NexposeRunner 0.0.8 → 0.0.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/NexposeRunner/version.rb +1 -1
- data/lib/nexpose-runner/constants.rb +8 -1
- data/lib/nexpose-runner/scan.rb +7 -4
- data/spec/scan_spec.rb +18 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 13adebf5deaf318e68db7a8965cd1aaddbe75003
|
|
4
|
+
data.tar.gz: 44ccda32d83f9aa9064fb26f63072935033b0812
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: a98f08b066853cc72dac0b4378b0ab6a8dba85f70896528a6c338069822424b23dd4165a5beabbbc0e3fe22f735447abbbe8ff82414e6ee8d757db0eecc27457
|
|
7
|
+
data.tar.gz: 888df0a298044649828885df63b90c7596b2c853bb5f7a45ab520af376d9e03ca8d3c277c00c11d85ec142a7f99b1d6b412920c1490504f383aae8d33d3ae206
|
|
@@ -10,7 +10,14 @@ module CONSTANTS
|
|
|
10
10
|
VULNERABILITY_REPORT_NAME = 'nexpose-vulnerability-report.csv'
|
|
11
11
|
SOFTWARE_REPORT_NAME = 'nexpose-software-report.csv'
|
|
12
12
|
POLICY_REPORT_NAME = 'nexpose-policy-report.csv'
|
|
13
|
-
|
|
13
|
+
|
|
14
|
+
AUDIT_REPORT_FILE_NAME = 'nexpose-audit-report.html'
|
|
15
|
+
AUDIT_REPORT_NAME = 'audit-report'
|
|
16
|
+
AUDIT_REPORT_FORMAT = 'html'
|
|
17
|
+
|
|
18
|
+
XML_REPORT_FILE_NAME = 'nexpose-xml-report.xml'
|
|
19
|
+
XML_REPORT_NAME = 'audit-report'
|
|
20
|
+
XML_REPORT_FORMAT = 'raw-xml'
|
|
14
21
|
|
|
15
22
|
VULNERABILITY_REPORT_QUERY = 'SELECT DISTINCT
|
|
16
23
|
ip_address,
|
data/lib/nexpose-runner/scan.rb
CHANGED
|
@@ -36,7 +36,10 @@ module NexposeRunner
|
|
|
36
36
|
generate_csv(policies, CONSTANTS::POLICY_REPORT_NAME)
|
|
37
37
|
|
|
38
38
|
puts "Scan complete for #{run_details.site_name}, Generating Audit Report"
|
|
39
|
-
|
|
39
|
+
generate_template_report(nsc, site.id, CONSTANTS::AUDIT_REPORT_FILE_NAME, CONSTANTS::AUDIT_REPORT_NAME, CONSTANTS::AUDIT_REPORT_FORMAT)
|
|
40
|
+
|
|
41
|
+
puts "Scan complete for #{run_details.site_name}, Generating Xml Report"
|
|
42
|
+
generate_template_report(nsc, site.id, CONSTANTS::XML_REPORT_FILE_NAME, CONSTANTS::XML_REPORT_NAME, CONSTANTS::XML_REPORT_FORMAT)
|
|
40
43
|
|
|
41
44
|
[vulnerbilities, software, policies]
|
|
42
45
|
end
|
|
@@ -90,10 +93,10 @@ module NexposeRunner
|
|
|
90
93
|
CSV.parse(report_output.chomp, {:headers => :first_row})
|
|
91
94
|
end
|
|
92
95
|
|
|
93
|
-
def self.
|
|
94
|
-
adhoc = Nexpose::AdhocReportConfig.new(
|
|
96
|
+
def self.generate_template_report(nsc, site, file_name, report_name, report_format)
|
|
97
|
+
adhoc = Nexpose::AdhocReportConfig.new(report_name, report_format, site)
|
|
95
98
|
data = adhoc.generate(nsc)
|
|
96
|
-
File.open(
|
|
99
|
+
File.open(file_name, 'w') { |file| file.write(data) }
|
|
97
100
|
end
|
|
98
101
|
|
|
99
102
|
def self.generate_csv(csv_output, name)
|
data/spec/scan_spec.rb
CHANGED
|
@@ -209,7 +209,7 @@ describe 'nexpose-runner' do
|
|
|
209
209
|
|
|
210
210
|
describe 'it should create reports' do
|
|
211
211
|
it 'should generate, download, and parse an adhoc reports for Vulnerability, Software, and Policies' do
|
|
212
|
-
|
|
212
|
+
expect(Nexpose::AdhocReportConfig).to receive(:new)
|
|
213
213
|
.with(nil, 'sql')
|
|
214
214
|
.and_return(@mock_report)
|
|
215
215
|
|
|
@@ -217,6 +217,17 @@ describe 'nexpose-runner' do
|
|
|
217
217
|
expect_report_to_be_called_with(CONSTANTS::SOFTWARE_REPORT_NAME, CONSTANTS::SOFTWARE_REPORT_QUERY, @mock_software_report)
|
|
218
218
|
expect_report_to_be_called_with(CONSTANTS::POLICY_REPORT_NAME, CONSTANTS::POLICY_REPORT_QUERY, @mock_policy_report)
|
|
219
219
|
|
|
220
|
+
expect(Nexpose::AdhocReportConfig).to receive(:new)
|
|
221
|
+
.with(CONSTANTS::AUDIT_REPORT_NAME, CONSTANTS::AUDIT_REPORT_FORMAT, @mock_site_id)
|
|
222
|
+
.and_return(@mock_report)
|
|
223
|
+
|
|
224
|
+
expect(Nexpose::AdhocReportConfig).to receive(:new)
|
|
225
|
+
.with(CONSTANTS::XML_REPORT_NAME, CONSTANTS::XML_REPORT_FORMAT, @mock_site_id)
|
|
226
|
+
.and_return(@mock_report)
|
|
227
|
+
|
|
228
|
+
expect_template_report_to_be_called_with(CONSTANTS::AUDIT_REPORT_FILE_NAME)
|
|
229
|
+
expect_template_report_to_be_called_with(CONSTANTS::XML_REPORT_FILE_NAME)
|
|
230
|
+
|
|
220
231
|
expect {
|
|
221
232
|
NexposeRunner::Scan.start(@options)
|
|
222
233
|
}.to raise_error(StandardError, CONSTANTS::VULNERABILITY_FOUND_MESSAGE)
|
|
@@ -252,6 +263,11 @@ def expect_report_to_be_called_with(report_name, report_query, report_response)
|
|
|
252
263
|
expect(CSV).to receive(:open).with(report_name, 'w').ordered
|
|
253
264
|
end
|
|
254
265
|
|
|
266
|
+
def expect_template_report_to_be_called_with(report_file_name)
|
|
267
|
+
expect(@mock_report).to receive(:generate).with(@mock_nexpose_client).ordered
|
|
268
|
+
expect(File).to receive(:open).with(report_file_name, 'w').ordered
|
|
269
|
+
end
|
|
270
|
+
|
|
255
271
|
def get_mock_nexpose_client
|
|
256
272
|
mock_nexpose_client = double(Nexpose::Connection)
|
|
257
273
|
|
|
@@ -333,6 +349,7 @@ def get_mock_report
|
|
|
333
349
|
.and_return(mock_report)
|
|
334
350
|
|
|
335
351
|
allow(CSV).to receive(:open).with(any_args)
|
|
352
|
+
allow(File).to receive(:open).with(any_args)
|
|
336
353
|
|
|
337
354
|
mock_report
|
|
338
355
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: NexposeRunner
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.9
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Nathan Gibson
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2016-01-06 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: nexpose
|