def post(self, request): all_email = EmailDb.objects.filter() email_setting_data = SettingsDb.objects.filter(setting_scanner="Email") subject = request.POST.get("email_subject") from_message = request.POST.get("email_message") email_to = request.POST.get("to_email") all_email.delete() email_setting_data.delete() setting_id = uuid.uuid4() save_email = EmailDb( subject=subject, message=from_message, recipient_list=email_to, setting_id=setting_id, ) save_email.save() subject_test = "test" message = "test" email = email_sch_notify(subject=subject_test, message=message) if email is False: setting_status = False else: setting_status = True save_setting_info = SettingsDb( setting_id=setting_id, setting_scanner="Email", setting_status=setting_status, ) save_setting_info.save() return HttpResponseRedirect(reverse("archerysettings:settings"))
def gitlabsast_report_json(data, project_id, scan_id): """ :param data: :param project_id: :param scan_id: :return: """ date_time = datetime.now() vul_col = "" vuln = data["vulnerabilities"] for vuln_data in vuln: try: name = vuln_data["message"] except Exception as e: name = "Not Found" try: description = vuln_data["description"] except Exception as e: description = "Not Found" try: cve = vuln_data["cve"] except Exception as e: cve = "Not Found" try: scanner = vuln_data["scanner"] except Exception as e: scanner = "Not Found" try: location = vuln_data["location"] except Exception as e: location = "Not Found" try: identifiers = vuln_data["identifiers"] except Exception as e: identifiers = "Not Found" try: severity = vuln_data["severity"] except Exception as e: severity = "Not Found" try: file = vuln_data["location"]["file"] except Exception as e: file = "Not Found" if severity == "Critical": severity = "High" vul_col = "danger" if severity == "High": vul_col = "danger" elif severity == "Medium": vul_col = "warning" elif severity == "Low": vul_col = "info" elif severity == "Unknown": severity = "Low" vul_col = "info" elif severity == "Everything else": severity = "Low" vul_col = "info" vul_id = uuid.uuid4() dup_data = str(name) + str(severity) + str(file) duplicate_hash = hashlib.sha256(dup_data.encode("utf-8")).hexdigest() match_dup = StaticScanResultsDb.objects.filter(dup_hash=duplicate_hash).values( "dup_hash" ) lenth_match = len(match_dup) if lenth_match == 0: duplicate_vuln = "No" false_p = StaticScanResultsDb.objects.filter( false_positive_hash=duplicate_hash ) fp_lenth_match = len(false_p) if fp_lenth_match == 1: false_positive = "Yes" else: false_positive = "No" save_all = StaticScanResultsDb( vuln_id=vul_id, scan_id=scan_id, date_time=date_time, project_id=project_id, title=name, description=str(description) + "\n\n" + str(scanner), filePath=location, fileName=file, severity=severity, severity_color=vul_col, vuln_status="Open", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive=false_positive, scanner="Gitlabsast", ) save_all.save() else: duplicate_vuln = "Yes" save_all = StaticScanResultsDb( vuln_id=vul_id, scan_id=scan_id, date_time=date_time, project_id=project_id, title=name, description=description, filePath=location, fileName=file, severity=severity, severity_color=vul_col, vuln_status="Duplicate", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive="Duplicate", scanner="Gitlabsast", ) save_all.save() all_findbugs_data = StaticScanResultsDb.objects.filter( scan_id=scan_id, false_positive="No", vuln_duplicate="No" ) duplicate_count = StaticScanResultsDb.objects.filter( scan_id=scan_id, vuln_duplicate="Yes" ) total_vul = len(all_findbugs_data) total_high = len(all_findbugs_data.filter(severity="High")) total_medium = len(all_findbugs_data.filter(severity="Medium")) total_low = len(all_findbugs_data.filter(severity="Low")) total_duplicate = len(duplicate_count.filter(vuln_duplicate="Yes")) StaticScansDb.objects.filter(scan_id=scan_id).update( date_time=date_time, total_vul=total_vul, high_vul=total_high, medium_vul=total_medium, low_vul=total_low, total_dup=total_duplicate, scanner="Gitlabsast", ) trend_update() subject = "Archery Tool Scan Status - GitLab SAST Report Uploaded" message = ( "GitLab SAST Scanner has completed the scan " " %s <br> Total: %s <br>High: %s <br>" "Medium: %s <br>Low %s" % (Target, total_vul, total_high, total_medium, total_low) ) email_sch_notify(subject=subject, message=message)
def whitesource_report_json(data, project_id, scan_id): """ :param data: :param project_id: :param scan_id: :return: """ date_time = datetime.now() global vul_col, project vuln = data["vulnerabilities"] for issues in vuln: name = issues["name"] severity = issues["severity"] score = issues["score"] cvss3_severity = issues["cvss3_severity"] cvss3_score = issues["cvss3_score"] publishDate = issues["publishDate"] lastUpdatedDate = issues["lastUpdatedDate"] scoreMetadataVector = issues["scoreMetadataVector"] url = issues["url"] description = issues["description"] project = issues["project"] product = issues["product"] cvss3Attributes = issues["cvss3Attributes"] library = issues["library"] topFix = issues["topFix"] # allFixes = issues['allFixes'] filename = issues["library"]["filename"] sha1 = issues["library"]["sha1"] version = issues["library"]["version"] groupId = issues["library"]["groupId"] if severity == "high": severity = "High" vul_col = "danger" elif severity == "medium": severity = "Medium" vul_col = "warning" elif severity == "low": severity = "Low" vul_col = "info" vul_id = uuid.uuid4() dup_data = str(name) + str(severity) + str(project) duplicate_hash = hashlib.sha256(dup_data.encode("utf-8")).hexdigest() match_dup = StaticScanResultsDb.objects.filter(dup_hash=duplicate_hash).values( "dup_hash" ) lenth_match = len(match_dup) if lenth_match == 0: duplicate_vuln = "No" false_p = StaticScanResultsDb.objects.filter( false_positive_hash=duplicate_hash ) fp_lenth_match = len(false_p) if fp_lenth_match == 1: false_positive = "Yes" else: false_positive = "No" save_all = StaticScanResultsDb( vuln_id=vul_id, scan_id=scan_id, date_time=date_time, project_id=project_id, severity_color=vul_col, vuln_status="Open", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive=false_positive, title=name, severity=severity, references=url, description=str(description) + "\n\n" + str(score) + "\n\n" + str(library) + "\n\n" + str(topFix) + "\n\n", fileName=filename, scanner="Whitesource", ) save_all.save() else: duplicate_vuln = "Yes" save_all = StaticScanResultsDb( vuln_id=vul_id, scan_id=scan_id, date_time=date_time, project_id=project_id, severity_color=vul_col, vuln_status="Duplicate", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive="Duplicate", title=name, severity=severity, references=url, description=str(description) + "\n\n" + str(score) + "\n\n" + str(library) + "\n\n" + str(topFix) + "\n\n", fileName=filename, scanner="Whitesource", ) save_all.save() all_findbugs_data = StaticScanResultsDb.objects.filter( scan_id=scan_id, false_positive="No" ) duplicate_count = StaticScanResultsDb.objects.filter( scan_id=scan_id, vuln_duplicate="Yes" ) total_vul = len(all_findbugs_data) total_high = len(all_findbugs_data.filter(severity="High")) total_medium = len(all_findbugs_data.filter(severity="Medium")) total_low = len(all_findbugs_data.filter(severity="Low")) total_duplicate = len(duplicate_count.filter(vuln_duplicate="Yes")) StaticScansDb.objects.filter(scan_id=scan_id).update( project_name=project, date_time=date_time, total_vul=total_vul, high_vul=total_high, medium_vul=total_medium, low_vul=total_low, total_dup=total_duplicate, scanner="Whitesource", ) trend_update() subject = "Archery Tool Scan Status - whitesource Report Uploaded" message = ( "whitesource Scanner has completed the scan " " %s <br> Total: %s <br>High: %s <br>" "Medium: %s <br>Low %s" % ("whitesource", total_vul, total_high, total_medium, total_low) ) email_sch_notify(subject=subject, message=message)
def xml_parser(root, project_id, scan_id, target_url): date_time = datetime.now() global name, description, remedy_guidance, remedy_code, severity, check, digest, references, vector, remarks, page, signature, proof, trusted, platform_type, platform_name, url, action, body, vuln_id, vul_col, ref_key, ref_values, vector_input_key, vector_input_values, vector_source_key, vector_source_values, page_body_data, request_url, request_method, request_raw, response_ip, response_raw_headers for issue in root: for data in issue: if data.tag == "issue": for vuln in data: vuln_id = uuid.uuid4() if vuln.tag == "name": if vuln.text is None: name = "NA" else: name = vuln.text if vuln.tag == "description": if vuln.text is None: description = "NA" else: description = vuln.text if vuln.tag == "remedy_guidance": if vuln.text is None: remedy_guidance = "NA" else: remedy_guidance = vuln.text if vuln.tag == "severity": if vuln.text is None: severity = "NA" else: severity = vuln.text if vuln.tag == "references": for ref_vuln in vuln: dat = ref_vuln.attrib for key, values in dat.items(): if key is None: ref_key = "NA" else: ref_key = key if values is None: ref_values = "NA" else: ref_values = values if vuln.tag == "vector": for vec_vuln in vuln: if vec_vuln.tag == "inputs": for vec_input in vec_vuln: dat = vec_input.attrib for key, values in dat.items(): if key is None: vector_input_key = "NA" else: vector_input_key = key if values is None: vector_input_values = "NA" else: vector_input_values = values if vec_vuln.tag == "source": for vec_source in vec_vuln: source_dat = vec_source.attrib for key, values in source_dat.items(): if key is None: vector_source_key = "NA" else: vector_source_key = key if values in None: vector_source_values = "NA" else: vector_source_values = values if vuln.tag == "page": for page_body in vuln: if page_body.tag == "body": page_body_dat = page_body.text if page_body_dat is None: page_body_data = "NA" else: page_body_data = page_body_dat for req in vuln: if req.tag == "request": for req_dat in req: if req_dat.tag == "url": req_url = req_dat.text if req_url is None: request_url = "NA" else: request_url = req_url if req_dat.tag == "method": req_method = req_dat.text if req_method is None: request_method = "NA" else: request_method = req_method if req_dat.tag == "raw": if req_dat.text is None: request_raw = "NA" else: request_raw = req_dat.text if req.tag == "response": for res_dat in req: if res_dat.tag == "ip_address": res_ip = res_dat.text if res_ip is None: response_ip = "NA" else: response_ip = res_dat.text if res_dat.tag == "raw_headers": res_raw_headers = res_dat.text if res_raw_headers is None: response_raw_headers = "NA" else: response_raw_headers = res_dat.text if vuln.tag == "proof": proof = vuln.text if vuln.text is None: proof = "NA" else: proof = vuln.text for extra_data in vuln: for extra_vuln in extra_data: if extra_vuln.tag == "url": if extra_vuln.text is None: url = "NA" else: url = extra_vuln.text if extra_vuln.tag == "action": if extra_vuln.text is None: action = "NA" else: action = extra_vuln.text if extra_vuln.tag == "body": if extra_vuln.text is None: body = "NA" else: body = extra_vuln.text details = (description + "\n\n" + str(proof) + "\n\n" + str(ref_values) + "\n\n" + str(page_body_data)) dup_data = name + url + severity duplicate_hash = hashlib.sha256( dup_data.encode("utf-8")).hexdigest() match_dup = (WebScanResultsDb.objects.filter( vuln_duplicate=duplicate_hash, scanner="Arachni").values("dup_hash").distinct()) lenth_match = len(match_dup) if severity == "high": vul_col = "danger" severity = "High" elif severity == "medium": vul_col = "warning" severity = "Medium" elif severity == "low": severity = "Low" vul_col = "info" else: severity = "Low" vul_col = "info" if lenth_match == 0: duplicate_vuln = "No" false_p = WebScanResultsDb.objects.filter( false_positive_hash=duplicate_hash) fp_lenth_match = len(false_p) global false_positive if fp_lenth_match == 1: false_positive = "Yes" elif fp_lenth_match == 0: false_positive = "No" else: false_positive = "No" dump_data = WebScanResultsDb( vuln_id=vuln_id, scan_id=scan_id, date_time=date_time, severity_color=vul_col, project_id=project_id, title=name, description=details, solution=remedy_guidance, severity=severity, url=url, false_positive=false_positive, vuln_status="Open", false_positive_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, scanner="Arachni", ) dump_data.save() else: duplicate_vuln = "Yes" dump_data = WebScanResultsDb( vuln_id=vuln_id, scan_id=scan_id, date_time=date_time, severity_color=vul_col, project_id=project_id, title=name, description=details, solution=remedy_guidance, severity=severity, url=url, false_positive="Duplicate", vuln_status="Duplicate", false_positive_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, scanner="Arachni", ) dump_data.save() arachni_all_vul = WebScanResultsDb.objects.filter(scan_id=scan_id, false_positive="No", scanner="Arachni") duplicate_count = WebScanResultsDb.objects.filter(scan_id=scan_id, vuln_duplicate="Yes", scanner="Arachni") total_high = len(arachni_all_vul.filter(severity="High")) total_medium = len(arachni_all_vul.filter(severity="Medium")) total_low = len(arachni_all_vul.filter(severity="Low")) total_info = len(arachni_all_vul.filter(severity="Informational")) total_duplicate = len(duplicate_count.filter(vuln_duplicate="Yes")) total_vul = total_high + total_medium + total_low + total_info print(total_high) print(total_low) print(total_medium) print(total_info) WebScansDb.objects.filter(scan_id=scan_id).update( scan_url=target_url, total_vul=total_vul, date_time=date_time, high_vul=total_high, medium_vul=total_medium, low_vul=total_low, info_vul=total_info, scan_status="100", total_dup=total_duplicate, scanner="Arachni", ) trend_update() subject = "Archery Tool Scan Status - Arachni Report Uploaded" message = ("Arachni Scanner has completed the scan " " %s <br> Total: %s <br>High: %s <br>" "Medium: %s <br>Low %s" % (url, total_vul, total_high, total_medium, total_low)) email_sch_notify(subject=subject, message=message)
def dockle_report_json( data, project_id, scan_id, ): """ :param data: :param project_id: :param scan_id: :return: """ global vul_col for vuln in data["details"]: code = vuln["code"] title = vuln["title"] level = vuln["level"] alerts = vuln["alerts"][0] if level == "FATAL": vul_col = "danger" elif level == "PASS": vul_col = "warning" elif level == "WARN": vul_col = "warning" elif level == "INFO": vul_col = "info" vul_id = uuid.uuid4() save_all = DockleScanResultsDb( scan_id=scan_id, project_id=project_id, vul_col=vul_col, vuln_id=vul_id, code=code, title=title, alerts=alerts, level=level, ) save_all.save() all_dockle_data = DockleScanResultsDb.objects.filter(scan_id=scan_id) total_vul = len(all_dockle_data) dockle_failed = len(all_dockle_data.filter(level="FATAL")) dockle_passed = len(all_dockle_data.filter(level="PASS")) dockle_warn = len(all_dockle_data.filter(level="WARN")) dockle_info = len(all_dockle_data.filter(level="INFO")) total_duplicate = len(all_dockle_data.filter(level="Yes")) DockleScanDb.objects.filter(scan_id=scan_id).update( total_vuln=total_vul, dockle_fatal=dockle_failed, dockle_warn=dockle_warn, dockle_info=dockle_info, dockle_pass=dockle_passed, total_dup=total_duplicate, ) subject = "Archery Tool Scan Status - dockle Report Uploaded" message = ( "dockle Scanner has completed the scan " " %s <br> Total: %s <br>Failed: %s <br>" "failed: %s <br>Skipped %s" % (scan_id, total_vul, dockle_failed, dockle_warn, dockle_passed) ) email_sch_notify(subject=subject, message=message)
def npmaudit_report_json(data, project_id, scan_id): """ :param data: :param project_id: :param scan_id: :return: """ date_time = datetime.now() global vul_col for vuln in data["advisories"]: title = data["advisories"][vuln]["title"] found_by = data["advisories"][vuln]["found_by"] reported_by = data["advisories"][vuln]["reported_by"] module_name = data["advisories"][vuln]["module_name"] cves = data["advisories"][vuln]["cves"] vulnerable_versions = data["advisories"][vuln]["vulnerable_versions"] patched_versions = data["advisories"][vuln]["patched_versions"] overview = data["advisories"][vuln]["overview"] recommendation = data["advisories"][vuln]["recommendation"] references = data["advisories"][vuln]["references"] access = data["advisories"][vuln]["access"] severity = data["advisories"][vuln]["severity"] cwe = data["advisories"][vuln]["cwe"] metadata = data["advisories"][vuln]["metadata"] url = data["advisories"][vuln]["url"] findings = data["advisories"][vuln]["findings"] vuln_versions = {} for find in findings: vuln_versions[find["version"]] = [find["paths"]] if not title: title = "not found" if not found_by: found_by = "not found" if not reported_by: reported_by = "not found" if not module_name: module_name = "not found" if not cves: cves = "not found" if not vulnerable_versions: vulnerable_versions = "not found" if not patched_versions: patched_versions = "not found" if not recommendation: recommendation = "not found" if not overview: overview = "not found" if not references: references = "not found" if not access: access = "not found" if not severity: severity = "not found" if not cwe: cwe = "not found" if not url: url = "not found" if severity == "critical": severity = "High" vul_col = "danger" if severity == "high": severity = "High" vul_col = "danger" elif severity == "moderate": severity = "Medium" vul_col = "warning" elif severity == "low": severity = "Low" vul_col = "info" elif severity == "info": severity = "Low" vul_col = "info" vul_id = uuid.uuid4() dup_data = str(title) + str(severity) + str(module_name) duplicate_hash = hashlib.sha256(dup_data.encode("utf-8")).hexdigest() match_dup = StaticScanResultsDb.objects.filter( dup_hash=duplicate_hash).values("dup_hash") lenth_match = len(match_dup) if lenth_match == 0: duplicate_vuln = "No" false_p = StaticScanResultsDb.objects.filter( false_positive_hash=duplicate_hash) fp_lenth_match = len(false_p) if fp_lenth_match == 1: false_positive = "Yes" else: false_positive = "No" save_all = StaticScanResultsDb( vuln_id=vul_id, date_time=date_time, scan_id=scan_id, project_id=project_id, severity_color=vul_col, vuln_status="Open", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive=false_positive, title=title, description=str(overview) + "\n\n" + str(vuln_versions) + "\n\n" + str(reported_by) + "\n\n" + str(module_name) + "\n\n" + str(cves) + "\n\n" + str(vuln_versions) + "\n\n" + str(patched_versions), solution=recommendation, references=references, severity=severity, scanner="Npmaudit", ) save_all.save() else: duplicate_vuln = "Yes" save_all = StaticScanResultsDb( vuln_id=vul_id, date_time=date_time, scan_id=scan_id, project_id=project_id, severity_color=vul_col, vuln_status="Duplicate", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive="Duplicate", title=title, description=str(overview) + "\n\n" + str(vuln_versions) + "\n\n" + str(reported_by) + "\n\n" + str(module_name) + "\n\n" + str(cves) + "\n\n" + str(vuln_versions) + "\n\n" + str(patched_versions), solution=recommendation, references=references, severity=severity, scanner="Npmaudit", ) save_all.save() all_findbugs_data = StaticScanResultsDb.objects.filter(scan_id=scan_id, false_positive="No") duplicate_count = StaticScanResultsDb.objects.filter(scan_id=scan_id, vuln_duplicate="Yes") total_vul = len(all_findbugs_data) total_high = len(all_findbugs_data.filter(severity="High")) total_medium = len(all_findbugs_data.filter(severity="Medium")) total_low = len(all_findbugs_data.filter(severity="Low")) total_duplicate = len(duplicate_count.filter(vuln_duplicate="Yes")) StaticScansDb.objects.filter(scan_id=scan_id).update( total_vul=total_vul, date_time=date_time, high_vul=total_high, medium_vul=total_medium, low_vul=total_low, total_dup=total_duplicate, scanner="Npmaudit", ) trend_update() subject = "Archery Tool Scan Status - Npmaudit Report Uploaded" message = ("Npmaudit Scanner has completed the scan " " %s <br> Total: %s <br>High: %s <br>" "Medium: %s <br>Low %s" % ("npm-audit", total_vul, total_high, total_medium, total_low)) email_sch_notify(subject=subject, message=message)
def twistlock_report_json(data, project_id, scan_id): """ :param data: :param project_id: :param scan_id: :return: """ """ { "results": [ { "id": "sha256:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx", "distro": "Debian GNU/Linux 9 (stretch)", "compliances": [ { "title": "Sensitive information provided in environment variables", "severity": "high", "cause": "The environment variables DD_CELERY_BROKER_PASSWORD,DD_DATABASE_PASSWORD,DD_SECRET_KEY contain sensitive data" } ], "complianceDistribution": { "critical": 0, "high": 1, "medium": 0, "low": 0, "total": 1 }, "vulnerabilities": [ { "id": "CVE-2013-7459", "cvss": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "description": "Heap-based buffer overflow in the ALGnew function in block_templace.c in Python Cryptography Toolkit (aka pycrypto) allows remote attackers to execute arbitrary code as demonstrated by a crafted iv parameter to cryptmsg.py.", "severity": "critical", "packageName": "pycrypto", "packageVersion": "2.6.1", "link": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7459", "riskFactors": { "Attack complexity: low": {}, "Attack vector: network": {}, "Critical severity": {}, "Remote execution": {} } } ], "vulnerabilityDistribution": { "critical": 1, "high": 0, "medium": 0, "low": 0, "total": 1 } } ] } """ global false_positive date_time = datetime.now() vul_col = "" # Parser for above json data vuln = data["results"][0]["vulnerabilities"] for vuln_data in vuln: try: name = vuln_data["id"] except Exception as e: name = "Not Found" try: cvss = vuln_data["cvss"] except Exception as e: cvss = "Not Found" try: vector = vuln_data["vector"] except Exception as e: vector = "Not Found" try: description = vuln_data["description"] except Exception as e: description = "Not Found" try: severity = vuln_data["severity"] if severity == "critical": severity = "High" except Exception as e: severity = "Not Found" try: packageName = vuln_data["packageName"] except Exception as e: packageName = "Not Found" try: packageVersion = vuln_data["packageVersion"] except Exception as e: packageVersion = "Not Found" try: link = vuln_data["link"] except Exception as e: link = "Not Found" if severity == "Critical": severity = "High" vul_col = "danger" if severity == "High": vul_col = "danger" elif severity == "Medium": vul_col = "warning" elif severity == "Low": vul_col = "info" elif severity == "Unknown": severity = "Low" vul_col = "info" elif severity == "Everything else": severity = "Low" vul_col = "info" vul_id = uuid.uuid4() dup_data = str(name) + str(severity) + str(packageName) duplicate_hash = hashlib.sha256(dup_data.encode("utf-8")).hexdigest() match_dup = StaticScanResultsDb.objects.filter( dup_hash=duplicate_hash).values("dup_hash") lenth_match = len(match_dup) if lenth_match == 0: duplicate_vuln = "No" false_p = StaticScanResultsDb.objects.filter( false_positive_hash=duplicate_hash) fp_lenth_match = len(false_p) if fp_lenth_match == 1: false_positive = "Yes" else: false_positive = "No" save_all = StaticScanResultsDb( vuln_id=vul_id, scan_id=scan_id, date_time=date_time, project_id=project_id, severity_color=vul_col, vuln_status="Open", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive=false_positive, title=name, description=str(description) + "\n\n" + str(cvss) + "\n\n" + str(packageVersion), severity=severity, fileName=packageName, references=link, scanner="Twistlock", ) save_all.save() else: duplicate_vuln = "Yes" save_all = StaticScanResultsDb( vuln_id=vul_id, scan_id=scan_id, date_time=date_time, project_id=project_id, severity_color=vul_col, vuln_status="Duplicate", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive="Duplicate", title=name, description=str(description) + "\n\n" + str(cvss) + "\n\n" + str(packageVersion), severity=severity, fileName=packageName, references=link, scanner="Twistlock", ) save_all.save() all_findbugs_data = StaticScanResultsDb.objects.filter(scan_id=scan_id, false_positive="No", vuln_duplicate="No") duplicate_count = StaticScanResultsDb.objects.filter(scan_id=scan_id, vuln_duplicate="Yes") total_vul = len(all_findbugs_data) total_high = len(all_findbugs_data.filter(severity="High")) total_medium = len(all_findbugs_data.filter(severity="Medium")) total_low = len(all_findbugs_data.filter(severity="Low")) total_duplicate = len(duplicate_count.filter(vuln_duplicate="Yes")) StaticScansDb.objects.filter(scan_id=scan_id).update( date_time=date_time, total_vul=total_vul, high_vul=total_high, medium_vul=total_medium, low_vul=total_low, total_dup=total_duplicate, scanner="Twistlock", ) trend_update() subject = "Archery Tool Scan Status - twistlock Report Uploaded" message = ("twistlock Scanner has completed the scan " " %s <br> Total: %s <br>High: %s <br>" "Medium: %s <br>Low %s" % (Target, total_vul, total_high, total_medium, total_low)) email_sch_notify(subject=subject, message=message)
def xml_parser(root, project_id, scan_id): """ :param root: :param project_id: :param scan_id: :return: """ date_time = datetime.now() global ScanName, ScanShortName, ScanStartURL, ScanStartTime, ScanFinishTime, ScanScanTime, ScanAborted, ScanResponsive, ScanResponsive, ScanBanner, ScanOs, ScanWebServer, ScanTechnologies, ScanCrawler, ScanReportItems, VulnName, VulnModuleName, VulnDetails, VulnAffects, VulnParameter, VulnAOP_SourceFile, VulnAOP_SourceLine, VulnAOP_Additional, VulnIsFalsePositive, VulnSeverity, VulnType, VulnImpact, VulnDescription, VulnDetailedInformation, VulnRecommendation, VulnTechnicalDetails, VulnCWEList, VulnCVEList, VulnCVSS, VulnCVSS3, VulnReferences, vul_col, risk, UriName, VulnUrl, FullURL for scan in root: for reports in scan: if reports.tag == "Name": ScanName = reports.text if reports.tag == "ShortName": ScanShortName = reports.text if reports.tag == "StartURL": ScanStartURL = reports.text if reports.tag == "StartTime": ScanStartTime = reports.text if reports.tag == "FinishTime": ScanFinishTime = reports.text if reports.tag == "ScanTime": ScanScanTime = reports.text if reports.tag == "Aborted": ScanAborted = reports.text if reports.tag == "Responsive": ScanResponsive = reports.text if reports.tag == "Banner": ScanBanner = reports.text if reports.tag == "Os": ScanOs = reports.text if reports.tag == "WebServer": ScanWebServer = reports.text if reports.tag == "Technologies": ScanTechnologies = reports.text if reports.tag == "Crawler": ScanCrawler = reports.text if reports.tag == "ReportItems": ScanReportItems = reports.text if reports.tag == "ReportItems": ScanReportItems = reports.text for report_item in reports: for ReportItem in report_item: # print ReportItem # print(ReportItem.tag) if ReportItem.tag == "Name": VulnName = ReportItem.text if ReportItem.tag == "ModuleName": VulnModuleName = ReportItem.text if ReportItem.tag == "Details": VulnDetails = ReportItem.text if ReportItem.tag == "Affects": VulnAffects = ScanStartURL + ReportItem.text if ReportItem.tag == "Parameter": VulnParameter = ReportItem.text if ReportItem.tag == "AOP_SourceFile": VulnAOP_SourceFile = ReportItem.text if ReportItem.tag == "AOP_SourceLine": VulnAOP_SourceLine = ReportItem.text if ReportItem.tag == "AOP_Additional": VulnAOP_Additional = ReportItem.text if ReportItem.tag == "IsFalsePositive": VulnIsFalsePositive = ReportItem.text if ReportItem.tag == "Severity": VulnSeverity = ReportItem.text if ReportItem.tag == "Type": VulnType = ReportItem.text if ReportItem.tag == "Impact": VulnImpact = ReportItem.text if ReportItem.tag == "Description": VulnDescription = ReportItem.text if ReportItem.tag == "DetailedInformation": VulnDetailedInformation = ReportItem.text if ReportItem.tag == "Recommendation": VulnRecommendation = ReportItem.text if ReportItem.tag == "TechnicalDetails": VulnTechnicalDetails = ReportItem.text if ReportItem.tag == "CWEList": VulnCWEList = ReportItem.text if ReportItem.tag == "CVEList": VulnCVEList = ReportItem.text if ReportItem.tag == "CVSS": VulnCVSS = ReportItem.text if ReportItem.tag == "CVSS3": VulnCVSS3 = ReportItem.text if ReportItem.tag == "References": VulnReferences = ReportItem.text if VulnSeverity == "high": vul_col = "danger" risk = "High" elif VulnSeverity == "medium": vul_col = "warning" risk = "Medium" elif VulnSeverity == "low": vul_col = "info" risk = "Low" else: vul_col = "info" risk = "Low" if VulnName is None: print(VulnName) else: for c_url in root.findall(".//SiteFile"): for vuln_url in c_url: if vuln_url.tag == "Name": UriName = vuln_url.text if vuln_url.tag == "URL": VulnUrl = vuln_url.text if vuln_url.tag == "FullURL": FullURL = vuln_url.text vuln_id = uuid.uuid4() dup_data = VulnName + FullURL + risk duplicate_hash = hashlib.sha256( dup_data.encode("utf-8")).hexdigest() match_dup = (WebScanResultsDb.objects.filter( dup_hash=duplicate_hash).values("dup_hash").distinct()) lenth_match = len(match_dup) if lenth_match == 0: duplicate_vuln = "No" false_p = WebScanResultsDb.objects.filter( false_positive_hash=duplicate_hash) fp_lenth_match = len(false_p) if fp_lenth_match == 1: false_positive = "Yes" else: false_positive = "No" dump_data = WebScanResultsDb( vuln_id=vuln_id, scan_id=scan_id, url=FullURL, title=VulnName, description=str(VulnDescription) + str(VulnDetails) + str(VulnTechnicalDetails), instance=str(VulnParameter) + str(VulnAffects), reference=VulnReferences, project_id=project_id, severity_color=vul_col, severity=risk, date_time=date_time, false_positive=false_positive, vuln_status="Open", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, scanner="Acunetix", ) dump_data.save() else: duplicate_vuln = "Yes" dump_data = WebScanResultsDb( vuln_id=vuln_id, scan_id=scan_id, url=VulnUrl, title=VulnName, description=str(VulnDescription) + str(VulnDetails) + str(VulnTechnicalDetails), instance=str(VulnParameter) + str(VulnAffects), reference=VulnReferences, project_id=project_id, severity_color=vul_col, severity=risk, date_time=date_time, false_positive="Duplicate", vuln_status="Duplicate", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, scanner="Acunetix", ) dump_data.save() acunetix_all_vul = WebScanResultsDb.objects.filter(scan_id=scan_id, false_positive="No") duplicate_count = WebScanResultsDb.objects.filter(scan_id=scan_id, vuln_duplicate="Yes") total_high = len(acunetix_all_vul.filter(severity="High")) total_medium = len(acunetix_all_vul.filter(severity="Medium")) total_low = len(acunetix_all_vul.filter(severity="Low")) total_info = len(acunetix_all_vul.filter(severity="Informational")) total_duplicate = len(duplicate_count.filter(severity="Yes")) total_vul = total_high + total_medium + total_low + total_info # cal_total_vuln = total_high + total_medium + total_low + total_info WebScansDb.objects.filter(scan_id=scan_id).update( total_vul=total_vul, date_time=date_time, high_vul=total_high, medium_vul=total_medium, low_vul=total_low, info_vul=total_info, total_dup=total_duplicate, scan_url=ScanStartURL, ) trend_update() subject = "Archery Tool Scan Status - Acunetix Report Uploaded" message = ("Acunetix Scanner has completed the scan " " %s <br> Total: %s <br>High: %s <br>" "Medium: %s <br>Low %s" % (ScanStartURL, total_vul, total_high, total_medium, total_low)) email_sch_notify(subject=subject, message=message)
def updated_nessus_parser(root, project_id, scan_id): global agent, description, fname, plugin_modification_date, plugin_name, plugin_publication_date, plugin_type, risk_factor, script_version, solution, synopsis, plugin_output, see_also, scan_ip, pluginName, pluginID, protocol, severity, svc_name, pluginFamily, port, vuln_color, total_vul, total_high, total_medium, total_low, target, report_name date_time = datetime.datetime.now() for data in root: if data.tag == "Report": report_name = data.attrib["name"] for reportHost in data.iter("ReportHost"): try: for key, value in reportHost.items(): target = value scan_id = uuid.uuid4() scan_status = "100" scan_dump = NetworkScanDb( ip=target, scan_id=scan_id, date_time=date_time, project_id=project_id, scan_status=scan_status, scanner="Nessus", ) scan_dump.save() for ReportItem in reportHost.iter("ReportItem"): for key, value in ReportItem.attrib.items(): if key == "pluginName": pluginName = value if key == "pluginID": pluginID = value if key == "protocol": protocol = value if key == "severity": severity = value if key == "svc_name": svc_name = value if key == "pluginFamily": pluginFamily = value if key == "port": port = value try: agent = ReportItem.find("agent").text except: agent = "NA" try: description = ReportItem.find("description").text except: description = "NA" try: fname = ReportItem.find("fname").text except: fname = "NA" try: plugin_modification_date = ReportItem.find( "plugin_modification_date").text except: plugin_modification_date = "NA" try: plugin_name = ReportItem.find("plugin_name").text except: plugin_name = "NA" try: plugin_publication_date = ReportItem.find( "plugin_publication_date").text except: plugin_publication_date = "NA" try: plugin_type = ReportItem.find("plugin_type").text except: plugin_type = "NA" try: risk_factor = ReportItem.find("risk_factor").text except: risk_factor = "NA" try: script_version = ReportItem.find( "script_version").text except: script_version = "NA" try: see_also = ReportItem.find("see_also").text except: see_also = "NA" try: solution = ReportItem.find("solution").text except: solution = "NA" try: synopsis = ReportItem.find("synopsis").text except: synopsis = "NA" try: plugin_output = ReportItem.find( "plugin_output").text except: plugin_output = "NA" vuln_id = uuid.uuid4() if risk_factor == "Critical": vuln_color = "danger" risk_factor = "High" elif risk_factor == "High": vuln_color = "danger" risk_factor = "High" elif risk_factor == "Medium": vuln_color = "warning" risk_factor = "Medium" elif risk_factor == "Low": vuln_color = "info" risk_factor = "Low" else: risk_factor = "Low" vuln_color = "info" dup_data = target + plugin_name + severity + port duplicate_hash = hashlib.sha256( dup_data.encode("utf-8")).hexdigest() match_dup = (NetworkScanResultsDb.objects.filter( dup_hash=duplicate_hash).values( "dup_hash").distinct()) lenth_match = len(match_dup) if lenth_match == 0: duplicate_vuln = "No" global false_positive false_p = NetworkScanResultsDb.objects.filter( false_positive_hash=duplicate_hash) fp_lenth_match = len(false_p) if fp_lenth_match == 1: false_positive = "Yes" else: false_positive = "No" if risk_factor == "None": risk_factor = "Low" all_data_save = NetworkScanResultsDb( project_id=project_id, scan_id=scan_id, date_time=date_time, title=pluginName, ip=target, vuln_id=vuln_id, description=description, solution=solution, severity=risk_factor, port=port, false_positive=false_positive, vuln_status="Open", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, severity_color=vuln_color, scanner="Nessus", ) all_data_save.save() else: duplicate_vuln = "Yes" all_data_save = NetworkScanResultsDb( project_id=project_id, scan_id=scan_id, date_time=date_time, title=pluginName, ip=target, vuln_id=vuln_id, description=description, solution=solution, severity=risk_factor, port=port, false_positive="Duplicate", vuln_status="Duplicate", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, severity_color=vuln_color, scanner="Nessus", ) all_data_save.save() except: continue for reportHost in data.iter("ReportHost"): try: for key, value in reportHost.items(): target = value target_filter = NetworkScanResultsDb.objects.filter( ip=target, vuln_status="Open", vuln_duplicate="No", ) duplicate_count = NetworkScanResultsDb.objects.filter( ip=target, vuln_duplicate="Yes") target_total_vuln = len(target_filter) target_total_high = len( target_filter.filter(severity="High")) target_total_medium = len( target_filter.filter(severity="Medium")) target_total_low = len( target_filter.filter(severity="Low")) target_total_duplicate = len( duplicate_count.filter(vuln_duplicate="Yes")) NetworkScanDb.objects.filter(ip=target).update( date_time=date_time, total_vul=target_total_vuln, high_vul=target_total_high, medium_vul=target_total_medium, low_vul=target_total_low, total_dup=target_total_duplicate, ) except: continue trend_update() subject = "Archery Tool Scan Status - Nessus Report Uploaded" message = ("Nessus Scanner has completed the scan " " %s <br> Total: %s <br>High: %s <br>" "Medium: %s <br>Low %s" % (scan_id, total_vul, total_high, total_medium, total_low)) email_sch_notify(subject=subject, message=message)
def tfsec_report_json(data, project_id, scan_id): """ :param data: :param project_id: :param scan_id: :return: """ date_time = datetime.now() global vul_col for vuln in data["results"]: rule_id = vuln["rule_id"] link = vuln["link"] filename = vuln["location"]["filename"] start_line = vuln["location"]["start_line"] end_line = vuln["location"]["end_line"] description = vuln["description"] severity = vuln["severity"] if severity == "ERROR": severity = "High" vul_col = "danger" elif severity == "WARNING": severity = "Medium" vul_col = "warning" elif severity == "INFO": severity = "Info" vul_col = "info" vul_id = uuid.uuid4() dup_data = str(rule_id) + str(severity) + str(filename) duplicate_hash = hashlib.sha256(dup_data.encode("utf-8")).hexdigest() match_dup = StaticScanResultsDb.objects.filter(dup_hash=duplicate_hash).values( "dup_hash" ) lenth_match = len(match_dup) if lenth_match == 0: duplicate_vuln = "No" false_p = StaticScanResultsDb.objects.filter( false_positive_hash=duplicate_hash ) fp_lenth_match = len(false_p) if fp_lenth_match == 1: false_positive = "Yes" else: false_positive = "No" save_all = StaticScanResultsDb( vuln_id=vul_id, scan_id=scan_id, date_time=date_time, project_id=project_id, severity_color=vul_col, title=rule_id, vuln_status="Open", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive=false_positive, fileName=filename, severity=severity, description=str(description) + "\n\n" + str(rule_id) + "\n\n" + str(start_line) + "\n\n" + str(end_line), references=link, scanner="Tfsec", ) save_all.save() else: duplicate_vuln = "Yes" save_all = StaticScanResultsDb( vuln_id=vul_id, scan_id=scan_id, date_time=date_time, project_id=project_id, title=rule_id, severity_color=vul_col, vuln_status="Duplicate", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive="Duplicate", fileName=filename, severity=severity, description=str(description) + "\n\n" + str(rule_id) + "\n\n" + str(start_line) + "\n\n" + str(end_line), references=link, scanner="Tfsec", ) save_all.save() all_findbugs_data = StaticScanResultsDb.objects.filter( scan_id=scan_id, false_positive="No" ) duplicate_count = StaticScanResultsDb.objects.filter( scan_id=scan_id, vuln_duplicate="Yes" ) total_vul = len(all_findbugs_data) total_high = len(all_findbugs_data.filter(severity="High")) total_medium = len(all_findbugs_data.filter(severity="Medium")) total_low = len(all_findbugs_data.filter(severity="Low")) total_duplicate = len(duplicate_count.filter(vuln_duplicate="Yes")) StaticScansDb.objects.filter(scan_id=scan_id).update( total_vul=total_vul, date_time=date_time, high_vul=total_high, medium_vul=total_medium, low_vul=total_low, total_dup=total_duplicate, scanner="Tfsec", ) trend_update() subject = "Archery Tool Scan Status - tfsec Report Uploaded" message = ( "tfsec Scanner has completed the scan " " %s <br> Total: %s <br>High: %s <br>" "Medium: %s <br>Low %s" % ("tfsec", total_vul, total_high, total_medium, total_low) ) email_sch_notify(subject=subject, message=message)
def trivy_report_json(data, project_id, scan_id): """ :param data: :param project_id: :param scan_id: :return: """ global total_vul, total_high, total_medium, total_low date_time = datetime.now() vul_col = "" for vuln_data in data: vuln = vuln_data["Vulnerabilities"] for issue in vuln: try: VulnerabilityID = issue["VulnerabilityID"] except Exception as e: VulnerabilityID = "Not Found" print(e) try: PkgName = issue["PkgName"] except Exception as e: PkgName = "Not Found" print(e) try: InstalledVersion = issue["InstalledVersion"] except Exception as e: InstalledVersion = "Not Found" print(e) try: FixedVersion = issue["FixedVersion"] except Exception as e: FixedVersion = "Not Found" print(e) try: Title = issue["Title"] except Exception as e: Title = "Not Found" print(e) try: Description = issue["Description"] except Exception as e: Description = "Not Found" print(e) try: Severity = issue["Severity"] except Exception as e: Severity = "Not Found" print(e) try: References = issue["References"] except Exception as e: References = "Not Found" print(e) if Severity == "CRITICAL": Severity = "High" vul_col = "danger" if Severity == "HIGH": Severity = "High" vul_col = "danger" if Severity == "MEDIUM": Severity = "Medium" vul_col = "warning" if Severity == "LOW": Severity = "Low" vul_col = "info" if Severity == "UNKNOWN": Severity = "Low" vul_col = "info" vul_id = uuid.uuid4() dup_data = str(VulnerabilityID) + str(Severity) + str(PkgName) duplicate_hash = hashlib.sha256( dup_data.encode("utf-8")).hexdigest() match_dup = StaticScanResultsDb.objects.filter( dup_hash=duplicate_hash).values("dup_hash") lenth_match = len(match_dup) if lenth_match == 0: duplicate_vuln = "No" false_p = StaticScanResultsDb.objects.filter( false_positive_hash=duplicate_hash) fp_lenth_match = len(false_p) if fp_lenth_match == 1: false_positive = "Yes" else: false_positive = "No" save_all = StaticScanResultsDb( vuln_id=vul_id, scan_id=scan_id, date_time=date_time, project_id=project_id, fileName=PkgName, title=VulnerabilityID, description=str(Description) + str(Title) + "\n\n" + str(VulnerabilityID) + "\n\n" + str(PkgName) + "\n\n" + str(InstalledVersion) + "\n\n" + str(FixedVersion), severity=Severity, references=References, severity_color=vul_col, vuln_status="Open", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive=false_positive, scanner="Trivy", ) save_all.save() else: duplicate_vuln = "Yes" save_all = StaticScanResultsDb( vuln_id=vul_id, scan_id=scan_id, date_time=date_time, project_id=project_id, fileName=PkgName, title=VulnerabilityID, description=str(Description) + str(Title) + "\n\n" + str(VulnerabilityID) + "\n\n" + str(PkgName) + "\n\n" + str(InstalledVersion) + "\n\n" + str(FixedVersion), severity=Severity, references=References, severity_color=vul_col, vuln_status="Duplicate", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive="Duplicate", scanner="Trivy", ) save_all.save() all_findbugs_data = StaticScanResultsDb.objects.filter( scan_id=scan_id, false_positive="No") duplicate_count = StaticScanResultsDb.objects.filter( scan_id=scan_id, vuln_duplicate="Yes") total_vul = len(all_findbugs_data) total_high = len(all_findbugs_data.filter(severity="High")) total_medium = len(all_findbugs_data.filter(severity="Medium")) total_low = len(all_findbugs_data.filter(severity="Low")) total_duplicate = len(duplicate_count.filter(vuln_duplicate="Yes")) StaticScansDb.objects.filter(scan_id=scan_id).update( total_vul=total_vul, date_time=date_time, high_vul=total_high, medium_vul=total_medium, low_vul=total_low, total_dup=total_duplicate, scanner="Trivy", ) trend_update() subject = "Archery Tool Scan Status - Trivy Report Uploaded" message = ("Trivy Scanner has completed the scan " " %s <br> Total: %s <br>High: %s <br>" "Medium: %s <br>Low %s" % (Target, total_vul, total_high, total_medium, total_low)) email_sch_notify(subject=subject, message=message)
def semgrep_report_json(data, project_id, scan_id): """ :param data: :param project_id: :param scan_id: :return: """ date_time = datetime.now() vul_col = "" vuln = data["results"] for vuln_data in vuln: try: check_id = vuln_data["check_id"] except Exception as e: check_id = "Not Found" try: path = vuln_data["path"] except Exception as e: path = "Not Found" try: start = vuln_data["start"] except Exception as e: start = "Not Found" try: end = vuln_data["end"] except Exception as e: end = "Not Found" try: message = vuln_data["extra"]["message"] except Exception as e: message = "Not Found" try: metavars = vuln_data["extra"]["metavars"] except Exception as e: metavars = "Not Found" try: metadata = vuln_data["extra"]["metadata"] except Exception as e: metadata = "Not Found" try: severity = vuln_data["extra"]["severity"] except Exception as e: severity = "Not Found" try: lines = vuln_data["extra"]["lines"] except Exception as e: lines = "Not Found" if severity == "ERROR": severity = "High" vul_col = "danger" elif severity == "WARNING": severity = "Medium" vul_col = "warning" elif severity == "INFORMATION": severity = "Low" vul_col = "info" vul_id = uuid.uuid4() dup_data = str(check_id) + str(severity) + str(path) duplicate_hash = hashlib.sha256(dup_data.encode("utf-8")).hexdigest() match_dup = StaticScanResultsDb.objects.filter( dup_hash=duplicate_hash).values("dup_hash") lenth_match = len(match_dup) if lenth_match == 0: duplicate_vuln = "No" false_p = StaticScanResultsDb.objects.filter( false_positive_hash=duplicate_hash) fp_lenth_match = len(false_p) if fp_lenth_match == 1: false_positive = "Yes" else: false_positive = "No" save_all = StaticScanResultsDb( vuln_id=vul_id, scan_id=scan_id, date_time=date_time, project_id=project_id, title=check_id, severity_color=vul_col, vuln_status="Open", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive=false_positive, fileName=path, severity=severity, description=str(message) + "\n\n" + str(check_id) + "\n\n" + str(end) + "\n\n" + str(metavars) + "\n\n" + str(metadata) + "\n\n" + str(lines), scanner="Sempgrep", ) save_all.save() else: duplicate_vuln = "Yes" save_all = StaticScanResultsDb( vuln_id=vul_id, scan_id=scan_id, date_time=date_time, project_id=project_id, title=check_id, severity_color=vul_col, vuln_status="Duplicate", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive="Duplicate", fileName=path, severity=severity, description=str(message) + "\n\n" + str(check_id) + "\n\n" + str(end) + "\n\n" + str(metavars) + "\n\n" + str(metadata) + "\n\n" + str(lines), scanner="Semgrep", ) save_all.save() all_findbugs_data = StaticScanResultsDb.objects.filter(scan_id=scan_id, false_positive="No") duplicate_count = StaticScanResultsDb.objects.filter(scan_id=scan_id, vuln_duplicate="Yes") total_vul = len(all_findbugs_data) total_high = len(all_findbugs_data.filter(severity="High")) total_medium = len(all_findbugs_data.filter(severity="Medium")) total_low = len(all_findbugs_data.filter(severity="Low")) total_duplicate = len(duplicate_count.filter(vuln_duplicate="Yes")) StaticScansDb.objects.filter(scan_id=scan_id).update( total_vul=total_vul, date_time=date_time, high_vul=total_high, medium_vul=total_medium, low_vul=total_low, total_dup=total_duplicate, scanner="Semgrep", ) trend_update() subject = "Archery Tool Scan Status - semgrep Report Uploaded" message = ("semgrep Scanner has completed the scan " " %s <br> Total: %s <br>High: %s <br>" "Medium: %s <br>Low %s" % ("semgrep", total_vul, total_high, total_medium, total_low)) email_sch_notify(subject=subject, message=message)
def xml_parser(data, project_id, scan_id): """ :param data: :param project_id: :param scan_id: :return: """ global total_vul, total_high, total_medium, total_low date_time = datetime.now() fileName = "Na" filePath = "Na" evidenceCollected = "Na" name = "Na" severity = "Na" cwe = "Na" description = "Na" references = "Na" vulnerableSoftware = "Na" vul_col = "Na" pt = data.xpath("namespace-uri(.)") # root = data.getroot() inst = [] for scan in data: for dependencies in scan: for dependency in dependencies: if dependency.tag == "{%s}fileName" % pt: fileName = dependency.text if dependency.tag == "{%s}filePath" % pt: filePath = dependency.text if dependency.tag == "{%s}evidenceCollected" % pt: evidenceCollected = dependency.text for vuln in dependency: if vuln.tag == "{%s}vulnerability" % pt: if (pt == "https://jeremylong.github.io/DependencyCheck/dependency-check.2.0.xsd" ): for vulner in vuln: if vulner.tag == "{%s}name" % pt: name = vulner.text if vulner.tag == "{%s}description" % pt: description = vulner.text if vulner.tag == "{%s}references" % pt: references = vulner.text if vulner.tag == "{%s}vulnerableSoftware" % pt: vulnerableSoftware = vulner.text for vuln_dat in vulner: if vuln_dat.tag == "{%s}cwe" % pt: cwe = vuln_dat.text if vuln_dat.tag == "{%s}severity" % pt: severity_dat = vuln_dat.text if severity_dat == "HIGH": severity = "High" elif severity_dat == "MEDIUM": severity = "Medium" elif severity_dat == "LOW": severity = "Low" elif (pt == "https://jeremylong.github.io/DependencyCheck/dependency-check.2.2.xsd" ): for dc22 in vuln: if dc22.tag == "{%s}name" % pt: name = dc22.text if dc22.tag == "{%s}description" % pt: description = dc22.text if dc22.tag == "{%s}vulnerableSoftware" % pt: vulnerableSoftware = dc22.text for vuln_dat in dc22: for d in vuln_dat: if d.tag == "{%s}url" % pt: references = d.text if vuln_dat.tag == "{%s}cwe" % pt: cwe = vuln_dat.text if vuln_dat.tag == "{%s}severity" % pt: severity_dat = vuln_dat.text if severity_dat == "HIGH": severity = "High" elif severity_dat == "MEDIUM": severity = "Medium" elif severity_dat == "LOW": severity = "Low" elif (pt == "https://jeremylong.github.io/DependencyCheck/dependency-check.2.3.xsd" ): for dc22 in vuln: if dc22.tag == "{%s}name" % pt: name = dc22.text if dc22.tag == "{%s}description" % pt: description = dc22.text if dc22.tag == "{%s}vulnerableSoftware" % pt: vulnerableSoftware = dc22.text for vuln_dat in dc22: for d in vuln_dat: if d.tag == "{%s}url" % pt: references = d.text if vuln_dat.tag == "{%s}cwe" % pt: cwe = vuln_dat.text if vuln_dat.tag == "{%s}severity" % pt: severity_dat = vuln_dat.text if severity_dat == "HIGH": severity = "High" elif severity_dat == "MEDIUM": severity = "Medium" elif severity_dat == "LOW": severity = "Low" elif (pt == "https://jeremylong.github.io/DependencyCheck/dependency-check.2.4.xsd" ): for dc22 in vuln: if dc22.tag == "{%s}name" % pt: name = dc22.text if dc22.tag == "{%s}description" % pt: description = dc22.text if dc22.tag == "{%s}vulnerableSoftware" % pt: vulnerableSoftware = dc22.text for vuln_dat in dc22: for d in vuln_dat: if d.tag == "{%s}url" % pt: references = d.text if vuln_dat.tag == "{%s}cwe" % pt: cwe = vuln_dat.text if vuln_dat.tag == "{%s}severity" % pt: severity_dat = vuln_dat.text if severity_dat == "HIGH": severity = "High" elif severity_dat == "MEDIUM": severity = "Medium" elif severity_dat == "LOW": severity = "Low" elif (pt == "https://jeremylong.github.io/DependencyCheck/dependency-check.2.5.xsd" ): for dc22 in vuln: if dc22.tag == "{%s}name" % pt: name = dc22.text if dc22.tag == "{%s}description" % pt: description = dc22.text if dc22.tag == "{%s}vulnerableSoftware" % pt: vulnerableSoftware = dc22.text for vuln_dat in dc22: for d in vuln_dat: if d.tag == "{%s}url" % pt: references = d.text if vuln_dat.tag == "{%s}cwe" % pt: cwe = vuln_dat.text if vuln_dat.tag == "{%s}severity" % pt: severity_dat = vuln_dat.text if severity_dat == "HIGH": severity = "High" elif severity_dat == "MEDIUM": severity = "Medium" elif severity_dat == "LOW": severity = "Low" else: for vulner in vuln: if vulner.tag == "{%s}name" % pt: name = vulner.text if vulner.tag == "{%s}severity" % pt: severity = vulner.text if vulner.tag == "{%s}cwe" % pt: cwe = vulner.text if vulner.tag == "{%s}description" % pt: description = vulner.text if vulner.tag == "{%s}references" % pt: references = vulner.text if vulner.tag == "{%s}vulnerableSoftware" % pt: vulnerableSoftware = vulner.text date_time = datetime.now() vul_id = uuid.uuid4() if severity == "High": vul_col = "danger" elif severity == "Medium": vul_col = "warning" elif severity == "Low": vul_col = "info" dup_data = name + fileName + severity duplicate_hash = hashlib.sha256( dup_data.encode("utf-8")).hexdigest() match_dup = StaticScanResultsDb.objects.filter( dup_hash=duplicate_hash).values("dup_hash") lenth_match = len(match_dup) if lenth_match == 0: duplicate_vuln = "No" false_p = StaticScanResultsDb.objects.filter( false_positive_hash=duplicate_hash) fp_lenth_match = len(false_p) if fp_lenth_match == 1: false_positive = "Yes" else: false_positive = "No" if cwe == "Na": cwe = name save_all = StaticScanResultsDb( vuln_id=vul_id, scan_id=scan_id, date_time=date_time, project_id=project_id, fileName=fileName, filePath=filePath, title=name, severity=severity, description=str(description) + "\n\n" + str(evidenceCollected) + "\n\n" + str(vulnerableSoftware), references=references, severity_color=vul_col, vuln_status="Open", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive=false_positive, scanner="Dependencycheck", ) save_all.save() else: duplicate_vuln = "Yes" save_all = StaticScanResultsDb( vuln_id=vul_id, scan_id=scan_id, date_time=date_time, project_id=project_id, fileName=fileName, filePath=filePath, title=name, severity=severity, description=str(description) + "\n\n" + str(evidenceCollected) + "\n\n" + str(vulnerableSoftware), references=references, severity_color=vul_col, vuln_status="Duplicate", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive="Duplicate", scanner="Dependencycheck", ) save_all.save() all_dependency_data = StaticScanResultsDb.objects.filter( scan_id=scan_id, false_positive="No") duplicate_count = StaticScanResultsDb.objects.filter( scan_id=scan_id, vuln_duplicate="Yes") total_vul = len(all_dependency_data) total_high = len(all_dependency_data.filter(severity="High")) total_medium = len(all_dependency_data.filter(severity="Medium")) total_low = len(all_dependency_data.filter(severity="Low")) total_duplicate = len(duplicate_count.filter(vuln_duplicate="Yes")) StaticScansDb.objects.filter(scan_id=scan_id).update( date_time=date_time, total_vul=total_vul, high_vul=total_high, medium_vul=total_medium, low_vul=total_low, total_dup=total_duplicate, scanner="Dependencycheck", ) trend_update() subject = "Archery Tool Scan Status - DependencyCheck Report Uploaded" message = ("DependencyCheck Scanner has completed the scan " " %s <br> Total: %s <br>High: %s <br>" "Medium: %s <br>Low %s" % (name, total_vul, total_high, total_medium, total_low)) email_sch_notify(subject=subject, message=message) return HttpResponse(status=201)
def brakeman_report_json(data, project_id, scan_id): """ :param data: :param project_id: :param scan_id: :return: :username: """ global false_positive date_time = datetime.now() vul_col = "" # Parser for above json data # print(data['warnings']) vuln = data["warnings"] for vuln_data in vuln: try: name = vuln_data["warning_type"] except Exception as e: name = "Not Found" try: warning_code = vuln_data["warning_code"] except Exception as e: warning_code = "Not Found" try: fingerprint = vuln_data["fingerprint"] except Exception as e: fingerprint = "Not Found" try: description = vuln_data["message"] except Exception as e: description = "Not Found" try: check_name = vuln_data["check_name"] except Exception as e: check_name = "Not Found" try: severity = vuln_data["confidence"] if severity == "Weak": severity = "Low" except Exception as e: severity = "Not Found" try: file = vuln_data["file"] except Exception as e: file = "Not Found" try: line = vuln_data["line"] except Exception as e: line = "Not Found" try: link = vuln_data["link"] except Exception as e: link = "Not Found" try: code = vuln_data["code"] except Exception as e: code = "Not Found" try: render_path = vuln_data["render_path"] except Exception as e: render_path = "Not Found" if severity == "Critical": severity = "High" vul_col = "danger" if severity == "High": vul_col = "danger" elif severity == "Medium": vul_col = "warning" elif severity == "Low": vul_col = "info" elif severity == "Unknown": severity = "Low" vul_col = "info" elif severity == "Everything else": severity = "Low" vul_col = "info" vul_id = uuid.uuid4() dup_data = str(name) + str(severity) + str(file) duplicate_hash = hashlib.sha256(dup_data.encode("utf-8")).hexdigest() match_dup = StaticScanResultsDb.objects.filter( dup_hash=duplicate_hash).values("dup_hash") lenth_match = len(match_dup) if lenth_match == 0: duplicate_vuln = "No" false_p = StaticScanResultsDb.objects.filter( false_positive_hash=duplicate_hash) fp_lenth_match = len(false_p) if fp_lenth_match == 1: false_positive = "Yes" else: false_positive = "No" save_all = StaticScanResultsDb( vuln_id=vul_id, scan_id=scan_id, date_time=date_time, project_id=project_id, severity_color=vul_col, vuln_status="Open", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive=false_positive, title=name, description=str(description) + "\n\n" + str(code) + "\n\n" + str(render_path), severity=severity, fileName=file, references=link, scanner="Brakeman", ) save_all.save() else: duplicate_vuln = "Yes" save_all = StaticScanResultsDb( vuln_id=vul_id, scan_id=scan_id, date_time=date_time, project_id=project_id, severity_color=vul_col, vuln_status="Duplicate", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive="Duplicate", title=name, description=str(description) + "\n\n" + str(code) + "\n\n" + str(render_path), severity=severity, fileName=file, references=link, scanner="Brakeman", ) save_all.save() all_findbugs_data = StaticScanResultsDb.objects.filter(scan_id=scan_id, false_positive="No", vuln_duplicate="No") duplicate_count = StaticScanResultsDb.objects.filter(scan_id=scan_id, vuln_duplicate="Yes") total_vul = len(all_findbugs_data) total_high = len(all_findbugs_data.filter(severity="High")) total_medium = len(all_findbugs_data.filter(severity="Medium")) total_low = len(all_findbugs_data.filter(severity="Low")) total_duplicate = len(duplicate_count.filter(vuln_duplicate="Yes")) StaticScansDb.objects.filter(scan_id=scan_id).update( date_time=date_time, total_vul=total_vul, high_vul=total_high, medium_vul=total_medium, low_vul=total_low, total_dup=total_duplicate, scanner="Brakeman", ) trend_update() subject = "Archery Tool Scan Status - brakeman Report Uploaded" message = ("brakeman Scanner has completed the scan " " %s <br> Total: %s <br>High: %s <br>" "Medium: %s <br>Low %s" % (Target, total_vul, total_high, total_medium, total_low)) email_sch_notify(subject=subject, message=message)
def inspec_report_json(data, project_id, scan_id): """ :param data: :param project_id: :param scan_id: :return: """ global controls_results_message, status vul_col = "info" for key, value in data.items(): if key == "profiles": for profile in value: controls = profile["controls"] for con in controls: controls_id = con["id"] controls_title = con["title"] controls_desc = con["desc"] controls_descriptions = con["descriptions"][0]["data"] controls_impact = con["impact"] controls_refs = con["refs"] controls_tags_severity = con["tags"]["severity"] controls_tags_cis_id = con["tags"]["cis_id"] controls_tags_cis_control = con["tags"]["cis_control"] controls_tags_cis_level = con["tags"]["cis_level"] controls_tags_audit = con["tags"]["audit text"] controls_tags_fix = con["tags"]["fix"] controls_code = con["code"] controls_source_location = con["source_location"]["line"] for res in con["results"]: controls_results_status = res["status"] controls_results_code_desc = res["code_desc"] controls_results_run_time = res["run_time"] controls_results_start_time = res["start_time"] for key, value in res.items(): if key == "message": controls_results_message = value if controls_results_status == "failed": vul_col = "danger" status = "Failed" elif controls_results_status == "passed": vul_col = "warning" status = "Passed" elif controls_results_status == "skipped": vul_col = "info" status = "Skipped" vul_id = uuid.uuid4() save_all = InspecScanResultsDb( scan_id=scan_id, project_id=project_id, vul_col=vul_col, vuln_id=vul_id, controls_id=controls_id, controls_title=controls_title, controls_desc=controls_desc, controls_descriptions=controls_descriptions, controls_impact=controls_impact, controls_refs=controls_refs, controls_tags_severity=controls_tags_severity, controls_tags_cis_id=controls_tags_cis_id, controls_tags_cis_control=controls_tags_cis_control, controls_tags_cis_level=controls_tags_cis_level, controls_tags_audit=controls_tags_audit, controls_tags_fix=controls_tags_fix, controls_code=controls_code, controls_source_location=controls_source_location, controls_results_status=status, controls_results_code_desc= controls_results_code_desc, controls_results_run_time=controls_results_run_time, controls_results_start_time= controls_results_start_time, controls_results_message=controls_results_message, ) save_all.save() all_inspec_data = InspecScanResultsDb.objects.filter( scan_id=scan_id) total_vul = len(all_inspec_data) inspec_failed = len( all_inspec_data.filter(controls_results_status="Failed")) inspec_passed = len( all_inspec_data.filter(controls_results_status="Passed")) inspec_skipped = len( all_inspec_data.filter(controls_results_status="Skipped")) total_duplicate = len(all_inspec_data.filter(vuln_duplicate="Yes")) InspecScanDb.objects.filter(scan_id=scan_id).update( total_vuln=total_vul, inspec_failed=inspec_failed, inspec_passed=inspec_passed, inspec_skipped=inspec_skipped, total_dup=total_duplicate, ) subject = "Archery Tool Scan Status - Inspec Report Uploaded" message = ("Inspec Scanner has completed the scan " " %s <br> Total: %s <br>Failed: %s <br>" "failed: %s <br>Skipped %s" % (scan_id, total_vul, inspec_failed, inspec_failed, inspec_skipped)) email_sch_notify(subject=subject, message=message)
def checkmarx_report_xml(data, project_id, scan_id): """ :param data: :param project_id: :param scan_id: :return: """ date_time = datetime.now() global vul_col, project, result, result_data, file_name, inst, code_data project = data.attrib["ProjectName"] scan_details = data.attrib for dat in data: query = dat.attrib name = dat.attrib["name"] severity = dat.attrib["Severity"] code_data = [] result_data_all = [] for dd in dat: result_data = dd.attrib file_name = dd.attrib["FileName"] result_data_all.append(dd.attrib) for d in dd.findall(".//Code"): result = d.text instance = {} instance[file_name] = d.text code_data.append(instance) if severity == "High": vul_col = "danger" elif severity == "Medium": vul_col = "warning" elif severity == "Low": vul_col = "info" else: severity = "Low" vul_col = "info" vul_id = uuid.uuid4() dup_data = str(name) + str(severity) + str(file_name) duplicate_hash = hashlib.sha256(dup_data.encode("utf-8")).hexdigest() match_dup = StaticScanResultsDb.objects.filter( dup_hash=duplicate_hash).values("dup_hash") lenth_match = len(match_dup) if lenth_match == 0: duplicate_vuln = "No" false_p = StaticScanResultsDb.objects.filter( false_positive_hash=duplicate_hash) fp_lenth_match = len(false_p) if fp_lenth_match == 1: false_positive = "Yes" else: false_positive = "No" save_all = StaticScanResultsDb( vuln_id=vul_id, scan_id=scan_id, date_time=date_time, project_id=project_id, severity_color=vul_col, vuln_status="Open", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive=false_positive, title=name, severity=severity, description=str(scan_details), fileName=file_name, scanner="Checkmarx", ) save_all.save() else: duplicate_vuln = "Yes" save_all = StaticScanResultsDb( vuln_id=vul_id, scan_id=scan_id, date_time=date_time, project_id=project_id, severity_color=vul_col, vuln_status="Duplicate", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive="Duplicate", title=name, severity=severity, description=str(scan_details), fileName=file_name, scanner="Checkmarx", ) save_all.save() all_findbugs_data = StaticScanResultsDb.objects.filter(scan_id=scan_id, false_positive="No") duplicate_count = StaticScanResultsDb.objects.filter(scan_id=scan_id, vuln_duplicate="Yes") total_high = len(all_findbugs_data.filter(severity="High")) total_medium = len(all_findbugs_data.filter(severity="Medium")) total_low = len(all_findbugs_data.filter(severity="Low")) total_vul = len(all_findbugs_data) total_duplicate = len(duplicate_count.filter(vuln_duplicate="Yes")) StaticScansDb.objects.filter(scan_id=scan_id).update( project_name=project, date_time=date_time, total_vul=total_vul, high_vul=total_high, medium_vul=total_medium, low_vul=total_low, total_dup=total_duplicate, scanner="Checkmarx", ) trend_update() subject = "Archery Tool Scan Status - checkmarx Report Uploaded" message = ("checkmarx Scanner has completed the scan " " %s <br> Total: %s <br>High: %s <br>" "Medium: %s <br>Low %s" % ("checkmarx", total_vul, total_high, total_medium, total_low)) email_sch_notify(subject=subject, message=message)
def xml_parser(root, project_id, scan_id): global vuln_url, vuln_type, vuln_severity, vuln_certainty, vuln_rawrequest, vuln_rawresponse, vuln_extrainformation, vuln_classification, vuln_id, vul_col, description, impact, actionsToTake, remedy, requiredSkillsForExploitation, externalReferences, remedyReferences, proofOfConcept, proofs, target date_time = datetime.now() for data in root: if data.tag == "target": for url in data: if url.tag == "url": target = url.text for vuln in data: if vuln.tag == "url": vuln_url = vuln.text if vuln.tag == "type": vuln_type = vuln.text if vuln.tag == "severity": if vuln.text == "Important": vuln_severity = "High" else: vuln_severity = vuln.text if vuln.tag == "certainty": vuln_certainty = vuln.text if vuln.tag == "rawrequest": vuln_rawrequest = vuln.text if vuln.tag == "rawresponse": vuln_rawresponse = vuln.text if vuln.tag == "extrainformation": vuln_extrainformation = vuln.text if vuln.tag == "classification": vuln_classification = vuln.text if vuln.tag == "description": description = vuln.text if vuln.tag == "impact": impact = vuln.text if vuln.tag == "actionsToTake": actionsToTake = vuln.text if vuln.tag == "remedy": remedy = vuln.text if vuln.tag == "requiredSkillsForExploitation": requiredSkillsForExploitation = vuln.text if vuln.tag == "externalReferences": externalReferences = vuln.text if vuln.tag == "remedyReferences": remedyReferences = vuln.text if vuln.tag == "proofOfConcept": proofOfConcept = vuln.text if vuln.tag == "proofs": proofs = vuln.text vuln_id = uuid.uuid4() if vuln_severity == "Critical": vuln_severity = "High" vul_col = "danger" elif vuln_severity == "High": vul_col = "danger" elif vuln_severity == "Medium": vul_col = "warning" elif vuln_severity == "Low": vul_col = "info" else: vuln_severity = "Low" vul_col = "info" dup_data = str(vuln_type) + str(vuln_url) + str(vuln_severity) duplicate_hash = hashlib.sha256(dup_data.encode("utf-8")).hexdigest() match_dup = (WebScanResultsDb.objects.filter( dup_hash=duplicate_hash).values("dup_hash").distinct()) lenth_match = len(match_dup) if lenth_match == 0: duplicate_vuln = "No" false_p = WebScanResultsDb.objects.filter( false_positive_hash=duplicate_hash) fp_lenth_match = len(false_p) global false_positive if fp_lenth_match == 1: false_positive = "Yes" elif lenth_match == 0: false_positive = "No" else: false_positive = "No" dump_data = WebScanResultsDb( scan_id=scan_id, project_id=project_id, date_time=date_time, vuln_id=vuln_id, title=vuln_type, url=vuln_url, severity=vuln_severity, false_positive=false_positive, severity_color=vul_col, description=description, solution=str(remedy) + "\n\n" + str(actionsToTake), reference=str(externalReferences) + "\n\n" + str(remedyReferences), vuln_status="Open", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, scanner="Netsparker", ) dump_data.save() else: duplicate_vuln = "Yes" dump_data = WebScanResultsDb( scan_id=scan_id, project_id=project_id, date_time=date_time, vuln_id=vuln_id, url=vuln_url, title=vuln_type, severity=vuln_severity, false_positive="Duplicate", vuln_status="Duplicate", severity_color=vul_col, description=description, solution=remedy + "\n\n" + str(actionsToTake), reference=externalReferences + "\n\n" + str(remedyReferences), dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, scanner="Netsparker", ) dump_data.save() netsparker_all_vul = WebScanResultsDb.objects.filter(scan_id=scan_id, false_positive="No", scanner="Netsparker") duplicate_count = WebScanResultsDb.objects.filter(scan_id=scan_id, vuln_duplicate="Yes", scanner="Netsparker") total_high = len(netsparker_all_vul.filter(severity="High")) total_medium = len(netsparker_all_vul.filter(severity="Medium")) total_low = len(netsparker_all_vul.filter(severity="Low")) total_info = len(netsparker_all_vul.filter(severity="Information")) total_duplicate = len(duplicate_count.filter(vuln_duplicate="Yes")) total_vul = total_high + total_medium + total_low + total_info WebScansDb.objects.filter(scan_id=scan_id).update( total_vul=total_vul, date_time=date_time, high_vul=total_high, medium_vul=total_medium, low_vul=total_low, info_vul=total_info, total_dup=total_duplicate, scan_url=target, scanner="Netsparker", ) trend_update() subject = "Archery Tool Scan Status - Netsparker Report Uploaded" message = ("Netsparker Scanner has completed the scan " " %s <br> Total: %s <br>High: %s <br>" "Medium: %s <br>Low %s" % (target, total_vul, total_high, total_medium, total_low)) email_sch_notify(subject=subject, message=message)
def nodejsscan_report_json(data, project_id, scan_id): """ :param data: :param project_id: :param scan_id: :return: """ date_time = datetime.now() global vul_col, severity for vuln in data["sec_issues"]: for vuln_dat in data["sec_issues"][vuln]: with open( "scanners/scanner_parser/staticscanner_parser/nodejsscan_vuln.json" ) as f: vuln_name = json.load(f) for v in vuln_name["vuln"]: if v["name"] == vuln_dat["title"]: severity = v["severity"] title = vuln_dat["title"] filename = vuln_dat["filename"] path = vuln_dat["path"] sha2 = vuln_dat["sha2"] tag = vuln_dat["tag"] description = vuln_dat["description"] line = vuln_dat["line"] lines = vuln_dat["lines"] if severity == "High": vul_col = "danger" elif severity == "Medium": vul_col = "warning" elif severity == "Low": vul_col = "info" vul_id = uuid.uuid4() dup_data = str(title) + str(severity) + str(filename) + str(line) duplicate_hash = hashlib.sha256(dup_data.encode("utf-8")).hexdigest() match_dup = StaticScanResultsDb.objects.filter( dup_hash=duplicate_hash ).values("dup_hash") lenth_match = len(match_dup) if lenth_match == 0: duplicate_vuln = "No" false_p = StaticScanResultsDb.objects.filter( false_positive_hash=duplicate_hash ) fp_lenth_match = len(false_p) if fp_lenth_match == 1: false_positive = "Yes" else: false_positive = "No" save_all = StaticScanResultsDb( vuln_id=vul_id, scan_id=scan_id, date_time=date_time, project_id=project_id, severity_color=vul_col, vuln_status="Open", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive=false_positive, title=title, fileName=filename, severity=severity, filePath=path, description=str(description) + "\n\n" + str(line) + "\n\n" + str(lines), scanner="Nodejsscan", ) save_all.save() else: duplicate_vuln = "Yes" save_all = StaticScanResultsDb( vuln_id=vul_id, scan_id=scan_id, date_time=date_time, project_id=project_id, severity_color=vul_col, vuln_status="Duplicate", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive="Duplicate", title=title, fileName=filename, severity=severity, filePath=path, description=str(description) + "\n\n" + str(line) + "\n\n" + str(lines), scanner="Nodejsscan", ) save_all.save() all_findbugs_data = StaticScanResultsDb.objects.filter( scan_id=scan_id, false_positive="No" ) duplicate_count = StaticScanResultsDb.objects.filter( scan_id=scan_id, vuln_duplicate="Yes" ) total_vul = len(all_findbugs_data) total_high = len(all_findbugs_data.filter(severity="High")) total_medium = len(all_findbugs_data.filter(severity="Medium")) total_low = len(all_findbugs_data.filter(severity="Low")) total_duplicate = len(duplicate_count.filter(vuln_duplicate="Yes")) StaticScansDb.objects.filter(scan_id=scan_id).update( total_vul=total_vul, date_time=date_time, high_vul=total_high, medium_vul=total_medium, low_vul=total_low, total_dup=total_duplicate, scanner="Nodejsscan", ) trend_update() subject = "Archery Tool Scan Status - Nodejsscan Report Uploaded" message = ( "Nodejsscan Scanner has completed the scan " " %s <br> Total: %s <br>High: %s <br>" "Medium: %s <br>Low %s" % ("Nodejsscan", total_vul, total_high, total_medium, total_low) ) email_sch_notify(subject=subject, message=message)
def burp_scan_data(root, project_id, scan_id): date_time = datetime.now() """ The function parse the burp result as xml data and stored into archery database. :param xml_data: :return: """ global vuln_id, burp_status, vul_col, issue_description, issue_remediation, issue_reference, issue_vulnerability_classifications, vul_col, severity, name, path, host, location, confidence, types, serialNumber, request_datas, response_datas, url for issue in root: for data in issue: vuln_id = uuid.uuid4() if data.tag == "name": global name if data.text is None: name = "NA" else: name = data.text if data.tag == "host": global host if data.text is None: host = "NA" else: host = data.text if data.tag == "path": global path if data.text is None: path = "NA" else: path = data.text if data.tag == "location": global location if data.text is None: location = "NA" else: location = data.text if data.tag == "severity": global severity if data.text is None: severity = "NA" else: severity = data.text if data.tag == "requestresponse": global requestresponse if data.text is None: requestresponse = "NA" else: requestresponse = data.text for d in data: req = d.tag met = d.attrib if req == "request": global request_datas reqst = d.text request_datas = base64.b64decode(reqst) # reqst if req == "response": global response_datas res_dat = d.text response_datas = base64.b64decode(res_dat) # res_dat for key, items in met.items(): global methods if key == "method": methods = items if data.tag == "issueBackground": global issue_description if data.text is None: issue_description = "NA" else: issue_description = data.text if data.tag == "remediationBackground": global issue_remediation if data.text is None: issue_remediation = "NA" else: issue_remediation = data.text if data.tag == "references": global issue_reference if data.text is None: issue_reference = "NA" else: issue_reference = data.text if data.tag == "vulnerabilityClassifications": global issue_vulnerability_classifications if data.text is None: issue_vulnerability_classifications = "NA" else: issue_vulnerability_classifications = data.text details = ( str(issue_description) + str("\n") + str(request_datas) + str("\n\n") + str(response_datas) + str("\n\n") + str("\n\n") + str(issue_description) + str("\n\n") + str(issue_vulnerability_classifications) ) if severity == "High": vul_col = "danger" elif severity == "Medium": vul_col = "warning" elif severity == "Low": vul_col = "info" else: severity = "Low" vul_col = "info" vuln_id = uuid.uuid4() dup_data = name + host + location + details + severity duplicate_hash = hashlib.sha256(dup_data.encode("utf-8")).hexdigest() match_dup = ( WebScanResultsDb.objects.filter(dup_hash=duplicate_hash, scanner="Burp") .values("dup_hash") .distinct() ) lenth_match = len(match_dup) if lenth_match == 0: duplicate_vuln = "No" false_p = WebScanResultsDb.objects.filter( false_positive_hash=duplicate_hash, scanner="Burp" ) fp_lenth_match = len(false_p) global false_positive if fp_lenth_match == 1: false_positive = "Yes" elif lenth_match == 0: false_positive = "No" else: false_positive = "No" url = host + location try: data_dump = WebScanResultsDb( scan_id=scan_id, vuln_id=vuln_id, url=url, title=name, solution=issue_remediation, description=details, reference=issue_reference, project_id=project_id, severity_color=vul_col, severity=severity, date_time=date_time, false_positive=false_positive, vuln_status="Open", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, scanner="Burp", ) data_dump.save() except Exception as e: print(e) else: duplicate_vuln = "Yes" try: data_dump = WebScanResultsDb( scan_id=scan_id, vuln_id=vuln_id, url=url, title=name, solution=issue_remediation, description=issue_description, reference=issue_reference, project_id=project_id, severity_color=vul_col, severity=severity, date_time=date_time, false_positive="Duplicate", vuln_status="Duplicate", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, scanner="Burp", ) data_dump.save() except Exception as e: print(e) burp_all_vul = WebScanResultsDb.objects.filter( scan_id=scan_id, scanner="Burp", false_positive="No" ) duplicate_count = WebScanResultsDb.objects.filter( scan_id=scan_id, scanner="Burp", vuln_duplicate="Yes" ) total_vul = len(burp_all_vul) total_high = len(burp_all_vul.filter(severity="High")) total_medium = len(burp_all_vul.filter(severity="Medium")) total_low = len(burp_all_vul.filter(severity="Low")) total_info = len(burp_all_vul.filter(severity="Information")) total_duplicate = len(duplicate_count.filter(vuln_duplicate="Yes")) WebScansDb.objects.filter(scan_id=scan_id, scanner="Burp").update( scan_url=host, date_time=date_time, total_vul=total_vul, high_vul=total_high, medium_vul=total_medium, low_vul=total_low, info_vul=total_info, total_dup=total_duplicate, ) print(host) trend_update() subject = "Archery Tool Scan Status - Burp Report Uploaded" message = ( "Burp Scanner has completed the scan " " %s <br> Total: %s <br>High: %s <br>" "Medium: %s <br>Low %s" % (host, total_vul, total_high, total_medium, total_low) ) email_sch_notify(subject=subject, message=message) try: email_notification.email_notify() except Exception as e: print(e) HttpResponse(status=201)
def xml_parser(root, project_id, scan_id): """ ZAP Proxy scanner xml report parser. :param root: :param project_id: :param scan_id: :return: """ date_time = datetime.now() global vul_col, risk, reference, url, solution, instance, alert, desc, riskcode, vuln_id, false_positive, duplicate_hash, duplicate_vuln, scan_url, title for child in root: d = child.attrib scan_url = d["name"] for alert in root.iter("alertitem"): inst = [] for vuln in alert: vuln_id = uuid.uuid4() if vuln.tag == "alert": alert = vuln.text if vuln.tag == "name": title = vuln.text if vuln.tag == "solution": solution = vuln.text if vuln.tag == "reference": reference = vuln.text if vuln.tag == "riskcode": riskcode = vuln.text for instances in vuln: for ii in instances: instance = {} dd = re.sub(r"<[^>]*>", " ", ii.text) instance[ii.tag] = dd inst.append(instance) if vuln.tag == "desc": desc = vuln.text if riskcode == "3": vul_col = "danger" risk = "High" elif riskcode == "2": vul_col = "warning" risk = "Medium" elif riskcode == "1": vul_col = "info" risk = "Low" else: vul_col = "info" risk = "Low" if title == "None": print(title) else: duplicate_hash = check_false_positive(title=title, severity=risk, scan_url=scan_url) match_dup = (WebScanResultsDb.objects.filter( dup_hash=duplicate_hash).values("dup_hash").distinct()) lenth_match = len(match_dup) if lenth_match == 0: duplicate_vuln = "No" vuln_status = "Open" else: duplicate_vuln = "Yes" false_positive = "Duplicate" vuln_status = "Duplicate" data_store = WebScanResultsDb( vuln_id=vuln_id, severity_color=vul_col, scan_id=scan_id, date_time=date_time, project_id=project_id, url=scan_url, title=title, solution=solution, instance=inst, reference=reference, description=desc, severity=risk, false_positive=false_positive, jira_ticket="NA", vuln_status=vuln_status, dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, scanner="Zap", ) data_store.save() false_p = WebScanResultsDb.objects.filter( false_positive_hash=duplicate_hash) fp_lenth_match = len(false_p) if fp_lenth_match == 1: false_positive = "Yes" else: false_positive = "No" zap_all_vul = WebScanResultsDb.objects.filter(scan_id=scan_id, false_positive="No") duplicate_count = WebScanResultsDb.objects.filter(scan_id=scan_id, vuln_duplicate="Yes") total_high = len(zap_all_vul.filter(severity="High")) total_medium = len(zap_all_vul.filter(severity="Medium")) total_low = len(zap_all_vul.filter(severity="Low")) total_info = len(zap_all_vul.filter(severity="Informational")) total_duplicate = len(duplicate_count.filter(vuln_duplicate="Yes")) total_vul = total_high + total_medium + total_low + total_info WebScansDb.objects.filter(scan_id=scan_id).update( total_vul=total_vul, date_time=date_time, high_vul=total_high, medium_vul=total_medium, low_vul=total_low, info_vul=total_info, total_dup=total_duplicate, scan_url=scan_url, ) if total_vul == total_duplicate: WebScansDb.objects.filter(scan_id=scan_id).update( total_vul=total_vul, date_time=date_time, high_vul=total_high, medium_vul=total_medium, low_vul=total_low, total_dup=total_duplicate, ) trend_update() subject = "Archery Tool Scan Status - ZAP Report Uploaded" message = ("ZAP Scanner has completed the scan " " %s <br> Total: %s <br>High: %s <br>" "Medium: %s <br>Low %s" % (scan_url, total_vul, total_high, total_medium, total_low)) email_sch_notify(subject=subject, message=message)
def xml_parser(self): """ :param root: :param project_id: :param scan_id: :return: """ date_time = datetime.now() global name, classname, risk, ShortMessage, LongMessage, sourcepath, vul_col, ShortDescription, Details, lenth_match, duplicate_hash, vul_id, total_vul, total_high, total_medium, total_low, details, message for bug in self.root: if bug.tag == "BugInstance": name = bug.attrib["type"] priority = bug.attrib["priority"] for BugInstance in bug: if BugInstance.tag == "ShortMessage": global ShortMessage ShortMessage = BugInstance.text if BugInstance.tag == "LongMessage": global LongMessage LongMessage = BugInstance.text if BugInstance.tag == "Class": global classname try: classname = BugInstance.attrib["classname"] except: classname = 'na' if BugInstance.tag == "SourceLine": global sourcepath, sourcefile try: sourcepath = BugInstance.attrib["sourcepath"] except: sourcepath = 'NA' try: sourcefile = BugInstance.attrib["sourcefile"] except: sourcefile = 'NA' for data in bug: for message_data in data: if message_data.tag == 'Message': message = message_data.text if priority == "1": risk = "High" vul_col = "danger" elif priority == "2": risk = "Medium" vul_col = "warning" elif priority == "3": risk = "Low" vul_col = "info" vul_id = uuid.uuid4() dup_data = str(ShortMessage) + str(message) + str( sourcepath) + str(risk) duplicate_hash = hashlib.sha256( dup_data.encode("utf-8")).hexdigest() match_dup = StaticScanResultsDb.objects.filter( dup_hash=duplicate_hash).values("dup_hash") lenth_match = len(match_dup) details = self.find_bug_pattern(name) if lenth_match == 0: duplicate_vuln = "No" false_p = StaticScanResultsDb.objects.filter( false_positive_hash=duplicate_hash) fp_lenth_match = len(false_p) if fp_lenth_match == 1: false_positive = "Yes" else: false_positive = "No" save_all = StaticScanResultsDb( vuln_id=vul_id, date_time=date_time, scan_id=self.scan_id, project_id=self.project_id, title=str(ShortMessage), severity=risk, description="<b>Finding Path & Line:</b> %s" % str(message) + "<br><br>" "<b>Finding Classes:</b> %s" % str(classname) + "<br><br>" "<b>Finding Source Path</b>: %s" % str(sourcepath) + "<br><br>" + str(ShortMessage) + "<br><br>" + str(LongMessage) + "<br><br>" + str(details), # + "\n\n" # + str(classname), fileName=str(message), severity_color=vul_col, vuln_status="Open", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive=false_positive, scanner="Findbugs", ) save_all.save() else: duplicate_vuln = "Yes" save_all = StaticScanResultsDb( vuln_id=vul_id, date_time=date_time, scan_id=self.scan_id, project_id=self.project_id, title=str(ShortMessage), severity=risk, description="<b>Finding Path & Line:</b> %s" % str(message) + "<br><br>" "<b>Finding Classes:</b> %s" % str(classname) + "<br><br>" "<b>Finding Source Path</b>: %s" % str(sourcepath) + "<br><br>" + str(ShortMessage) + "<br><br>" + str(LongMessage) + "<br><br>" + str(details), # + "\n\n" # + str(classname), fileName=str(message), severity_color=vul_col, vuln_status="Duplicate", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, false_positive="Duplicate", scanner="Findbugs", ) save_all.save() # if bug.tag == "BugPattern": # for BugPattern in bug: # name = bug.attrib["type"] # if BugPattern.tag == "ShortDescription": # ShortDescription = BugPattern.text # if BugPattern.tag == "Details": # global Details # Details = BugPattern.text # print(Details) # StaticScanResultsDb.objects.filter(vuln_id=vul_id, title=name).update( # description=str(Details) # + "\n\n" # + str(ShortMessage) # + "\n\n" # + str(LongMessage) # + "\n\n" # + str(classname), # ) all_findbugs_data = StaticScanResultsDb.objects.filter( scan_id=self.scan_id, false_positive="No") duplicate_count = StaticScanResultsDb.objects.filter( scan_id=self.scan_id, vuln_duplicate="Yes") total_vul = len(all_findbugs_data) total_high = len(all_findbugs_data.filter(severity="High")) total_medium = len(all_findbugs_data.filter(severity="Medium")) total_low = len(all_findbugs_data.filter(severity="Low")) total_duplicate = len(duplicate_count.filter(vuln_duplicate="Yes")) StaticScansDb.objects.filter(scan_id=self.scan_id).update( total_vul=total_vul, date_time=date_time, high_vul=total_high, medium_vul=total_medium, low_vul=total_low, total_dup=total_duplicate, scanner="Findbugs", ) trend_update() subject = "Archery Tool Scan Status - Findbugs Report Uploaded" message = ( "Findbugs Scanner has completed the scan " " %s <br> Total: %s <br>High: %s <br>" "Medium: %s <br>Low %s" % (self.scan_id, total_vul, total_high, total_medium, total_low)) email_sch_notify(subject=subject, message=message)
def xml_parser(root, project_id, scan_id): global url, Scheme, Host, Port, AttackMethod, VulnerableSession, TriggerSession, VulnerabilityID, Severity, Name, ReportSection, HighlightSelections, RawResponse, SectionText, vuln_id, severity_name, vul_col, target date_time = datetime.now() for data in root: if data.tag == "Name": target = data.text for issues in data: for issue in issues: if issue.tag == "URL": url = issue.text if issue.tag == "Host": Host = issue.text if issue.tag == "Port": Port = issue.text if issue.tag == "AttackMethod": AttackMethod = issue.text if issue.tag == "VulnerableSession": VulnerableSession = issue.text if issue.tag == "Severity": Severity = issue.text if issue.tag == "Name": Name = issue.text for d_issue in issue: if d_issue.tag == "SectionText": SectionText = issue.text vuln_id = uuid.uuid4() if Severity == "4": Severity = "High" vul_col = "danger" elif Severity == "3": Severity = "High" vul_col = "danger" elif Severity == "2": Severity = "Medium" vul_col = "warning" elif Severity == "1": Severity = "Low" vul_col = "info" else: Severity = "Low" vul_col = "info" dup_data = Name + url + Severity duplicate_hash = hashlib.sha256(dup_data.encode("utf-8")).hexdigest() match_dup = ( WebScanResultsDb.objects.filter(dup_hash=duplicate_hash) .values("dup_hash") .distinct() ) lenth_match = len(match_dup) if lenth_match == 0: duplicate_vuln = "No" false_p = WebScanResultsDb.objects.filter( false_positive_hash=duplicate_hash ) fp_lenth_match = len(false_p) global false_positive if fp_lenth_match == 1: false_positive = "Yes" elif lenth_match == 0: false_positive = "No" else: false_positive = "No" if Name is None: continue else: dump_data = WebScanResultsDb( scan_id=scan_id, vuln_id=vuln_id, project_id=project_id, url=url, date_time=date_time, title=Name, severity=Severity, severity_color=vul_col, description=str(Host) + str(Port) + str(SectionText) + str(AttackMethod), instance=VulnerableSession, false_positive=false_positive, vuln_status="Open", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, scanner="Webinspect", ) dump_data.save() else: duplicate_vuln = "Yes" dump_data = WebScanResultsDb( scan_id=scan_id, vuln_id=vuln_id, project_id=project_id, url=url, date_time=date_time, title=Name, severity=Severity, severity_color=vul_col, description=str(Host) + str(Port) + str(SectionText) + str(AttackMethod), instance=VulnerableSession, false_positive="Duplicate", vuln_status="Duplicate", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, scanner="Webinspect", ) dump_data.save() webinspect_all_vul = WebScanResultsDb.objects.filter( scan_id=scan_id, false_positive="No" ) duplicate_count = WebScanResultsDb.objects.filter( scan_id=scan_id, vuln_duplicate="Yes" ) total_high = len(webinspect_all_vul.filter(severity="High")) total_medium = len(webinspect_all_vul.filter(severity="Medium")) total_low = len(webinspect_all_vul.filter(severity="Low")) total_info = len(webinspect_all_vul.filter(severity="Information")) total_duplicate = len(duplicate_count.filter(vuln_duplicate="Yes")) total_vul = total_high + total_medium + total_low + total_info WebScansDb.objects.filter(scan_id=scan_id).update( total_vul=total_vul, scan_url=target, date_time=date_time, high_vul=total_high, medium_vul=total_medium, low_vul=total_low, info_vul=total_info, total_dup=total_duplicate, ) trend_update() subject = "Archery Tool Scan Status - Webinspect Report Uploaded" message = ( "Webinspect Scanner has completed the scan " " %s <br> Total: %s <br>High: %s <br>" "Medium: %s <br>Low %s" % (Host, total_vul, total_high, total_medium, total_low) ) email_sch_notify(subject=subject, message=message)
def bandit_report_json(data, project_id, scan_id): """ :param data: :param project_id: :param scan_id: :return: """ global vul_col, issue_severity, test_name, filename, line_number, code, issue_confidence, line_range, test_id, issue_text, more_info, total_vul, total_high, total_medium, total_low for key, items in data.items(): if key == "results": for res in items: for key, value in res.items(): if key == "line_number": global line_number if value is None: line_number = "NA" else: line_number = value if key == "code": global code if value is None: code = "NA" else: code = value if key == "issue_confidence": global issue_confidence if value is None: issue_confidence = "NA" else: issue_confidence = value if key == "line_range": global line_range if value is None: line_range = "NA" else: line_range = value if key == "test_id": global test_id if value is None: test_id = "NA" else: test_id = value if key == "issue_severity": global issue_severity if value is None: issue_severity = "NA" else: issue_severity = value if key == "issue_text": global issue_text if value is None: issue_text = "NA" else: issue_text = value if key == "test_name": global test_name if value is None: test_name = "NA" else: test_name = value if key == "filename": global filename if value is None: filename = "NA" else: filename = value if key == "more_info": global more_info if value is None: more_info = "NA" else: more_info = value date_time = datetime.now() vul_id = uuid.uuid4() if issue_severity == "HIGH": vul_col = "danger" issue_severity = "High" elif issue_severity == "MEDIUM": vul_col = "warning" issue_severity = "Medium" elif issue_severity == "LOW": vul_col = "info" issue_severity = "Low" dup_data = test_name + filename + issue_severity duplicate_hash = hashlib.sha256( dup_data.encode("utf-8")).hexdigest() match_dup = (StaticScanResultsDb.objects.filter( dup_hash=duplicate_hash).values("dup_hash").distinct()) lenth_match = len(match_dup) if lenth_match == 0: duplicate_vuln = "No" false_p = StaticScanResultsDb.objects.filter( false_positive_hash=duplicate_hash) fp_lenth_match = len(false_p) if fp_lenth_match == 1: false_positive = "Yes" else: false_positive = "No" save_all = StaticScanResultsDb( scan_id=scan_id, date_time=date_time, project_id=project_id, vuln_id=vul_id, severity=issue_severity, title=test_name, fileName=filename, description=str(issue_text) + "\n\n" + str(code) + "\n\n" + str(line_range), references=more_info, severity_color=vul_col, false_positive=false_positive, vuln_status="Open", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, scanner="Bandit", ) save_all.save() else: duplicate_vuln = "Yes" save_all = StaticScanResultsDb( scan_id=scan_id, date_time=date_time, project_id=project_id, vuln_id=vul_id, severity=issue_severity, title=test_name, fileName=filename, description=str(issue_text) + "\n\n" + str(code) + "\n\n" + str(line_range), references=more_info, severity_color=vul_col, false_positive="Duplicate", vuln_status="Duplicate", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, scanner="Bandit", ) save_all.save() all_bandit_data = StaticScanResultsDb.objects.filter( scan_id=scan_id, false_positive="No") duplicate_count = StaticScanResultsDb.objects.filter( scan_id=scan_id, vuln_duplicate="Yes") total_vul = len(all_bandit_data) total_high = len(all_bandit_data.filter(severity="High")) total_medium = len(all_bandit_data.filter(severity="Medium")) total_low = len(all_bandit_data.filter(severity="Low")) total_duplicate = len(duplicate_count.filter(vuln_duplicate="Yes")) StaticScansDb.objects.filter(scan_id=scan_id).update( total_vul=total_vul, high_vul=total_high, medium_vul=total_medium, low_vul=total_low, total_dup=total_duplicate, ) trend_update() subject = "Archery Tool Scan Status - Bandit Report Uploaded" message = ("Bandit Scanner has completed the scan " " %s <br> Total: %s <br>High: %s <br>" "Medium: %s <br>Low %s" % (scan_id, total_vul, total_high, total_medium, total_low)) email_sch_notify(subject=subject, message=message)
def updated_xml_parser(root, project_id, scan_id): """ :param root: :param project_id: :param scan_id: :param username: :return: """ global host, name, severity, port, threat, creation_time, modification_time, description, family, cvss_base, cve for openvas in root.findall(".//result"): for r in openvas: if r.tag == "name": global name if r.text is None: name = "NA" else: name = r.text if r.tag == "host": global host if r.text is None: host = "NA" else: host = r.text if r.tag == "port": global port if r.text is None: port = "NA" else: port = r.text if r.tag == "threat": global threat if r.text is None: threat = "NA" else: threat = r.text if r.tag == "severity": global severity if r.text is None: severity = "NA" else: severity = r.text if r.tag == "description": global description if r.text is None: description = "NA" else: description = r.text date_time = datetime.now() vuln_id = uuid.uuid4() dup_data = name + host + severity + port duplicate_hash = hashlib.sha256(dup_data.encode("utf-8")).hexdigest() match_dup = (NetworkScanResultsDb.objects.filter( vuln_duplicate=duplicate_hash).values("vuln_duplicate").distinct()) lenth_match = len(match_dup) vuln_color = "" if lenth_match == 0: duplicate_vuln = "No" false_p = NetworkScanResultsDb.objects.filter( false_positive_hash=duplicate_hash) fp_lenth_match = len(false_p) if fp_lenth_match == 1: false_positive = "Yes" else: false_positive = "No" if threat == "High": vuln_color = "danger" elif threat == "Medium": vuln_color = "warning" elif threat == "Low": vuln_color = "info" elif threat == "Log": vuln_color = "info" save_all = NetworkScanResultsDb( scan_id=scan_id, project_id=project_id, vuln_id=vuln_id, title=name, date_time=date_time, severity=threat, description=description, port=port, ip=host, vuln_status="Open", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, severity_color=vuln_color, false_positive=false_positive, scanner="Openvas", ) save_all.save() else: duplicate_vuln = "Yes" all_data_save = NetworkScanResultsDb( scan_id=scan_id, project_id=project_id, vuln_id=vuln_id, title=name, date_time=date_time, severity=threat, description=description, port=port, ip=host, false_positive="Duplicate", vuln_status="Duplicate", dup_hash=duplicate_hash, vuln_duplicate=duplicate_vuln, severity_color=vuln_color, scanner="Openvas", ) all_data_save.save() openvas_vul = NetworkScanResultsDb.objects.filter(scan_id=scan_id, ip=host) total_high = len(openvas_vul.filter(severity="High")) total_medium = len(openvas_vul.filter(severity="Medium")) total_low = len(openvas_vul.filter(severity="Low")) total_duplicate = len(openvas_vul.filter(vuln_duplicate="Yes")) total_vul = total_high + total_medium + total_low NetworkScanDb.objects.filter(scan_id=scan_id).update( total_vul=total_vul, high_vul=total_high, medium_vul=total_medium, low_vul=total_low, total_dup=total_duplicate, ) trend_update() subject = "Archery Tool Scan Status - OpenVAS Report Uploaded" message = ("OpenVAS Scanner has completed the scan " " %s <br> Total: %s <br>High: %s <br>" "Medium: %s <br>Low %s" % (scan_id, total_vul, total_high, total_medium, total_low)) email_sch_notify(subject=subject, message=message)