コード例 #1
0
def draw_digraph(infile, cves, outfile):
    data = load_file(infile)
    pkgs = pkg_subset(data, cves)
    svrs = svr_subset(data, pkgs)

    label = {}

    G = nx.DiGraph()
    for cve in cves:
        G.add_node(cve)
        cvss = data.nodes[cve]['cvss']
        supressed = data.nodes[cve]['suppressed']
        label[cve] = "{0}\n cvss={1}".format(cve, cvss)
        if supressed:
            label[cve] += "\n/supressed"
        for pkg in pkgs:
            G.add_node(pkg)
            label[pkg] = pkg
            if pkg in data.neighbors(cve):
                G.add_edge(cve, pkg)
        for svr in svrs:
            G.add_node(svr)
            ## find group & hostname for label
            for neighbor in data.neighbors(svr):
                if neighbor in data.neighbors('type_group'):
                    group = neighbor
                elif neighbor in data.neighbors('type_hostname'):
                    hostname = neighbor
            label[svr] = "{0}\n{1}\n{2}".format(group, hostname, svr)
            for pkg in pkgs:
                if svr in data.neighbors(pkg):
                    G.add_edge(pkg, svr)
    pos = graphviz_layout(G, prog='dot')

    nx.draw_networkx_nodes(G,
                           pos,
                           nodelist=cves,
                           node_color='r',
                           node_size=500,
                           alpha=0.8)

    nx.draw_networkx_nodes(G,
                           pos,
                           nodelist=pkgs,
                           node_color='b',
                           node_size=400,
                           alpha=0.8)
    nx.draw_networkx_nodes(G,
                           pos,
                           nodelist=svrs,
                           node_color='#DDDDDD',
                           node_size=300,
                           alpha=0.8)
    nx.draw_networkx_edges(G, pos)
    nx.draw_networkx_labels(G, pos, label, font_size=10)

    plt.axis('off')
    plt.savefig(outfile)
コード例 #2
0
ファイル: queryn_cve_tot.py プロジェクト: tlibrera1/CSO-SBoM
  cve0 = []  # CVE's with cvss<5,>=0

  for cve in cves:
      ## put cve in bin
      cvss = graphdata.nodes[cve]['cvss']
      if(cvss == 10.0):
          cve10.append(cve)
      elif(cvss >= 7.0):
          cve7.append(cve)
      elif(cvss >= 5.0):
          cve5.append(cve)
      else:
          cve0.append(cve)

  ## find all packages for each bin
  pkg10 = pkg_subset(graphdata,cve10)
  pkg7 = pkg_subset(graphdata,cve7)
  pkg5 = pkg_subset(graphdata,cve5)
  pkg0 = pkg_subset(graphdata,cve0)

  ## find all servers for each bin
  svr10 = svr_subset(graphdata, pkg10)
  svr7 = svr_subset(graphdata, pkg7)
  svr5 = svr_subset(graphdata, pkg5)
  svr0 = svr_subset(graphdata, pkg0)

  cvebins[d]['1. Worst CVSS=10'] = len(cve10)
  cvebins[d]['2. Critical 7 <= CVSS <10'] = len(cve7)
  cvebins[d]['3. Medium 5 <= CVSS <7'] = len(cve5)
  cvebins[d]['4. Low 0 <= CVSS <5'] = len(cve0)