false_positive = "No" dump_data = WebScanResultsDb( vuln_id=vuln_id, scan_id=scan_id, url=FullURL, title=VulnName, description=str(VulnDescription) + str(VulnDetails) + str(VulnTechnicalDetails), instance=str(VulnParameter) + str(VulnAffects), reference=VulnReferences, project_id=project_id, severity_color=vul_col, severity=risk, date_time=date_time, false_positive=false_positive, vuln_status="Open", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, scanner="Acunetix", ) dump_data.save() else: duplicate_vuln = "Yes" dump_data = WebScanResultsDb( vuln_id=vuln_id, scan_id=scan_id, url=VulnUrl, title=VulnName, description=str(VulnDescription) + str(VulnDetails) + str(VulnTechnicalDetails), instance=str(VulnParameter) + str(VulnAffects), reference=VulnReferences, project_id=project_id, severity_color=vul_col, severity=risk, date_time=date_time, false_positive="Duplicate", vuln_status="Duplicate", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, scanner="Acunetix", ) dump_data.save() acunetix_all_vul = WebScanResultsDb.objects.filter(scan_id=scan_id, false_positive="No") duplicate_count = WebScanResultsDb.objects.filter(scan_id=scan_id, vuln_duplicate="Yes") total_high = len(acunetix_all_vul.filter(severity="High")) total_medium = len(acunetix_all_vul.filter(severity="Medium")) total_low = len(acunetix_all_vul.filter(severity="Low")) total_info = len(acunetix_all_vul.filter(severity="Informational")) total_duplicate = len(duplicate_count.filter(severity="Yes")) total_vul = total_high + total_medium + total_low + total_info # cal_total_vuln = total_high + total_medium + total_low + total_info WebScansDb.objects.filter(scan_id=scan_id).update( total_vul=total_vul, date_time=date_time, high_vul=total_high, medium_vul=total_medium, low_vul=total_low, info_vul=total_info, total_dup=total_duplicate, scan_url=ScanStartURL, ) trend_update() subject = "Archery Tool Scan Status - Acunetix Report Uploaded" message = ("Acunetix Scanner has completed the scan " " %s <br> Total: %s <br>High: %s <br>" "Medium: %s <br>Low %s" % (ScanStartURL, total_vul, total_high, total_medium, total_low)) email_sch_notify(subject=subject, message=message)
def bandit_report_json(data, project_id, scan_id): """ :param data: :param project_id: :param scan_id: :return: """ global vul_col, issue_severity, test_name, filename, line_number, code, issue_confidence, line_range, test_id, issue_text, more_info, total_vul, total_high, total_medium, total_low for key, items in data.items(): if key == "results": for res in items: for key, value in res.items(): if key == "line_number": global line_number if value is None: line_number = "NA" else: line_number = value if key == "code": global code if value is None: code = "NA" else: code = value if key == "issue_confidence": global issue_confidence if value is None: issue_confidence = "NA" else: issue_confidence = value if key == "line_range": global line_range if value is None: line_range = "NA" else: line_range = value if key == "test_id": global test_id if value is None: test_id = "NA" else: test_id = value if key == "issue_severity": global issue_severity if value is None: issue_severity = "NA" else: issue_severity = value if key == "issue_text": global issue_text if value is None: issue_text = "NA" else: issue_text = value if key == "test_name": global test_name if value is None: test_name = "NA" else: test_name = value if key == "filename": global filename if value is None: filename = "NA" else: filename = value if key == "more_info": global more_info if value is None: more_info = "NA" else: more_info = value date_time = datetime.now() vul_id = uuid.uuid4() if issue_severity == "HIGH": vul_col = "danger" issue_severity = "High" elif issue_severity == "MEDIUM": vul_col = "warning" issue_severity = "Medium" elif issue_severity == "LOW": vul_col = "info" issue_severity = "Low" dup_data = test_name + filename + issue_severity duplicate_hash = hashlib.sha256( dup_data.encode("utf-8")).hexdigest() match_dup = (StaticScanResultsDb.objects.filter( dup_hash=duplicate_hash).values("dup_hash").distinct()) lenth_match = len(match_dup) if lenth_match == 0: duplicate_vuln = "No" false_p = StaticScanResultsDb.objects.filter( false_positive_hash=duplicate_hash) fp_lenth_match = len(false_p) if fp_lenth_match == 1: false_positive = "Yes" else: false_positive = "No" save_all = StaticScanResultsDb( scan_id=scan_id, date_time=date_time, project_id=project_id, vuln_id=vul_id, severity=issue_severity, title=test_name, fileName=filename, description=str(issue_text) + "\n\n" + str(code) + "\n\n" + str(line_range), references=more_info, severity_color=vul_col, false_positive=false_positive, vuln_status="Open", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, scanner="Bandit", ) save_all.save() else: duplicate_vuln = "Yes" save_all = StaticScanResultsDb( scan_id=scan_id, date_time=date_time, project_id=project_id, vuln_id=vul_id, severity=issue_severity, title=test_name, fileName=filename, description=str(issue_text) + "\n\n" + str(code) + "\n\n" + str(line_range), references=more_info, severity_color=vul_col, false_positive="Duplicate", vuln_status="Duplicate", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, scanner="Bandit", ) save_all.save() all_bandit_data = StaticScanResultsDb.objects.filter( scan_id=scan_id, false_positive="No") duplicate_count = StaticScanResultsDb.objects.filter( scan_id=scan_id, vuln_duplicate="Yes") total_vul = len(all_bandit_data) total_high = len(all_bandit_data.filter(severity="High")) total_medium = len(all_bandit_data.filter(severity="Medium")) total_low = len(all_bandit_data.filter(severity="Low")) total_duplicate = len(duplicate_count.filter(vuln_duplicate="Yes")) StaticScansDb.objects.filter(scan_id=scan_id).update( total_vul=total_vul, high_vul=total_high, medium_vul=total_medium, low_vul=total_low, total_dup=total_duplicate, ) trend_update() subject = "Archery Tool Scan Status - Bandit Report Uploaded" message = ("Bandit Scanner has completed the scan " " %s <br> Total: %s <br>High: %s <br>" "Medium: %s <br>Low %s" % (scan_id, total_vul, total_high, total_medium, total_low)) email_sch_notify(subject=subject, message=message)
def xml_parser(root, project_id, scan_id, username, target_url): date_time = datetime.now() global name, description, remedy_guidance, remedy_code, severity, check, digest, references, \ vector, remarks, page, signature, \ proof, trusted, platform_type, platform_name, url, action, \ body, vuln_id, vul_col, ref_key, ref_values, vector_input_key, vector_input_values, vector_source_key, vector_source_values, page_body_data, request_url, request_method, request_raw, response_ip, response_raw_headers for issue in root: for data in issue: if data.tag == "issue": for vuln in data: vuln_id = uuid.uuid4() if vuln.tag == "name": if vuln.text is None: name = "NA" else: name = vuln.text if vuln.tag == "description": if vuln.text is None: description = "NA" else: description = vuln.text if vuln.tag == "remedy_guidance": if vuln.text is None: remedy_guidance = "NA" else: remedy_guidance = vuln.text if vuln.tag == "severity": if vuln.text is None: severity = "NA" else: severity = vuln.text if vuln.tag == "references": for ref_vuln in vuln: dat = ref_vuln.attrib for key, values in dat.items(): if key is None: ref_key = "NA" else: ref_key = key if values is None: ref_values = "NA" else: ref_values = values if vuln.tag == "vector": for vec_vuln in vuln: if vec_vuln.tag == 'inputs': for vec_input in vec_vuln: dat = vec_input.attrib for key, values in dat.items(): if key is None: vector_input_key = "NA" else: vector_input_key = key if values is None: vector_input_values = "NA" else: vector_input_values = values if vec_vuln.tag == 'source': for vec_source in vec_vuln: source_dat = vec_source.attrib for key, values in source_dat.items(): if key is None: vector_source_key = "NA" else: vector_source_key = key if values in None: vector_source_values = "NA" else: vector_source_values = values if vuln.tag == "page": for page_body in vuln: if page_body.tag == "body": page_body_dat = page_body.text if page_body_dat is None: page_body_data = "NA" else: page_body_data = page_body_dat for req in vuln: if req.tag == 'request': for req_dat in req: if req_dat.tag == 'url': req_url = req_dat.text if req_url is None: request_url = "NA" else: request_url = req_url if req_dat.tag == 'method': req_method = req_dat.text if req_method is None: request_method = "NA" else: request_method = req_method if req_dat.tag == 'raw': if req_dat.text is None: request_raw = "NA" else: request_raw = req_dat.text if req.tag == 'response': for res_dat in req: if res_dat.tag == 'ip_address': res_ip = res_dat.text if res_ip is None: response_ip = "NA" else: response_ip = res_dat.text if res_dat.tag == 'raw_headers': res_raw_headers = res_dat.text if res_raw_headers is None: response_raw_headers = "NA" else: response_raw_headers = res_dat.text if vuln.tag == "proof": proof = vuln.text if vuln.text is None: proof = "NA" else: proof = vuln.text if severity == "high": vul_col = "danger" severity = "High" elif severity == 'medium': vul_col = "warning" severity = "Medium" elif severity == 'low': severity = "Low" vul_col = "info" else: severity = "Low" vul_col = "info" for extra_data in vuln: for extra_vuln in extra_data: if extra_vuln.tag == "url": if extra_vuln.text is None: url = "NA" else: url = extra_vuln.text if extra_vuln.tag == "action": if extra_vuln.text is None: action = "NA" else: action = extra_vuln.text if extra_vuln.tag == "body": if extra_vuln.text is None: body = "NA" else: body = extra_vuln.text dup_data = name + url + severity duplicate_hash = hashlib.sha256( dup_data.encode('utf-8')).hexdigest() match_dup = arachni_scan_result_db.objects.filter( username=username, dup_hash=duplicate_hash).values('dup_hash').distinct() lenth_match = len(match_dup) if lenth_match == 0: duplicate_vuln = 'No' false_p = arachni_scan_result_db.objects.filter( username=username, false_positive_hash=duplicate_hash) fp_lenth_match = len(false_p) global false_positive if fp_lenth_match == 1: false_positive = 'Yes' elif fp_lenth_match == 0: false_positive = 'No' else: false_positive = "No" dump_data = arachni_scan_result_db( vuln_id=vuln_id, scan_id=scan_id, date_time=date_time, vuln_color=vul_col, project_id=project_id, name=name, description=description, remedy_guidance=remedy_guidance, severity=severity, proof=proof, url=url, action=action, body=body, ref_key=ref_key, ref_value=ref_values, vector_input_values=vector_input_values, vector_source_key=vector_source_key, vector_source_values=vector_source_values, page_body_data=page_body_data, request_url=request_url, request_method=request_method, request_raw=request_raw, response_ip=response_ip, response_raw_headers=response_raw_headers, vector_input_key=vector_input_key, false_positive=false_positive, vuln_status='Open', dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, username=username) dump_data.save() else: duplicate_vuln = 'Yes' dump_data = arachni_scan_result_db( vuln_id=vuln_id, scan_id=scan_id, date_time=date_time, vuln_color=vul_col, project_id=project_id, name=name, description=description, remedy_guidance=remedy_guidance, severity=severity, proof=proof, url=url, action=action, body=body, ref_key=ref_key, ref_value=ref_values, vector_input_values=vector_input_values, vector_source_key=vector_source_key, vector_source_values=vector_source_values, page_body_data=page_body_data, request_url=request_url, request_method=request_method, request_raw=request_raw, response_ip=response_ip, response_raw_headers=response_raw_headers, vector_input_key=vector_input_key, false_positive='Duplicate', vuln_status='Duplicate', dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, username=username) dump_data.save() arachni_all_vul = arachni_scan_result_db.objects.filter( username=username, scan_id=scan_id, false_positive='No') duplicate_count = arachni_scan_result_db.objects.filter( username=username, scan_id=scan_id, vuln_duplicate='Yes') total_high = len(arachni_all_vul.filter(severity="High")) total_medium = len(arachni_all_vul.filter(severity="Medium")) total_low = len(arachni_all_vul.filter(severity="Low")) total_info = len(arachni_all_vul.filter(severity="Informational")) total_duplicate = len(duplicate_count.filter(vuln_duplicate='Yes')) total_vul = total_high + total_medium + total_low + total_info arachni_scan_db.objects.filter(scan_id=scan_id, username=username).update( url=target_url, total_vul=total_vul, date_time=date_time, high_vul=total_high, medium_vul=total_medium, low_vul=total_low, info_vul=total_info, total_dup=total_duplicate, ) trend_update(username=username) subject = 'Archery Tool Scan Status - Arachni Report Uploaded' message = 'Arachni Scanner has completed the scan ' \ ' %s <br> Total: %s <br>High: %s <br>' \ 'Medium: %s <br>Low %s' % (url, total_vul, total_high, total_medium, total_low) email_sch_notify(subject=subject, message=message)