def execute(self):
""" Run the scanner """
# Prepare parameters
target_url = url.parse_url(self.config.get("target"))
nikto_parameters = shlex.split(self.config.get("nikto_parameters", ""))
# Make temporary files
output_file_fd, output_file = tempfile.mkstemp()
log.debug("Output file: %s", output_file)
os.close(output_file_fd)
# Prepare -Save option if needed
save_findings = list()
if self.config.get("save_intermediates_to", None):
base = os.path.join(self.config.get("save_intermediates_to"), __name__.split(".")[-2])
try:
os.makedirs(base, mode=0o755, exist_ok=True)
save_findings.append("-Save")
save_findings.append(base)
except:
pass
# Run scanner
task = subprocess.run(["perl", "nikto.pl"] + nikto_parameters + [
"-h", target_url.hostname, "-p", url.get_port(target_url),
"-Format", "xml", "-output", output_file
] + save_findings, cwd="/opt/nikto/program", stdout=subprocess.PIPE, stderr=subprocess.PIPE)
log.log_subprocess_result(task)
# Parse findings
parse_findings(output_file, self)
# Save intermediates
self.save_intermediates(output_file, task)
# Remove temporary files
os.remove(output_file)
def execute(self):
""" Run the scanner """
# Discover open ports
include_ports = list()
if self.config.get("include_ports", "0-65535"):
include_ports.append(
f'-p{self.config.get("include_ports", "0-65535")}')
exclude_ports = list()
if self.config.get("exclude_ports", None):
exclude_ports.append("--exclude-ports")
exclude_ports.append(f'{self.config.get("exclude_ports")}')
target_url = url.parse_url(self.config.get("target"))
task = subprocess.run(
["nmap", "-PN"] + include_ports + exclude_ports + [
"--min-rate", "1000", "--max-retries", "0",
"--max-rtt-timeout", "200ms", target_url.hostname
],
stdout=subprocess.PIPE,
stderr=subprocess.PIPE)
log.log_subprocess_result(task)
# Use discovered ports
ports = list()
tcp_ports = ""
udp_ports = ""
for each in re.findall(r'([0-9]*/[tcp|udp])', str(task.stdout)):
if "/t" in each:
tcp_ports += f'{each.replace("/t", "")},'
elif "/u" in each:
udp_ports += f'{each.replace("/u", "")},'
if tcp_ports:
ports.append(f"-pT:{tcp_ports[:-1]}")
if udp_ports:
ports.append(f"-pU:{udp_ports[:-1]}")
if not ports:
log.warning("No open ports found. Exiting")
return
# Make temporary files
output_file_fd, output_file = tempfile.mkstemp()
log.debug("Output file: %s", output_file)
os.close(output_file_fd)
# Scan target
nmap_parameters = shlex.split(
self.config.get("nmap_parameters", "-v -sVA"))
nse_scripts = self.config.get(
"nse_scripts",
"ssl-date,http-mobileversion-checker,http-robots.txt,http-title,http-waf-detect,"
"http-chrono,http-headers,http-comments-displayer,http-date")
task = subprocess.run(["nmap"] + nmap_parameters + ports + [
"--min-rate", "1000", "--max-retries", "0",
f'--script={nse_scripts}', target_url.hostname, "-oX", output_file
],
stdout=subprocess.PIPE,
stderr=subprocess.PIPE)
log.log_subprocess_result(task)
# Parse findings
parse_findings(output_file, self)
# Save intermediates
self.save_intermediates(output_file, task)
# Remove temporary files
os.remove(output_file)
def execute(self):
""" Run the scanner """
task = subprocess.run(["npm", "audit", "--json"],
cwd=self.config.get("code"),
stdout=subprocess.PIPE,
stderr=subprocess.PIPE)
log.log_subprocess_result(task)
parse_findings(task.stdout.decode("utf-8", errors="ignore"), self)
# Save intermediates
self.save_intermediates(task.stdout)
def execute(self):
""" Run the scanner """
task = subprocess.run([
"aem-wrapper.sh", "-u",
self.config.get("target"), "--host",
self.config.get("scanner_host", "127.0.0.1"), "--port",
self.config.get("scanner_port", "4444")
],
stdout=subprocess.PIPE,
stderr=subprocess.PIPE)
log.log_subprocess_result(task)
parse_findings(task.stdout.decode("utf-8", errors="ignore"), self)
# Save intermediates
self.save_intermediates(task.stdout)
def execute(self):
""" Run the scanner """
# Make temporary directory
output_dir = tempfile.mkdtemp()
log.debug("Output directory: %s", output_dir)
# Run task
task = subprocess.run([
"insider", "-force", "-no-html",
"-target", self.config.get("code"), "-tech", self.config.get("tech")
], cwd=output_dir, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
log.log_subprocess_result(task)
output_file = os.path.join(output_dir, os.listdir(output_dir)[0])
parse_findings(output_file, self)
# Save intermediates
self.save_intermediates(output_file, task)
def execute(self):
""" Run the scanner """
# Make temporary directory
output_dir = tempfile.mkdtemp()
log.debug("Output directory: %s", output_dir)
output_file = os.path.join(output_dir, "retirejs.json")
# Run task
task = subprocess.run([
"retire", f"--jspath={self.config.get('code')}", "--outputformat=json",
f"--outputpath={output_file}", "--includemeta", "--exitwith=0"
], cwd=output_dir, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
log.log_subprocess_result(task)
parse_findings(output_file, self)
# Save intermediates
self.save_intermediates(output_file, task)
def execute(self):
""" Run the scanner """
# Get target host IP
target_url = url.parse_url(self.config.get("target"))
host = target_url.hostname
if not url.find_ip(host):
task = subprocess.run(["getent", "hosts", host],
stdout=subprocess.PIPE,
stderr=subprocess.PIPE)
log.log_subprocess_result(task)
host = url.find_ip(task.stdout.decode("utf-8", errors="ignore"))
if host:
host = host[0].strip()
if not host:
log.warning("No target IP found. Exiting")
return
# Prepare config
include_ports = list()
if self.config.get("include_ports", "0-65535"):
include_ports.append("-p")
include_ports.append(
f'{self.config.get("include_ports", "0-65535")}')
include_ports.append(
f'-pU:{self.config.get("include_ports", "0-65535")}')
exclude_ports = list()
if self.config.get("exclude_ports", None):
exclude_ports.append("--exclude-ports")
exclude_ports.append(f'{self.config.get("exclude_ports")}')
# Make temporary files
output_file_fd, output_file = tempfile.mkstemp()
log.debug("Output file: %s", output_file)
os.close(output_file_fd)
# Scan target
task = subprocess.run(["masscan", host] + include_ports + [
"--rate",
"1000",
"-oJ",
output_file,
] + exclude_ports,
stdout=subprocess.PIPE,
stderr=subprocess.PIPE)
log.log_subprocess_result(task)
# Parse findings
parse_findings(output_file, self)
# Save intermediates
self.save_intermediates(output_file, task)
# Remove temporary files
os.remove(output_file)
def execute(self):
""" Run the scanner """
targets = self.config.get("requirements", "requirements.txt")
if isinstance(targets, str):
targets = [targets]
options = list()
for target in targets:
options.append("-r")
options.append(target)
task = subprocess.run(["safety", "check", "--json"] + options,
stdout=subprocess.PIPE,
stderr=subprocess.PIPE)
log.log_subprocess_result(task)
parse_findings(task.stdout.decode("utf-8", errors="ignore"), self)
# Save intermediates
self.save_intermediates(task.stdout)
def execute(self):
""" Run the scanner """
# Prepare parameters
spotbugs_parameters = shlex.split(self.config.get("scan_opts", ""))
# Make temporary files
output_file_fd, output_file = tempfile.mkstemp()
log.debug("Output file: %s", output_file)
os.close(output_file_fd)
# Run task
task = subprocess.run(
["spotbugs", "-xml:withMessages"] + spotbugs_parameters +
["-output", output_file,
self.config.get("code")],
stdout=subprocess.PIPE,
stderr=subprocess.PIPE)
log.log_subprocess_result(task)
parse_findings(output_file, self)
# Save intermediates
self.save_intermediates(output_file, task)
def execute(self):
""" Run the scanner """
# Prepare parameters
additional_parameters = shlex.split(self.config.get("comp_opts", ""))
# Make temporary directory
output_dir = tempfile.mkdtemp()
log.debug("Output directory: %s", output_dir)
# Run task
task = subprocess.run([
"dependency-check.sh", "-n", "-f", "JSON", "-o", output_dir, "-s",
self.config.get("comp_path")
] + additional_parameters,
stdout=subprocess.PIPE,
stderr=subprocess.PIPE)
log.log_subprocess_result(task)
output_file = os.path.join(output_dir, "dependency-check-report.json")
parse_findings(output_file, self)
# Save intermediates
self.save_intermediates(output_file, task)
def execute(self):
""" Run the scanner """
# Make temporary directory
output_dir = tempfile.mkdtemp()
output_file = os.path.join(output_dir, "report.json")
log.debug("Output directory: %s", output_dir)
# Run task
task = subprocess.run([
"semgrep", "--disable-version-check", "--quiet",
"--no-rewrite-rule-ids", "--json", "--config",
self.config.get("ruleset"), "--output", output_file,
self.config.get("code")
],
stdout=subprocess.PIPE,
stderr=subprocess.PIPE)
log.log_subprocess_result(task)
parse_findings(output_file, self)
# Save intermediates
self.save_intermediates(output_file, task)
def execute(self):
""" Run the scanner """
# Get target host IP
target_url = url.parse_url(self.config.get("target"))
# Make temporary files
output_file_fd, output_file = tempfile.mkstemp()
log.debug("Output file: %s", output_file)
os.close(output_file_fd)
# Scan target
task = subprocess.run([
"sslyze", "--regular", f"--json_out={output_file}", "--quiet",
f"{target_url.hostname}:{url.get_port(target_url)}"
], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
log.log_subprocess_result(task)
# Parse findings
parse_findings(output_file, self)
# Save intermediates
self.save_intermediates(output_file, task)
# Remove temporary files
os.remove(output_file)
def execute(self):
""" Run the scanner """
# Make temporary file
output_file_fd, output_file = tempfile.mkstemp(".json")
log.debug("Output file: %s", output_file)
os.close(output_file_fd)
# Run task
set_options = list()
if not self.config.get("show_without_fix", False):
set_options.append("--ignore-unfixed")
if self.config.get("skip_update", True):
set_options.append("--skip-update")
task = subprocess.run([
"trivy", "image", "--format", "json",
] + set_options + [
] + shlex.split(self.config.get("trivy_options", "--no-progress")) + [
"--timeout", self.config.get("timeout", "1h"),
"--output", output_file, self.config.get("code"),
], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
log.log_subprocess_result(task)
parse_findings(output_file, self)
# Save intermediates
self.save_intermediates(output_file, task)
def execute(self):
""" Run the scanner """
# Get config
config_data = pkg_resources.resource_string(
"dusty",
f"{'/'.join(__name__.split('.')[1:-1])}/data/w3af_full_audit.w3af"
)
if self.config.get("config_file", None):
with open(self.config.get("config_file"), "r") as config:
config_data = config.read()
# Make temporary files
config_file_fd, config_file = tempfile.mkstemp()
output_file_fd, output_file = tempfile.mkstemp()
log.debug("Config file: %s", config_file)
log.debug("Output file: %s", output_file)
# Fill config data variables
config_data = config_data.decode("utf-8").format(
target=self.config.get("target"),
output_section=constants.W3AF_OUTPUT_SECTION.replace("{output_file}", output_file)
)
os.write(config_file_fd, config_data.encode("utf-8"))
# Close unneeded handles
os.close(config_file_fd)
os.close(output_file_fd)
# Run scanner
task = subprocess.run([
"w3af_console", "-y", "-n", "-s", config_file
], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
log.log_subprocess_result(task)
# Parse findings
parse_findings(output_file, self)
# Save intermediates
self.save_intermediates(output_file, config_file, task)
# Remove temporary files
os.remove(config_file)
os.remove(output_file)
pkg_resources.cleanup_resources()
def execute(self):
""" Run the scanner """
include_checks = list()
if self.config.get("include_checks", None):
include_checks.append("-t")
include_checks.append(self.config.get("include_checks"))
exclude_checks = list()
if self.config.get("exclude_checks", None):
exclude_checks.append("-x")
exclude_checks.append(self.config.get("exclude_checks"))
excluded_files = list()
if self.config.get("excluded_files", None):
excluded_files.append("--skip-files")
excluded_files.append(self.config.get("excluded_files"))
task = subprocess.run(
[
"brakeman", "--no-exit-on-warn", "--no-exit-on-error", "-f", "json"
] + include_checks + exclude_checks + excluded_files + [self.config.get("code")],
stdout=subprocess.PIPE, stderr=subprocess.PIPE
)
log.log_subprocess_result(task)
parse_findings(task.stdout.decode("utf-8", errors="ignore"), self)
# Save intermediates
self.save_intermediates(task.stdout)
def execute(self):
""" Run the scanner """
# Squash commits (if needed)
if self.config.get("squash_commits", None):
# Rename old .git
try:
os.rename(
os.path.join(self.config.get("code"), ".git"),
os.path.join(self.config.get("code"), ".git.old")
)
except:
log.debug("Failed to rename old .git: %s", traceback.format_exc())
# Initialize new repo
current_dir = os.getcwd()
try:
os.chdir(self.config.get("code"))
# Patch dulwich to work without valid UID/GID
dulwich.repo.__original__get_default_identity = dulwich.repo._get_default_identity # pylint: disable=W0212
dulwich.repo._get_default_identity = git_clone._dulwich_repo_get_default_identity # pylint: disable=W0212
# Set USERNAME if needed
try:
getpass.getuser()
except: # pylint: disable=W0702
os.environ["USERNAME"] = "******"
# Add current code
repository = dulwich.porcelain.init(self.config.get("code"))
repository._put_named_file(os.path.join("info", "exclude"), b"/.git.old/") # pylint: disable=W0212
dulwich.porcelain.add(repository)
log.debug("Git repository status: %s", dulwich.porcelain.status(repository, True))
dulwich.porcelain.commit(
repository,
b"Current project code", b"Carrier <dusty@localhost>"
)
finally:
os.chdir(current_dir)
# Make temporary files
output_file_fd, output_file = tempfile.mkstemp(".json")
log.debug("Output file: %s", output_file)
os.close(output_file_fd)
additional_options = list()
if self.config.get("redact_offenders", None):
additional_options.append("--redact")
# Use custom rules
if self.config.get("use_custom_rules", None):
custom_rules_path = self.config.get("custom_rules_path", None)
if custom_rules_path:
config_path = custom_rules_path
else:
config_path = pkg_resources.resource_filename(
"dusty",
f"{'/'.join(__name__.split('.')[1:-1])}/data/gitleaks.toml")
additional_options.append("--config")
additional_options.append(config_path)
log.debug("Custom config path: %s", config_path)
# Run task
task = subprocess.run(
[
"gitleaks", "--repo-path", self.config.get("code"), "--report", output_file
] + additional_options,
stdout=subprocess.PIPE, stderr=subprocess.PIPE)
log.log_subprocess_result(task)
# Parse findings
parse_findings(output_file, self)
# Save intermediates
self.save_intermediates(output_file, task)
# Revert commit squashing (if any)
if self.config.get("squash_commits", None):
shutil.rmtree(os.path.join(self.config.get("code"), ".git"))
try:
os.rename(
os.path.join(self.config.get("code"), ".git.old"),
os.path.join(self.config.get("code"), ".git")
)
except:
log.debug("Failed to revert .git: %s", traceback.format_exc())
