def nmap(config): tool_name = "NMAP" excluded_addon = f'--exclude-ports {config.get("exclusions", None)}' if config.get( "exclusions", None) else "" ports = config.get("inclusions", "0-65535") nse_scripts = config.get( "nse_scripts", "ssl-date,http-mobileversion-checker,http-robots.txt,http-title," "http-waf-detect,http-chrono,http-headers,http-comments-displayer," "http-date") exec_cmd = f'nmap -PN -p{ports} {excluded_addon} ' \ f'--min-rate 1000 --max-retries 0 --max-rtt-timeout 200ms ' \ f'{config["host"]}' res = execute(exec_cmd) tcp_ports = '' udp_ports = '' for each in re.findall(r'([0-9]*/[tcp|udp])', str(res[0])): if '/t' in each: tcp_ports += f'{each.replace("/t", "")},' elif '/u' in each: udp_ports += f'{each.replace("/u", "")},' ports = f"-pT:{tcp_ports[:-1]}" if tcp_ports else "" ports += f" -pU:{udp_ports[:-1]}" if udp_ports else "" if not ports: return (tool_name, []) params = config.get("params", "-v -sVA") exec_cmd = f'nmap {params} {ports} ' \ f'--min-rate 1000 --max-retries 0 ' \ f'--script={nse_scripts} {config["host"]} -oX /tmp/nmap.xml' execute(exec_cmd) result = NmapXMLParser('/tmp/nmap.xml', "NMAP").items return tool_name, result
def nikto(config): tool_name = "nikto" if os.path.exists("/tmp/nikto.xml"): os.remove("/tmp/nikto.xml") exec_cmd = f'perl nikto.pl {config.get("param", "")} -h {config["host"]} -p {config["port"]} ' \ f'-Format xml -output /tmp/nikto.xml -Save /tmp/extended_nikto' cwd = '/opt/nikto/program' execute(exec_cmd, cwd) result = NiktoXMLParser("/tmp/nikto.xml", "Nikto").items return tool_name, result
def ruby(config): included_checks = '' exclude_checks = '' if config.get('include_checks', None): included_checks = f'-t {config.get("include_checks")} ' if config.get('exclude_checks', None): exclude_checks = f'-x {config.get("exclude_checks")} ' if config.get('excluded_files', None): exclude_checks = f'--skip-files {config.get("excluded_files")} ' excluded_files = '' exec_cmd = f"brakeman {included_checks}{exclude_checks}--no-exit-on-warn --no-exit-on-error {excluded_files}" \ f"-o /tmp/brakeman.json " + SastyWrapper.get_code_path(config) execute(exec_cmd, cwd=SastyWrapper.get_code_path(config)) result = BrakemanParser("/tmp/brakeman.json", "brakeman").items filtered_result = common_post_processing(config, result, "brakeman") return filtered_result
def w3af(config): tool_name = "w3af" config_file = config.get("config_file", "/tmp/w3af_full_audit.w3af") w3af_execution_command = f'w3af_console -y -n -s {config_file}' with open(config_file, 'r') as f: config_content = f.read() if '{target}' in config_content: config_content = config_content.format( target= f'{config.get("protocol")}://{config.get("host")}:{config.get("port")}', output_section=c.W3AF_OUTPUT_SECTION) with open(config_file, 'w') as f: f.write(config_content) execute(w3af_execution_command) result = W3AFXMLParser("/tmp/w3af.xml", "w3af").items return tool_name, result
def aemhacker(config): tool_name = "AEM_Hacker" aem_hacker_output = execute( f'aem-wrapper.sh -u {config.get("protocol")}://{config.get("host")}:{config.get("port")} --host {config.get("scanner_host", "127.0.0.1")} --port {config.get("scanner_port", "4444")}' )[0].decode('utf-8') result = AemOutputParser(aem_hacker_output).items return tool_name, result
def bandit(config, results=None): exec_cmd = "bandit -r {} --format json".format(SastyWrapper.get_code_path(config)) res = execute(exec_cmd, cwd=SastyWrapper.get_code_path(config)) with open("/tmp/bandit.json", "w") as f: f.write(res[0].decode('utf-8', errors='ignore')) result = BanditParser("/tmp/bandit.json", "pybandit").items return SastyWrapper.extend_result(results, result)
def retirejs(config, results=None): deps = get_dependencies(SastyWrapper.get_code_path(config), config.get('add_devdep')) exec_cmd = "retire --jspath={} --outputformat=json " \ "--outputpath=/tmp/retirejs.json --includemeta --exitwith=0"\ .format(SastyWrapper.get_code_path(config)) res = execute(exec_cmd, cwd='/tmp') result = RetireScanParser("/tmp/retirejs.json", "RetireScan", deps).items return SastyWrapper.extend_result(results, result)
def npm(config, results=None): deps = get_dependencies(SastyWrapper.get_code_path(config), config.get('add_devdep')) exec_cmd = "npm audit --json" res = execute(exec_cmd, cwd=SastyWrapper.get_code_path(config)) with open('/tmp/npm_audit.json', 'w') as npm_audit: print(res[0].decode(encoding='ascii', errors='ignore'), file=npm_audit) result = NpmScanParser("/tmp/npm_audit.json", "NpmScan", deps).items return SastyWrapper.extend_result(results, result)
def python(config): exec_cmd = "bandit -r /code --format json" res = execute(exec_cmd, cwd='/code') with open("/tmp/bandit.json", "w") as f: f.write(res[0].decode('utf-8', errors='ignore')) result = BanditParser("/tmp/bandit.json", "pybandit").items common_post_processing(config, result, "pybandit") return result
def masscan(config): tool_name = "masscan" host = config["host"] result = list() if not (find_ip(host)): host = find_ip(str(execute(f'getent hosts {host}')[0])) if len(host) > 0: host = host[0].strip() if host: if config.get("exclusions", None): excluded_addon = f'--exclude-ports {config.get("exclusions", None)}' else: excluded_addon = '' ports = config.get("inclusions", "0-65535") exec_cmd = f'masscan {host} -p {ports} -pU:{ports} --rate 1000 -oJ /tmp/masscan.json {excluded_addon}' execute(exec_cmd.strip()) result = MasscanJSONParser("/tmp/masscan.json", "masscan").items return tool_name, result
def retirejs(config): devdeps = [] if config.get('devdep') \ else json.load(open('/code/package.json')).get('devDependencies', {}).keys() exec_cmd = "retire --jspath=/code --outputformat=json " \ "--outputpath=/tmp/retirejs.json --includemeta --exitwith=0" res = execute(exec_cmd, cwd='/tmp') result = RetireScanParser("/tmp/retirejs.json", "RetireScan", devdeps).items common_post_processing(config, result, "RetireScan") return result
def safety(config, results=None): params_str = '' for file_path in config.get('files', []): params_str += '-r {} '.format(file_path) exec_cmd = "safety check {}--full-report --json".format(params_str) res = execute(exec_cmd, cwd=SastyWrapper.get_code_path(config)) with open('/tmp/safety_report.json', 'w') as safety_audit: print(res[0].decode(encoding='ascii', errors='ignore'), file=safety_audit) result = SafetyScanParser("/tmp/safety_report.json", "SafetyScan").items return SastyWrapper.extend_result(results, result)
def npm(config): devdeps = [] if config.get('devdep') \ else json.load(open('/code/package.json')).get('devDependencies', {}).keys() exec_cmd = "npm audit --json" res = execute(exec_cmd, cwd='/code') with open('/tmp/npm_audit.json', 'w') as npm_audit: print(res[0].decode(encoding='ascii', errors='ignore'), file=npm_audit) result = NpmScanParser("/tmp/npm_audit.json", "NpmScan", devdeps).items common_post_processing(config, result, "NpmScan") return result
def zap(config): if 'supervisor.sock no such file' in execute( 'supervisorctl restart zap')[0].decode('utf-8'): execute('/usr/bin/supervisord', communicate=False) status = execute('zap-cli status')[0].decode('utf-8') while 'ZAP is running' not in status: sleep(10) status = execute('zap-cli status')[0].decode('utf-8') if config.get('zap_context_file_path', None): context = os.path.join('/tmp', config.get('zap_context_file_path')) if os.path.exists(context): execute( f'zap-cli context import /tmp/{config.get("zap_context_file_path")}' ) execute( f'zap-cli quick-scan -s {config.get("scan_types", "xss,sqli")} {config.get("params", "")}' f' -c "{context}" -l Informational' f' {config.get("protocol")}://{config.get("host")}:{config.get("port")}' ) else: execute( f'zap-cli quick-scan -s {config.get("scan_types", "xss,sqli")} {config.get("params", "")}' f'-l Informational {config.get("protocol")}://{config.get("host")}:{config.get("port")}' ) execute('zap-cli report -o /tmp/zap.xml -f xml') result = ZapXmlParser('/tmp/zap.xml', "ZAP").items execute('supervisorctl stop zap') common_post_processing(config, result, "ZAP") return result
def java(config): exec_cmd = "spotbugs -xml:withMessages -output /tmp/spotbugs.xml /code" res = execute(exec_cmd, cwd='/code') result = SpotbugsParser("/tmp/spotbugs.xml", "spotbugs").items common_post_processing(config, result, "spotbugs") return result
def nodejs(config): exec_cmd = "nodejsscan -o nodejsscan -d /code" res = execute(exec_cmd, cwd='/tmp') result = NodeJsScanParser("/tmp/nodejsscan.json", "NodeJsScan").items common_post_processing(config, result, "NodeJsScan") return result
def sslyze(config): tool_name = "SSlyze" exec_cmd = f'sslyze --regular --json_out=/tmp/sslyze.json --quiet {config["host"]}:{config["port"]}' execute(exec_cmd) result = SslyzeJSONParser("/tmp/sslyze.json", "SSlyze").items return tool_name, result
def spotbugs(config, results=None): exec_cmd = "spotbugs -xml:withMessages {} -output /tmp/spotbugs.xml {}" \ "".format(config.get("scan_opts", ""), SastyWrapper.get_code_path(config)) execute(exec_cmd, cwd=SastyWrapper.get_code_path(config)) result = SpotbugsParser("/tmp/spotbugs.xml", "spotbugs").items return SastyWrapper.extend_result(results, result)
def nodejsscan(config, results=None): exec_cmd = "nodejsscan -o nodejsscan -d {}".format(SastyWrapper.get_code_source(config)) res = execute(exec_cmd, cwd='/tmp') result = NodeJsScanParser("/tmp/nodejsscan.json", "NodeJsScan").items return SastyWrapper.extend_result(results, result)
def sslyze(config): exec_cmd = f'sslyze --regular --json_out=/tmp/sslyze.json --quiet {config["host"]}:{config["port"]}' execute(exec_cmd) result = SslyzeJSONParser("/tmp/sslyze.json", "SSlyze").items common_post_processing(config, result, "SSlyze") return result
def gosec(config, results=None): """ Golang Security Checker """ exec_cmd = f"gosec -fmt=json ./..." cmd_output = execute(exec_cmd, cwd=SastyWrapper.get_code_path(config)) result = GosecOutputParser(cmd_output, "gosec").items return SastyWrapper.extend_result(results, result)
def dependency_check(config, results=None): exec_cmd = 'dependency-check.sh -n -f JSON -o /tmp -s {} {}'.format(config['comp_path'], config['comp_opts']) execute(exec_cmd, cwd=SastyWrapper.get_code_path(config)) result = DependencyCheckParser("/tmp/dependency-check-report.json", "dependency_check").items return SastyWrapper.extend_result(results, result)