dradis-ntospider 4.11.0 → 4.12.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +4 -0
- data/README.md +1 -2
- data/lib/dradis/plugins/ntospider/gem_version.rb +1 -1
- data/lib/dradis/plugins/ntospider/importer.rb +4 -4
- data/lib/dradis/plugins/ntospider/mapping.rb +82 -0
- data/lib/dradis/plugins/ntospider.rb +1 -0
- metadata +4 -7
- data/templates/evidence.fields +0 -13
- data/templates/evidence.template +0 -14
- data/templates/vuln.fields +0 -32
- data/templates/vuln.template +0 -44
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 536212efb160b5b7d725b7f28825b94ead72f20c401e1e5faa9510b62992713e
|
|
4
|
+
data.tar.gz: 9df9040a07b8682caa17f4759f289a9c427966e431c5e15097d4bb920f52ccc4
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 213ad2266551f6d0fec96632b29214b982bb0817f5828eb28b75ba82f7c76ce87619d624a72ede75bdee43256397848a0fca34fe819122eac1bd4a42daff3aaf
|
|
7
|
+
data.tar.gz: 6c4f5f0aa463a061da6f12b0674355f67553d310a7de4129053b683c161d29d46d185418cee4ab21f0edaed1f13e64dfadf3e441e10fe2d4a4ad6e1067fc9478
|
data/CHANGELOG.md
CHANGED
data/README.md
CHANGED
|
@@ -4,8 +4,7 @@
|
|
|
4
4
|
|
|
5
5
|
The NTO Spider add-on enables users to upload NTO Spider XML files to create a structure of nodes/notes that contain the same information about the hosts/ports/services as the original file.
|
|
6
6
|
|
|
7
|
-
The add-on requires [Dradis CE](https://
|
|
8
|
-
|
|
7
|
+
The add-on requires [Dradis CE](https://dradis.com/ce/) > 3.0, or [Dradis Pro](https://dradis.com/).
|
|
9
8
|
|
|
10
9
|
## More information
|
|
11
10
|
|
|
@@ -52,16 +52,16 @@ module Dradis::Plugins::NTOSpider
|
|
|
52
52
|
|
|
53
53
|
plugin_id = vuln.vuln_type
|
|
54
54
|
logger.info{ "\t\t => Creating new issue (plugin_id: #{plugin_id})" }
|
|
55
|
-
issue_text =
|
|
56
|
-
|
|
55
|
+
issue_text = mapping_service.apply_mapping(
|
|
56
|
+
source: 'vuln', data: vuln.xml
|
|
57
57
|
)
|
|
58
58
|
issue = content_service.create_issue text: issue_text, id: plugin_id
|
|
59
59
|
|
|
60
60
|
# App Spider can provide multiple pieces of evidence for an issue.
|
|
61
61
|
xml_vuln.xpath('./AttackList/Attack').each do |attack_xml|
|
|
62
62
|
logger.info{ "\t\t => Creating new evidence" }
|
|
63
|
-
evidence_content =
|
|
64
|
-
|
|
63
|
+
evidence_content = mapping_service.apply_mapping(
|
|
64
|
+
source: 'evidence', data: attack_xml
|
|
65
65
|
)
|
|
66
66
|
content_service.create_evidence(
|
|
67
67
|
issue: issue, node: host_node, content: evidence_content
|
|
@@ -0,0 +1,82 @@
|
|
|
1
|
+
module Dradis::Plugins::NTOSpider
|
|
2
|
+
module Mapping
|
|
3
|
+
DEFAULT_MAPPING = {
|
|
4
|
+
evidence: {
|
|
5
|
+
'URL' => '{{ ntospider[evidence.attack_vuln_url] }}',
|
|
6
|
+
'Param' => '{{ ntospider[evidence.attack_post_params] }}',
|
|
7
|
+
'String' => '{{ ntospider[evidence.attack_matched_string] }}',
|
|
8
|
+
'Request' => '{{ ntospider[evidence.attack_request] }}',
|
|
9
|
+
'Response' => '{{ ntospider[evidence.attack_response] }}'
|
|
10
|
+
},
|
|
11
|
+
vuln: {
|
|
12
|
+
'Title' => '{{ ntospider[vuln.vuln_type] }}',
|
|
13
|
+
'Attack Class' => '{{ ntospider[vuln.attack_class] }}',
|
|
14
|
+
'Attack Type' => '{{ ntospider[vuln.attack_type] }}',
|
|
15
|
+
'Attack Score' => '{{ ntospider[vuln.attack_score] }}',
|
|
16
|
+
'Attack Value' => '{{ ntospider[vuln.attack_value] }}',
|
|
17
|
+
'Method' => '{{ ntospider[vuln.vuln_method] }}',
|
|
18
|
+
'Description' => '{{ ntospider[vuln.description] }}',
|
|
19
|
+
'Recommendation' => '{{ ntospider[vuln.recommendation] }}',
|
|
20
|
+
'CweId' => '{{ ntospider[vuln.cwe_id] }}',
|
|
21
|
+
'CAPEC' => '{{ ntospider[vuln.capec] }}',
|
|
22
|
+
'DISSA_ASC' => '{{ ntospider[vuln.dissa_asc] }}',
|
|
23
|
+
'OWASP2010' => '{{ ntospider[vuln.owasp2010] }}',
|
|
24
|
+
'OWASP2013' => '{{ ntospider[vuln.owasp2013] }}',
|
|
25
|
+
'OWASP2017' => '{{ ntospider[vuln.owasp2017] }}',
|
|
26
|
+
'OVAL' => '{{ ntospider[vuln.oval] }}'
|
|
27
|
+
}
|
|
28
|
+
}.freeze
|
|
29
|
+
|
|
30
|
+
SOURCE_FIELDS = {
|
|
31
|
+
evidence: [
|
|
32
|
+
'evidence.attack_config_description',
|
|
33
|
+
'evidence.attack_description',
|
|
34
|
+
'evidence.attack_id',
|
|
35
|
+
'evidence.attack_matched_string',
|
|
36
|
+
'evidence.attack_post_params',
|
|
37
|
+
'evidence.attack_request',
|
|
38
|
+
'evidence.attack_response',
|
|
39
|
+
'evidence.attack_user_notes',
|
|
40
|
+
'evidence.attack_value',
|
|
41
|
+
'evidence.attack_vuln_url',
|
|
42
|
+
'evidence.benign',
|
|
43
|
+
'evidence.original_value',
|
|
44
|
+
'evidence.original_response_code'
|
|
45
|
+
],
|
|
46
|
+
vuln: [
|
|
47
|
+
'vuln.attack_class',
|
|
48
|
+
'vuln.attack_score',
|
|
49
|
+
'vuln.attack_type',
|
|
50
|
+
'vuln.attack_value',
|
|
51
|
+
'vuln.capec',
|
|
52
|
+
'vuln.confidence',
|
|
53
|
+
'vuln.cwe_id',
|
|
54
|
+
'vuln.description',
|
|
55
|
+
'vuln.dissa_asc',
|
|
56
|
+
'vuln.html_entity_attacked',
|
|
57
|
+
'vuln.imperva_bl',
|
|
58
|
+
'vuln.imperva_wl',
|
|
59
|
+
'vuln.mod_security_bl',
|
|
60
|
+
'vuln.mod_security_wl',
|
|
61
|
+
'vuln.normalized_url',
|
|
62
|
+
'vuln.oval',
|
|
63
|
+
'vuln.owasp2007',
|
|
64
|
+
'vuln.owasp2010',
|
|
65
|
+
'vuln.owasp2013',
|
|
66
|
+
'vuln.owasp2017',
|
|
67
|
+
'vuln.pcre_regex_bl',
|
|
68
|
+
'vuln.pcre_regex_wl',
|
|
69
|
+
'vuln.recommendation',
|
|
70
|
+
'vuln.scan_date',
|
|
71
|
+
'vuln.snort_bl',
|
|
72
|
+
'vuln.snort_wl',
|
|
73
|
+
'vuln.statistically_prevalent_original_response_code',
|
|
74
|
+
'vuln.vuln_method',
|
|
75
|
+
'vuln.vuln_param',
|
|
76
|
+
'vuln.vuln_type',
|
|
77
|
+
'vuln.vuln_url',
|
|
78
|
+
'vuln.wasc'
|
|
79
|
+
]
|
|
80
|
+
}.freeze
|
|
81
|
+
end
|
|
82
|
+
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dradis-ntospider
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 4.
|
|
4
|
+
version: 4.12.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Daniel Martin
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-
|
|
11
|
+
date: 2024-05-07 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dradis-plugins
|
|
@@ -119,6 +119,7 @@ files:
|
|
|
119
119
|
- lib/dradis/plugins/ntospider/field_processor.rb
|
|
120
120
|
- lib/dradis/plugins/ntospider/gem_version.rb
|
|
121
121
|
- lib/dradis/plugins/ntospider/importer.rb
|
|
122
|
+
- lib/dradis/plugins/ntospider/mapping.rb
|
|
122
123
|
- lib/dradis/plugins/ntospider/version.rb
|
|
123
124
|
- lib/ntospider/attack.rb
|
|
124
125
|
- lib/ntospider/vuln.rb
|
|
@@ -126,12 +127,8 @@ files:
|
|
|
126
127
|
- spec/fixtures/files/VulnerabilitiesSummary.xml
|
|
127
128
|
- spec/ntospider_import_spec.rb
|
|
128
129
|
- spec/spec_helper.rb
|
|
129
|
-
- templates/evidence.fields
|
|
130
130
|
- templates/evidence.sample
|
|
131
|
-
- templates/evidence.template
|
|
132
|
-
- templates/vuln.fields
|
|
133
131
|
- templates/vuln.sample
|
|
134
|
-
- templates/vuln.template
|
|
135
132
|
homepage: https://dradis.com/integrations/appspider.html
|
|
136
133
|
licenses:
|
|
137
134
|
- GPL-2
|
|
@@ -151,7 +148,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
151
148
|
- !ruby/object:Gem::Version
|
|
152
149
|
version: '0'
|
|
153
150
|
requirements: []
|
|
154
|
-
rubygems_version: 3.
|
|
151
|
+
rubygems_version: 3.1.4
|
|
155
152
|
signing_key:
|
|
156
153
|
specification_version: 4
|
|
157
154
|
summary: NTOSpider add-on for the Dradis Framework.
|
data/templates/evidence.fields
DELETED
|
@@ -1,13 +0,0 @@
|
|
|
1
|
-
evidence.attack_config_description
|
|
2
|
-
evidence.attack_description
|
|
3
|
-
evidence.attack_id
|
|
4
|
-
evidence.attack_matched_string
|
|
5
|
-
evidence.attack_post_params
|
|
6
|
-
evidence.attack_request
|
|
7
|
-
evidence.attack_response
|
|
8
|
-
evidence.attack_user_notes
|
|
9
|
-
evidence.attack_value
|
|
10
|
-
evidence.attack_vuln_url
|
|
11
|
-
evidence.benign
|
|
12
|
-
evidence.original_value
|
|
13
|
-
evidence.original_response_code
|
data/templates/evidence.template
DELETED
data/templates/vuln.fields
DELETED
|
@@ -1,32 +0,0 @@
|
|
|
1
|
-
vuln.attack_class
|
|
2
|
-
vuln.attack_score
|
|
3
|
-
vuln.attack_type
|
|
4
|
-
vuln.attack_value
|
|
5
|
-
vuln.capec
|
|
6
|
-
vuln.confidence
|
|
7
|
-
vuln.cwe_id
|
|
8
|
-
vuln.description
|
|
9
|
-
vuln.dissa_asc
|
|
10
|
-
vuln.html_entity_attacked
|
|
11
|
-
vuln.imperva_bl
|
|
12
|
-
vuln.imperva_wl
|
|
13
|
-
vuln.mod_security_bl
|
|
14
|
-
vuln.mod_security_wl
|
|
15
|
-
vuln.normalized_url
|
|
16
|
-
vuln.oval
|
|
17
|
-
vuln.owasp2007
|
|
18
|
-
vuln.owasp2010
|
|
19
|
-
vuln.owasp2013
|
|
20
|
-
vuln.owasp2017
|
|
21
|
-
vuln.pcre_regex_bl
|
|
22
|
-
vuln.pcre_regex_wl
|
|
23
|
-
vuln.recommendation
|
|
24
|
-
vuln.scan_date
|
|
25
|
-
vuln.snort_bl
|
|
26
|
-
vuln.snort_wl
|
|
27
|
-
vuln.statistically_prevalent_original_response_code
|
|
28
|
-
vuln.vuln_method
|
|
29
|
-
vuln.vuln_param
|
|
30
|
-
vuln.vuln_type
|
|
31
|
-
vuln.vuln_url
|
|
32
|
-
vuln.wasc
|
data/templates/vuln.template
DELETED
|
@@ -1,44 +0,0 @@
|
|
|
1
|
-
#[Title]#
|
|
2
|
-
%vuln.vuln_type%
|
|
3
|
-
|
|
4
|
-
#[Attack Class]#
|
|
5
|
-
%vuln.attack_class%
|
|
6
|
-
|
|
7
|
-
#[Attack Type]#
|
|
8
|
-
%vuln.attack_type%
|
|
9
|
-
|
|
10
|
-
#[Attack Score]#
|
|
11
|
-
%vuln.attack_score%
|
|
12
|
-
|
|
13
|
-
#[Attack Value]#
|
|
14
|
-
%vuln.attack_value%
|
|
15
|
-
|
|
16
|
-
#[Method]#
|
|
17
|
-
%vuln.vuln_method%
|
|
18
|
-
|
|
19
|
-
#[Description]#
|
|
20
|
-
%vuln.description%
|
|
21
|
-
|
|
22
|
-
#[Recommendation]#
|
|
23
|
-
%vuln.recommendation%
|
|
24
|
-
|
|
25
|
-
#[CweId]#
|
|
26
|
-
%vuln.cwe_id%
|
|
27
|
-
|
|
28
|
-
#[CAPEC]#
|
|
29
|
-
%vuln.capec%
|
|
30
|
-
|
|
31
|
-
#[DISSA_ASC]#
|
|
32
|
-
%vuln.dissa_asc%
|
|
33
|
-
|
|
34
|
-
#[OWASP2010]#
|
|
35
|
-
%vuln.owasp2010%
|
|
36
|
-
|
|
37
|
-
#[OWASP2013]#
|
|
38
|
-
%vuln.owasp2013%
|
|
39
|
-
|
|
40
|
-
#[OWASP2017]#
|
|
41
|
-
%vuln.owasp2017%
|
|
42
|
-
|
|
43
|
-
#[OVAL]#
|
|
44
|
-
%vuln.oval%
|