dradis-nessus 3.18.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.github/issue_template.md +16 -0
- data/.github/pull_request_template.md +36 -0
- data/.gitignore +9 -0
- data/.rspec +2 -0
- data/CHANGELOG.md +56 -0
- data/CONTRIBUTING.md +3 -0
- data/Gemfile +23 -0
- data/LICENSE +339 -0
- data/README.md +31 -0
- data/Rakefile +2 -0
- data/dradis-nessus.gemspec +35 -0
- data/lib/dradis-nessus.rb +9 -0
- data/lib/dradis/plugins/nessus.rb +11 -0
- data/lib/dradis/plugins/nessus/engine.rb +13 -0
- data/lib/dradis/plugins/nessus/field_processor.rb +55 -0
- data/lib/dradis/plugins/nessus/gem_version.rb +19 -0
- data/lib/dradis/plugins/nessus/importer.rb +177 -0
- data/lib/dradis/plugins/nessus/version.rb +13 -0
- data/lib/nessus/host.rb +82 -0
- data/lib/nessus/report_item.rb +118 -0
- data/lib/tasks/thorfile.rb +21 -0
- data/spec/dradis/plugins/nessus/field_processor_spec.rb +41 -0
- data/spec/dradis/plugins/nessus/importer_spec.rb +55 -0
- data/spec/fixtures/files/example_v2.nessus +2076 -0
- data/spec/fixtures/files/host-01.xml +18 -0
- data/spec/fixtures/files/report_item-with-list.xml +45 -0
- data/spec/nessus/host_spec.rb +29 -0
- data/spec/spec_helper.rb +10 -0
- data/templates/evidence.fields +17 -0
- data/templates/evidence.sample +53 -0
- data/templates/evidence.template +5 -0
- data/templates/report_host.fields +8 -0
- data/templates/report_host.sample +12 -0
- data/templates/report_host.template +14 -0
- data/templates/report_item.fields +33 -0
- data/templates/report_item.sample +43 -0
- data/templates/report_item.template +20 -0
- metadata +172 -0
@@ -0,0 +1,18 @@
|
|
1
|
+
<?xml version="1.0" ?>
|
2
|
+
<NessusClientData_v2>
|
3
|
+
<Report name="RSpec-01">
|
4
|
+
<ReportHost name="10.0.0.1">
|
5
|
+
<HostProperties>
|
6
|
+
<tag name="HOST_END">Tue Aug 9 09:59:24 2011</tag>
|
7
|
+
<tag name="HOST_START">Tue Aug 9 09:50:18 2011</tag>
|
8
|
+
</HostProperties>
|
9
|
+
<ReportItem port="0" svc_name="general" protocol="udp" severity="1" pluginID="10287" pluginName="Traceroute Information" pluginFamily="General" />
|
10
|
+
<ReportItem port="0" svc_name="unknown" protocol="icmp" severity="0" pluginID="0" pluginName="" pluginFamily=""/>
|
11
|
+
<ReportItem port="0" svc_name="unknown" protocol="tcp" severity="0" pluginID="0" pluginName="" pluginFamily=""/>
|
12
|
+
<ReportItem port="0" svc_name="unknown" protocol="udp" severity="0" pluginID="0" pluginName="" pluginFamily=""/>
|
13
|
+
<ReportItem port="21" svc_name="ftp?" protocol="tcp" severity="0" pluginID="0" pluginName="" pluginFamily=""/>
|
14
|
+
<ReportItem port="22" svc_name="ssh" protocol="tcp" severity="0" pluginID="0" pluginName="" pluginFamily=""/>
|
15
|
+
<ReportItem port="9090" svc_name="www" protocol="tcp" severity="0" pluginID="0" pluginName="" pluginFamily=""/>
|
16
|
+
</ReportHost>
|
17
|
+
</Report>
|
18
|
+
</NessusClientData_v2>
|
@@ -0,0 +1,45 @@
|
|
1
|
+
<?xml version="1.0"?>
|
2
|
+
<ReportItem port="80" svc_name="www" protocol="tcp" severity="2" pluginID="68915" pluginName="Apache 2.2.x < 2.2.25 Multiple Vulnerabilities" pluginFamily="Web Servers">
|
3
|
+
<bid>59826</bid>
|
4
|
+
<bid>61129</bid>
|
5
|
+
<cpe>cpe:/a:apache:http_server</cpe>
|
6
|
+
<cve>CVE-2013-1862</cve>
|
7
|
+
<cve>CVE-2013-1896</cve>
|
8
|
+
<cvss_base_score>5.1</cvss_base_score>
|
9
|
+
<cvss_temporal_score>4.4</cvss_temporal_score>
|
10
|
+
<cvss_temporal_vector>CVSS2#E:ND/RL:OF/RC:C</cvss_temporal_vector>
|
11
|
+
<cvss_vector>CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P</cvss_vector>
|
12
|
+
<description>According to its banner, the version of Apache 2.2.x running on the remote host is prior to 2.2.25. It is, therefore, potentially affected by the following vulnerabilities :
|
13
|
+
|
14
|
+
- A flaw exists in the 'RewriteLog' function where it fails to sanitize escape sequences from being written to log files, making it potentially vulnerable to arbitrary command execution. (CVE-2013-1862)
|
15
|
+
|
16
|
+
- A denial of service vulnerability exists relating to the 'mod_dav' module as it relates to MERGE requests.
|
17
|
+
(CVE-2013-1896)
|
18
|
+
|
19
|
+
Note that Nessus did not actually test for these issues, but instead has relied on the version in the server's banner.</description>
|
20
|
+
<exploit_available>false</exploit_available>
|
21
|
+
<exploitability_ease>No known exploits are available</exploitability_ease>
|
22
|
+
<fname>apache_2_2_25.nasl</fname>
|
23
|
+
<osvdb>93366</osvdb>
|
24
|
+
<osvdb>95498</osvdb>
|
25
|
+
<patch_publication_date>2013/07/10</patch_publication_date>
|
26
|
+
<plugin_modification_date>2015/10/19</plugin_modification_date>
|
27
|
+
<plugin_name>Apache 2.2.x < 2.2.25 Multiple Vulnerabilities</plugin_name>
|
28
|
+
<plugin_publication_date>2013/07/16</plugin_publication_date>
|
29
|
+
<plugin_type>remote</plugin_type>
|
30
|
+
<risk_factor>Medium</risk_factor>
|
31
|
+
<script_version>$Revision: 1.14 $</script_version>
|
32
|
+
<see_also>https://archive.apache.org/dist/httpd/CHANGES_2.2.25
|
33
|
+
http://httpd.apache.org/security/vulnerabilities_22.html
|
34
|
+
http://www.nessus.org/u?f050c342</see_also>
|
35
|
+
<solution>Upgrade to Apache version 2.2.25 or later. Alternatively, ensure that the affected modules are not in use.</solution>
|
36
|
+
<synopsis>The remote web server may be affected by multiple cross-site scripting vulnerabilities.</synopsis>
|
37
|
+
<vuln_publication_date>2013/05/13</vuln_publication_date>
|
38
|
+
<xref>OSVDB:93366</xref>
|
39
|
+
<xref>OSVDB:95498</xref>
|
40
|
+
<plugin_output>
|
41
|
+
Version source : Server: Apache/2.2.20
|
42
|
+
Installed version : 2.2.20
|
43
|
+
Fixed version : 2.2.25
|
44
|
+
</plugin_output>
|
45
|
+
</ReportItem>
|
@@ -0,0 +1,29 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
describe Nessus::Host do
|
4
|
+
let(:host1_xml) { File.expand_path('../../fixtures/files/host-01.xml', __FILE__) }
|
5
|
+
|
6
|
+
before do
|
7
|
+
doc = Nokogiri::XML(File.read(host1_xml))
|
8
|
+
@host = Nessus::Host.new(doc.xpath('/NessusClientData_v2/Report/ReportHost').first)
|
9
|
+
end
|
10
|
+
|
11
|
+
# These are the properties we need to support:
|
12
|
+
# host.name The name given at scan time, usually an IP address
|
13
|
+
# host.ip The ip address of the host
|
14
|
+
# host.fqdn The full qualified domain name of the host
|
15
|
+
# host.operating_system The OS of the system if detected
|
16
|
+
# host.mac_address The mac address if the scanned system was on the same subnet
|
17
|
+
# host.netbios_name The netbios name of the system
|
18
|
+
# host.scan_start_time The date/time the scan started
|
19
|
+
# host.scan_stop_time The date/time the scan ended
|
20
|
+
it 'Nessus::Host responds to all the expected fields' do
|
21
|
+
expect(@host.name).to eq('10.0.0.1')
|
22
|
+
expect(@host.scan_start_time).to eq('Tue Aug 9 09:50:18 2011')
|
23
|
+
end
|
24
|
+
|
25
|
+
it 'provides access to each of its ReportItems' do
|
26
|
+
report_items = @host.report_items
|
27
|
+
report_items.each { |item| expect(item).to be_a(Nessus::ReportItem) }
|
28
|
+
end
|
29
|
+
end
|
data/spec/spec_helper.rb
ADDED
@@ -0,0 +1,17 @@
|
|
1
|
+
compliance.cm_actual_value
|
2
|
+
compliance.cm_audit_file
|
3
|
+
compliance.cm_check_id
|
4
|
+
compliance.cm_check_name
|
5
|
+
compliance.cm_info
|
6
|
+
compliance.cm_output
|
7
|
+
compliance.cm_policy_value
|
8
|
+
compliance.cm_reference
|
9
|
+
compliance.cm_result
|
10
|
+
compliance.cm_see_also
|
11
|
+
compliance.cm_solution
|
12
|
+
evidence.plugin_output
|
13
|
+
evidence.port
|
14
|
+
evidence.protocol
|
15
|
+
evidence.svc_name
|
16
|
+
evidence.severity
|
17
|
+
report_item.plugin_name
|
@@ -0,0 +1,53 @@
|
|
1
|
+
<ReportItem
|
2
|
+
xmlns:cm="http://www.nessus.org/cm"
|
3
|
+
port="80"
|
4
|
+
svc_name="www"
|
5
|
+
protocol="tcp"
|
6
|
+
severity="3"
|
7
|
+
pluginID="11030"
|
8
|
+
pluginName="Apache Chunked Encoding Remote Overflow"
|
9
|
+
pluginFamily="Web Servers">
|
10
|
+
|
11
|
+
<exploitability_ease>Exploits are available</exploitability_ease>
|
12
|
+
<vuln_publication_date>2002/06/19</vuln_publication_date>
|
13
|
+
<exploit_framework_canvas>true</exploit_framework_canvas>
|
14
|
+
<exploit_framework_metasploit>true</exploit_framework_metasploit>
|
15
|
+
<cvss_temporal_vector>CVSS2#E:F/RL:OF/RC:C</cvss_temporal_vector>
|
16
|
+
<exploit_framework_core>true</exploit_framework_core>
|
17
|
+
<solution>Upgrade to Apache web server version 1.3.26 or 2.0.39 or newer.</solution>
|
18
|
+
<cvss_temporal_score>6.2</cvss_temporal_score>
|
19
|
+
<risk_factor>High</risk_factor>
|
20
|
+
<description>The remote Apache web server is affected by the Apache web server chunk handling vulnerability.
|
21
|
+
|
22
|
+
If safe checks are enabled, this may be a false positive since it is based on the version of Apache. Although unpatched Apache versions
|
23
|
+
1.2.2 and above, 1.3 through 1.3.24, and 2.0 through 2.0.36 are affected, the remote server may be running a patched version of Apache.</description>
|
24
|
+
|
25
|
+
<plugin_publication_date>2002/06/17</plugin_publication_date>
|
26
|
+
<metasploit_name>Apache Win32 Chunked Encoding</metasploit_name>
|
27
|
+
<cvss_vector>CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P</cvss_vector>
|
28
|
+
<synopsis>The remote web server is vulnerable to a remote code execution attack.</synopsis>
|
29
|
+
<plugin_type>remote</plugin_type>
|
30
|
+
<see_also>http://httpd.apache.org/info/security_bulletin_20020617.txt</see_also>
|
31
|
+
<see_also>http://httpd.apache.org/info/security_bulletin_20020620.txt</see_also>
|
32
|
+
<exploit_available>true</exploit_available>
|
33
|
+
<plugin_modification_date>2011/03/08</plugin_modification_date>
|
34
|
+
<cvss_base_score>7.5</cvss_base_score>
|
35
|
+
<canvas_package>CANVAS</canvas_package>
|
36
|
+
<cve>CVE-2002-0392</cve>
|
37
|
+
<bid>5033</bid>
|
38
|
+
<xref>IAVA:2002-a-0003</xref>
|
39
|
+
<xref>OSVDB:838</xref>
|
40
|
+
<plugin_version>$Revision: 1.45 $</plugin_version>
|
41
|
+
<plugin_output>Fake output (for Plugin Manager testing purposes)</plugin_output>
|
42
|
+
|
43
|
+
<cm:compliance-actual-value>0</cm:compliance-actual-value>
|
44
|
+
<cm:compliance-audit-file>CIS_MS_Windows_8_Level_1_v1.0.0.audit</cm:compliance-audit-file>
|
45
|
+
<cm:compliance-check-id>1aca1416734d72f4352467605412ee96</cm:compliance-check-id>
|
46
|
+
<cm:compliance-check-name>1.1.1.1 Set 'Account lockout threshold' to '5 invalid logon attempt(s)'</cm:compliance-check-name>
|
47
|
+
<cm:compliance-info>This policy setting determines the number of failed logon attempts before a lock occurs.</cm:compliance-info>
|
48
|
+
<cm:compliance-policy-value>5</cm:compliance-policy-value>
|
49
|
+
<cm:compliance-reference>PCI|8.5.13,CCE|CCE-21671-3,Level|1S,800-53|AC-1</cm:compliance-reference>
|
50
|
+
<cm:compliance-result>FAILED</cm:compliance-result>
|
51
|
+
<cm:compliance-see-also>https://benchmarks.cisecurity.org/tools2/windows/CIS_Microsoft_Windows_8_Benchmark_v1.0.0.pdf</cm:compliance-see-also>
|
52
|
+
<cm:compliance-solution>Make sure 'Account lockout threshold' is set to 5 invalid attempts.</cm:compliance-solution>
|
53
|
+
</ReportItem>
|
@@ -0,0 +1,12 @@
|
|
1
|
+
<ReportHost name="10.0.0.1">
|
2
|
+
<HostProperties>
|
3
|
+
<tag name="host-ip">10.0.0.1</tag>
|
4
|
+
<tag name="host-fqdn">dc1.localdomain</tag>
|
5
|
+
<tag name="operating-system">Windows Server 2008</tag>
|
6
|
+
<tag name="mac-address">00:01:02:03:04:05</tag>
|
7
|
+
<tag name="netbios-name">DC1</tag>
|
8
|
+
<tag name="HOST_END">Tue Aug 9 09:59:24 2011</tag>
|
9
|
+
<tag name="HOST_START">Tue Aug 9 09:50:18 2011</tag>
|
10
|
+
</HostProperties>
|
11
|
+
<ReportItem/>
|
12
|
+
</ReportHost>
|
@@ -0,0 +1,14 @@
|
|
1
|
+
#[Title]#
|
2
|
+
Nessus host summary
|
3
|
+
|
4
|
+
#[Host information]#
|
5
|
+
Name: %report_host.name%
|
6
|
+
IP address: %report_host.ip%
|
7
|
+
FQDN: %report_host.fqdn%
|
8
|
+
OS: %report_host.operating_system%
|
9
|
+
Mac address: %report_host.mac_address%
|
10
|
+
Netbios name: %report_host.netbios_name%
|
11
|
+
|
12
|
+
#[Scan information]#
|
13
|
+
Scan started: %report_host.scan_start_time%
|
14
|
+
Scan ended: %report_host.scan_stop_time%
|
@@ -0,0 +1,33 @@
|
|
1
|
+
report_item.port
|
2
|
+
report_item.svc_name
|
3
|
+
report_item.protocol
|
4
|
+
report_item.severity
|
5
|
+
report_item.plugin_id
|
6
|
+
report_item.plugin_name
|
7
|
+
report_item.plugin_family
|
8
|
+
report_item.exploitability_ease
|
9
|
+
report_item.vuln_publication_date
|
10
|
+
report_item.exploit_framework_canvas
|
11
|
+
report_item.exploit_framework_metasploit
|
12
|
+
report_item.exploit_framework_core
|
13
|
+
report_item.solution
|
14
|
+
report_item.risk_factor
|
15
|
+
report_item.description
|
16
|
+
report_item.plugin_publication_date
|
17
|
+
report_item.metasploit_name
|
18
|
+
report_item.cvss_vector
|
19
|
+
report_item.cvss3_vector
|
20
|
+
report_item.cvss_temporal_vector
|
21
|
+
report_item.cvss_temporal_score
|
22
|
+
report_item.cvss_base_score
|
23
|
+
report_item.cvss3_base_score
|
24
|
+
report_item.synopsis
|
25
|
+
report_item.exploit_available
|
26
|
+
report_item.patch_publication_date
|
27
|
+
report_item.plugin_modification_date
|
28
|
+
report_item.plugin_output
|
29
|
+
report_item.plugin_version
|
30
|
+
report_item.bid_entries
|
31
|
+
report_item.cve_entries
|
32
|
+
report_item.see_also_entries
|
33
|
+
report_item.xref_entries
|
@@ -0,0 +1,43 @@
|
|
1
|
+
<ReportItem
|
2
|
+
port="80"
|
3
|
+
svc_name="www"
|
4
|
+
protocol="tcp"
|
5
|
+
severity="3"
|
6
|
+
pluginID="11030"
|
7
|
+
pluginName="Apache Chunked Encoding Remote Overflow"
|
8
|
+
pluginFamily="Web Servers">
|
9
|
+
|
10
|
+
<exploitability_ease>Exploits are available</exploitability_ease>
|
11
|
+
<vuln_publication_date>2002/06/19</vuln_publication_date>
|
12
|
+
<exploit_framework_canvas>true</exploit_framework_canvas>
|
13
|
+
<exploit_framework_metasploit>true</exploit_framework_metasploit>
|
14
|
+
<cvss_temporal_vector>CVSS2#E:F/RL:OF/RC:C</cvss_temporal_vector>
|
15
|
+
<exploit_framework_core>true</exploit_framework_core>
|
16
|
+
<solution>Upgrade to Apache web server version 1.3.26 or 2.0.39 or newer.</solution>
|
17
|
+
<cvss_temporal_score>6.2</cvss_temporal_score>
|
18
|
+
<risk_factor>High</risk_factor>
|
19
|
+
<description>The remote Apache web server is affected by the Apache web server chunk handling vulnerability.
|
20
|
+
|
21
|
+
If safe checks are enabled, this may be a false positive since it is based on the version of Apache. Although unpatched Apache versions
|
22
|
+
1.2.2 and above, 1.3 through 1.3.24, and 2.0 through 2.0.36 are affected, the remote server may be running a patched version of Apache.</description>
|
23
|
+
|
24
|
+
<plugin_publication_date>2002/06/17</plugin_publication_date>
|
25
|
+
<metasploit_name>Apache Win32 Chunked Encoding</metasploit_name>
|
26
|
+
<cvss3_base_score>3.7</cvss3_base_score>
|
27
|
+
<cvss3_vector>CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N</cvss3_vector>
|
28
|
+
<cvss_vector>CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P</cvss_vector>
|
29
|
+
<synopsis>The remote web server is vulnerable to a remote code execution attack.</synopsis>
|
30
|
+
<plugin_type>remote</plugin_type>
|
31
|
+
<see_also>http://httpd.apache.org/info/security_bulletin_20020617.txt</see_also>
|
32
|
+
<see_also>http://httpd.apache.org/info/security_bulletin_20020620.txt</see_also>
|
33
|
+
<exploit_available>true</exploit_available>
|
34
|
+
<plugin_modification_date>2011/03/08</plugin_modification_date>
|
35
|
+
<cvss_base_score>7.5</cvss_base_score>
|
36
|
+
<canvas_package>CANVAS</canvas_package>
|
37
|
+
<cve>CVE-2002-0392</cve>
|
38
|
+
<bid>5033</bid>
|
39
|
+
<xref>IAVA:2002-a-0003</xref>
|
40
|
+
<xref>OSVDB:838</xref>
|
41
|
+
<plugin_version>$Revision: 1.45 $</plugin_version>
|
42
|
+
<plugin_output>Fake output (for Plugin Manager testing purposes)</plugin_output>
|
43
|
+
</ReportItem>
|
@@ -0,0 +1,20 @@
|
|
1
|
+
#[Title]#
|
2
|
+
%report_item.plugin_name%
|
3
|
+
|
4
|
+
#[CVSSv3.BaseScore]#
|
5
|
+
%report_item.cvss3_base_score%
|
6
|
+
|
7
|
+
#[CVSSv3Vector]#
|
8
|
+
%report_item.cvss3_vector%
|
9
|
+
|
10
|
+
#[Type]#
|
11
|
+
Internal
|
12
|
+
|
13
|
+
#[Description]#
|
14
|
+
%report_item.description%
|
15
|
+
|
16
|
+
#[Solution]#
|
17
|
+
%report_item.solution%
|
18
|
+
|
19
|
+
#[References]#
|
20
|
+
%report_item.see_also_entries%
|
metadata
ADDED
@@ -0,0 +1,172 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: dradis-nessus
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 3.18.0
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Daniel Martin
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
date: 2020-07-22 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: dradis-plugins
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - "~>"
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '3.6'
|
20
|
+
type: :runtime
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - "~>"
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: '3.6'
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: nokogiri
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - ">="
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: '0'
|
34
|
+
type: :runtime
|
35
|
+
prerelease: false
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - ">="
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: '0'
|
41
|
+
- !ruby/object:Gem::Dependency
|
42
|
+
name: bundler
|
43
|
+
requirement: !ruby/object:Gem::Requirement
|
44
|
+
requirements:
|
45
|
+
- - "~>"
|
46
|
+
- !ruby/object:Gem::Version
|
47
|
+
version: '1.6'
|
48
|
+
type: :development
|
49
|
+
prerelease: false
|
50
|
+
version_requirements: !ruby/object:Gem::Requirement
|
51
|
+
requirements:
|
52
|
+
- - "~>"
|
53
|
+
- !ruby/object:Gem::Version
|
54
|
+
version: '1.6'
|
55
|
+
- !ruby/object:Gem::Dependency
|
56
|
+
name: rake
|
57
|
+
requirement: !ruby/object:Gem::Requirement
|
58
|
+
requirements:
|
59
|
+
- - "~>"
|
60
|
+
- !ruby/object:Gem::Version
|
61
|
+
version: '10.0'
|
62
|
+
type: :development
|
63
|
+
prerelease: false
|
64
|
+
version_requirements: !ruby/object:Gem::Requirement
|
65
|
+
requirements:
|
66
|
+
- - "~>"
|
67
|
+
- !ruby/object:Gem::Version
|
68
|
+
version: '10.0'
|
69
|
+
- !ruby/object:Gem::Dependency
|
70
|
+
name: rspec-rails
|
71
|
+
requirement: !ruby/object:Gem::Requirement
|
72
|
+
requirements:
|
73
|
+
- - ">="
|
74
|
+
- !ruby/object:Gem::Version
|
75
|
+
version: '0'
|
76
|
+
type: :development
|
77
|
+
prerelease: false
|
78
|
+
version_requirements: !ruby/object:Gem::Requirement
|
79
|
+
requirements:
|
80
|
+
- - ">="
|
81
|
+
- !ruby/object:Gem::Version
|
82
|
+
version: '0'
|
83
|
+
- !ruby/object:Gem::Dependency
|
84
|
+
name: combustion
|
85
|
+
requirement: !ruby/object:Gem::Requirement
|
86
|
+
requirements:
|
87
|
+
- - "~>"
|
88
|
+
- !ruby/object:Gem::Version
|
89
|
+
version: 0.5.2
|
90
|
+
type: :development
|
91
|
+
prerelease: false
|
92
|
+
version_requirements: !ruby/object:Gem::Requirement
|
93
|
+
requirements:
|
94
|
+
- - "~>"
|
95
|
+
- !ruby/object:Gem::Version
|
96
|
+
version: 0.5.2
|
97
|
+
description: This add-on allows you to upload and parse output produced from Tenable's
|
98
|
+
Nessus Scanner into Dradis.
|
99
|
+
email:
|
100
|
+
- etd@nomejortu.com
|
101
|
+
executables: []
|
102
|
+
extensions: []
|
103
|
+
extra_rdoc_files: []
|
104
|
+
files:
|
105
|
+
- ".github/issue_template.md"
|
106
|
+
- ".github/pull_request_template.md"
|
107
|
+
- ".gitignore"
|
108
|
+
- ".rspec"
|
109
|
+
- CHANGELOG.md
|
110
|
+
- CONTRIBUTING.md
|
111
|
+
- Gemfile
|
112
|
+
- LICENSE
|
113
|
+
- README.md
|
114
|
+
- Rakefile
|
115
|
+
- dradis-nessus.gemspec
|
116
|
+
- lib/dradis-nessus.rb
|
117
|
+
- lib/dradis/plugins/nessus.rb
|
118
|
+
- lib/dradis/plugins/nessus/engine.rb
|
119
|
+
- lib/dradis/plugins/nessus/field_processor.rb
|
120
|
+
- lib/dradis/plugins/nessus/gem_version.rb
|
121
|
+
- lib/dradis/plugins/nessus/importer.rb
|
122
|
+
- lib/dradis/plugins/nessus/version.rb
|
123
|
+
- lib/nessus/host.rb
|
124
|
+
- lib/nessus/report_item.rb
|
125
|
+
- lib/tasks/thorfile.rb
|
126
|
+
- spec/dradis/plugins/nessus/field_processor_spec.rb
|
127
|
+
- spec/dradis/plugins/nessus/importer_spec.rb
|
128
|
+
- spec/fixtures/files/example_v2.nessus
|
129
|
+
- spec/fixtures/files/host-01.xml
|
130
|
+
- spec/fixtures/files/report_item-with-list.xml
|
131
|
+
- spec/nessus/host_spec.rb
|
132
|
+
- spec/spec_helper.rb
|
133
|
+
- templates/evidence.fields
|
134
|
+
- templates/evidence.sample
|
135
|
+
- templates/evidence.template
|
136
|
+
- templates/report_host.fields
|
137
|
+
- templates/report_host.sample
|
138
|
+
- templates/report_host.template
|
139
|
+
- templates/report_item.fields
|
140
|
+
- templates/report_item.sample
|
141
|
+
- templates/report_item.template
|
142
|
+
homepage: http://dradisframework.org
|
143
|
+
licenses:
|
144
|
+
- GPL-2
|
145
|
+
metadata: {}
|
146
|
+
post_install_message:
|
147
|
+
rdoc_options: []
|
148
|
+
require_paths:
|
149
|
+
- lib
|
150
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
151
|
+
requirements:
|
152
|
+
- - ">="
|
153
|
+
- !ruby/object:Gem::Version
|
154
|
+
version: '0'
|
155
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
156
|
+
requirements:
|
157
|
+
- - ">="
|
158
|
+
- !ruby/object:Gem::Version
|
159
|
+
version: '0'
|
160
|
+
requirements: []
|
161
|
+
rubygems_version: 3.1.2
|
162
|
+
signing_key:
|
163
|
+
specification_version: 4
|
164
|
+
summary: Nessus upload add-on for the Dradis Framework.
|
165
|
+
test_files:
|
166
|
+
- spec/dradis/plugins/nessus/field_processor_spec.rb
|
167
|
+
- spec/dradis/plugins/nessus/importer_spec.rb
|
168
|
+
- spec/fixtures/files/example_v2.nessus
|
169
|
+
- spec/fixtures/files/host-01.xml
|
170
|
+
- spec/fixtures/files/report_item-with-list.xml
|
171
|
+
- spec/nessus/host_spec.rb
|
172
|
+
- spec/spec_helper.rb
|