dradis-nipper 4.11.0 → 4.13.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +7 -0
- data/README.md +1 -2
- data/dradis-nipper.gemspec +1 -1
- data/lib/dradis/plugins/nipper/gem_version.rb +1 -1
- data/lib/dradis/plugins/nipper/importer.rb +2 -2
- data/lib/dradis/plugins/nipper/mapping.rb +50 -0
- data/lib/dradis/plugins/nipper.rb +1 -0
- metadata +6 -9
- data/templates/evidence.fields +0 -3
- data/templates/evidence.template +0 -8
- data/templates/issue.fields +0 -15
- data/templates/issue.template +0 -35
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 4213f1abdebc2841b2960c6006a0d76c3d7d8db012a9acab622637f7f5aefc3f
|
4
|
+
data.tar.gz: 465cc67a0c6de42c35ddc2bd76fa1db8467908ab89080f21c0393844e70be5ed
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: fe148fe9addfc4393276cacffb198c20d1d3d482b305c8528a285fd3784efd16a808c7bfad1a7d8a5a8ecfc45c0859dfe44d48627876fc2befe019997c65ff50
|
7
|
+
data.tar.gz: f86941d79eca230af541c22cc56d3ea095478360bc609a45e6e0d5736e18ce94b6074511d7bb63cfa50348ccfe45c00e3a77055e90079365dff8b3f28b158f98
|
data/CHANGELOG.md
CHANGED
data/README.md
CHANGED
@@ -2,8 +2,7 @@
|
|
2
2
|
|
3
3
|
This add-on will enable the user to upload Nipper output files in the XML format (.xml) to create a structure of Dradis nodes, issues, and evidences that contain the same information about the hosts and vulnerabilities in the original file.
|
4
4
|
|
5
|
-
The add-on requires Dradis 3.0 or
|
6
|
-
|
5
|
+
The add-on requires [Dradis CE](https://dradis.com/ce/) > 3.0, or [Dradis Pro](https://dradis.com/).
|
7
6
|
|
8
7
|
## More information
|
9
8
|
|
data/dradis-nipper.gemspec
CHANGED
@@ -20,7 +20,7 @@ Gem::Specification.new do |spec|
|
|
20
20
|
|
21
21
|
spec.add_dependency 'dradis-plugins', '~> 4.0'
|
22
22
|
|
23
|
-
spec.add_development_dependency 'bundler', '~> 2.
|
23
|
+
spec.add_development_dependency 'bundler', '~> 2.0'
|
24
24
|
spec.add_development_dependency 'rake', '~> 13.0'
|
25
25
|
spec.add_development_dependency 'rspec-rails'
|
26
26
|
spec.add_development_dependency 'combustion', '~> 0.5.2'
|
@@ -48,7 +48,7 @@ module Dradis::Plugins::Nipper
|
|
48
48
|
def process_evidence(xml_evidence, issue)
|
49
49
|
logger.info { 'Creating evidence...' }
|
50
50
|
|
51
|
-
evidence_text =
|
51
|
+
evidence_text = mapping_service.apply_mapping(source: 'evidence', data: xml_evidence)
|
52
52
|
content_service.create_evidence(issue: issue, node: @host_node, content: evidence_text)
|
53
53
|
end
|
54
54
|
|
@@ -57,7 +57,7 @@ module Dradis::Plugins::Nipper
|
|
57
57
|
|
58
58
|
logger.info { "Creating issue: #{plugin_id}" }
|
59
59
|
|
60
|
-
issue_text =
|
60
|
+
issue_text = mapping_service.apply_mapping(source: 'issue', data: xml_issue)
|
61
61
|
issue = content_service.create_issue(text: issue_text, id: plugin_id)
|
62
62
|
|
63
63
|
xml_evidence = xml_issue.at_xpath('./issuedetails/devices')
|
@@ -0,0 +1,50 @@
|
|
1
|
+
module Dradis::Plugins::Nipper
|
2
|
+
module Mapping
|
3
|
+
DEFAULT_MAPPING = {
|
4
|
+
evidence: {
|
5
|
+
'DeviceName' => '{{ nipper[evidence.device_name] }}',
|
6
|
+
'DeviceType' => '{{ nipper[evidence.device_type] }}',
|
7
|
+
'OS' => '{{ nipper[evidence.device_osversion] }}'
|
8
|
+
},
|
9
|
+
issue: {
|
10
|
+
'Title' => '{{ nipper[issue.title] }}',
|
11
|
+
'CVSSv2.Base' => '{{ nipper[issue.cvss_base] }}',
|
12
|
+
'CVSSv2.Temporal' => '{{ nipper[issue.cvss_temporal] }}',
|
13
|
+
'CVSSv2.Environmental' => '{{ nipper[issue.cvss_environmental] }}',
|
14
|
+
'Finding' => '{{ nipper[issue.finding] }}',
|
15
|
+
'Impact' => '{{ nipper[issue.impact] }}',
|
16
|
+
'Ease' => '{{ nipper[issue.ease] }}',
|
17
|
+
'Nipperv1.Ease' => '{{ nipper[issue.nipperv1_ease] }}',
|
18
|
+
'Nipperv1.Fix' => '{{ nipper[issue.nipperv1_fix] }}',
|
19
|
+
'Nipperv1.Impact' => '{{ nipper[issue.nipperv1_impact] }}',
|
20
|
+
'Nipperv1.Rating' => '{{ nipper[issue.nipperv1_rating] }}',
|
21
|
+
'Recommendation' => '{{ nipper[issue.recommendation] }}'
|
22
|
+
}
|
23
|
+
}.freeze
|
24
|
+
|
25
|
+
SOURCE_FIELDS = {
|
26
|
+
evidence: [
|
27
|
+
'evidence.device_name',
|
28
|
+
'evidence.device_type',
|
29
|
+
'evidence.device_osversion'
|
30
|
+
],
|
31
|
+
issue: [
|
32
|
+
'issue.title',
|
33
|
+
'issue.cvss_base',
|
34
|
+
'issue.cvss_base_vector',
|
35
|
+
'issue.cvss_temporal',
|
36
|
+
'issue.cvss_temporal_vector',
|
37
|
+
'issue.cvss_environmental',
|
38
|
+
'issue.cvss_environmental_vector',
|
39
|
+
'issue.finding',
|
40
|
+
'issue.impact',
|
41
|
+
'issue.ease',
|
42
|
+
'issue.nipperv1_ease',
|
43
|
+
'issue.nipperv1_fix',
|
44
|
+
'issue.nipperv1_impact',
|
45
|
+
'issue.nipperv1_rating',
|
46
|
+
'issue.recommendation'
|
47
|
+
]
|
48
|
+
}.freeze
|
49
|
+
end
|
50
|
+
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dradis-nipper
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 4.
|
4
|
+
version: 4.13.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dradis Team
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2024-
|
11
|
+
date: 2024-08-07 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: dradis-plugins
|
@@ -30,14 +30,14 @@ dependencies:
|
|
30
30
|
requirements:
|
31
31
|
- - "~>"
|
32
32
|
- !ruby/object:Gem::Version
|
33
|
-
version: '2.
|
33
|
+
version: '2.0'
|
34
34
|
type: :development
|
35
35
|
prerelease: false
|
36
36
|
version_requirements: !ruby/object:Gem::Requirement
|
37
37
|
requirements:
|
38
38
|
- - "~>"
|
39
39
|
- !ruby/object:Gem::Version
|
40
|
-
version: '2.
|
40
|
+
version: '2.0'
|
41
41
|
- !ruby/object:Gem::Dependency
|
42
42
|
name: rake
|
43
43
|
requirement: !ruby/object:Gem::Requirement
|
@@ -102,6 +102,7 @@ files:
|
|
102
102
|
- lib/dradis/plugins/nipper/field_processor.rb
|
103
103
|
- lib/dradis/plugins/nipper/gem_version.rb
|
104
104
|
- lib/dradis/plugins/nipper/importer.rb
|
105
|
+
- lib/dradis/plugins/nipper/mapping.rb
|
105
106
|
- lib/dradis/plugins/nipper/version.rb
|
106
107
|
- lib/nipper/evidence.rb
|
107
108
|
- lib/nipper/issue.rb
|
@@ -112,12 +113,8 @@ files:
|
|
112
113
|
- spec/spec_helper.rb
|
113
114
|
- spec/upload_v2.5_spec.rb
|
114
115
|
- spec/upload_v2.8_spec.rb
|
115
|
-
- templates/evidence.fields
|
116
116
|
- templates/evidence.sample
|
117
|
-
- templates/evidence.template
|
118
|
-
- templates/issue.fields
|
119
117
|
- templates/issue.sample
|
120
|
-
- templates/issue.template
|
121
118
|
homepage: https://dradis.com/integrations/nipper.html
|
122
119
|
licenses:
|
123
120
|
- Commercial - Dradis Pro
|
@@ -137,7 +134,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
137
134
|
- !ruby/object:Gem::Version
|
138
135
|
version: '0'
|
139
136
|
requirements: []
|
140
|
-
rubygems_version: 3.
|
137
|
+
rubygems_version: 3.5.6
|
141
138
|
signing_key:
|
142
139
|
specification_version: 4
|
143
140
|
summary: Nipper upload add-on for Dradis Framework.
|
data/templates/evidence.fields
DELETED
data/templates/evidence.template
DELETED
data/templates/issue.fields
DELETED
@@ -1,15 +0,0 @@
|
|
1
|
-
issue.title
|
2
|
-
issue.cvss_base
|
3
|
-
issue.cvss_base_vector
|
4
|
-
issue.cvss_temporal
|
5
|
-
issue.cvss_temporal_vector
|
6
|
-
issue.cvss_environmental
|
7
|
-
issue.cvss_environmental_vector
|
8
|
-
issue.finding
|
9
|
-
issue.impact
|
10
|
-
issue.ease
|
11
|
-
issue.nipperv1_ease
|
12
|
-
issue.nipperv1_fix
|
13
|
-
issue.nipperv1_impact
|
14
|
-
issue.nipperv1_rating
|
15
|
-
issue.recommendation
|
data/templates/issue.template
DELETED
@@ -1,35 +0,0 @@
|
|
1
|
-
#[Title]#
|
2
|
-
%issue.title%
|
3
|
-
|
4
|
-
#[CVSSv2.Base]#
|
5
|
-
%issue.cvss_base%
|
6
|
-
|
7
|
-
#[CVSSv2.Temporal]#
|
8
|
-
%issue.cvss_temporal%
|
9
|
-
|
10
|
-
#[CVSSv2.Environmental]#
|
11
|
-
%issue.cvss_environmental%
|
12
|
-
|
13
|
-
#[Finding]#
|
14
|
-
%issue.finding%
|
15
|
-
|
16
|
-
#[Impact]#
|
17
|
-
%issue.impact%
|
18
|
-
|
19
|
-
#[Ease]#
|
20
|
-
%issue.ease%
|
21
|
-
|
22
|
-
#[Nipperv1.Ease]#
|
23
|
-
%issue.nipperv1_ease%
|
24
|
-
|
25
|
-
#[Nipperv1.Fix]#
|
26
|
-
%issue.nipperv1_fix%
|
27
|
-
|
28
|
-
#[Nipperv1.Impact]#
|
29
|
-
%issue.nipperv1_impact%
|
30
|
-
|
31
|
-
#[Nipperv1.Rating]#
|
32
|
-
%issue.nipperv1_rating%
|
33
|
-
|
34
|
-
#[Recommendation]#
|
35
|
-
%issue.recommendation%
|