dradis-saint 4.11.0 → 4.13.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +7 -0
- data/README.md +1 -2
- data/dradis-saint.gemspec +16 -16
- data/lib/dradis/plugins/saint/gem_version.rb +1 -1
- data/lib/dradis/plugins/saint/importer.rb +2 -2
- data/lib/dradis/plugins/saint/mapping.rb +55 -0
- data/lib/dradis/plugins/saint.rb +1 -0
- metadata +6 -9
- data/templates/evidence.fields +0 -5
- data/templates/evidence.template +0 -14
- data/templates/vulnerability.fields +0 -14
- data/templates/vulnerability.template +0 -41
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 6ad271ebf7dcdd465fa72dcc66822c5b4f37bcbf1afa5da73ac335080ff8c566
|
|
4
|
+
data.tar.gz: 4b6e289d3ee367ef948c9894ec1b65eafbe24cb29fc2bdda704a56f4116dda69
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: b8ad24f1c417d0f203d197265ab6007630ef36eb0ccc387982e18e2eb8609f05542f3b4397484fe37ddb8b3683c45d782a8334903a3a2f9c6bb19e5f880f4f8f
|
|
7
|
+
data.tar.gz: 28e12a7284f2cf1e76293907a61f428400a116bf7500733fbe3c273b600eda549ce0fc95c9729e60a0b3c0d203009f5164274d194d9082d9f8a67e014be87923
|
data/CHANGELOG.md
CHANGED
data/README.md
CHANGED
|
@@ -2,8 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
This add-on will enable the user to upload Saint output files in the XML format (.xml) to create a structure of Dradis nodes, issues, and evidences that contain the same information about the hosts and vulnerabilities in the original file.
|
|
4
4
|
|
|
5
|
-
The add-on requires Dradis 3.0 or
|
|
6
|
-
|
|
5
|
+
The add-on requires [Dradis CE](https://dradis.com/ce/) > 3.0, or [Dradis Pro](https://dradis.com/).
|
|
7
6
|
|
|
8
7
|
## More information
|
|
9
8
|
|
data/dradis-saint.gemspec
CHANGED
|
@@ -5,23 +5,23 @@ require 'dradis/plugins/saint/version'
|
|
|
5
5
|
version = Dradis::Plugins::Saint::VERSION::STRING
|
|
6
6
|
|
|
7
7
|
# Describe your gem and declare its dependencies:
|
|
8
|
-
Gem::Specification.new do |
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
8
|
+
Gem::Specification.new do |spec|
|
|
9
|
+
spec.platform = Gem::Platform::RUBY
|
|
10
|
+
spec.name = 'dradis-saint'
|
|
11
|
+
spec.version = version
|
|
12
|
+
spec.authors = ['Daniel Martin']
|
|
13
|
+
spec.homepage = 'https://dradis.com/integrations/saint.html'
|
|
14
|
+
spec.summary = 'Saint upload add-on for Dradis Framework.'
|
|
15
|
+
spec.description = 'This add-on allows you to upload and parse reports from Saint.'
|
|
16
|
+
spec.license = 'GPL-2'
|
|
17
17
|
|
|
18
|
-
|
|
18
|
+
spec.files = `git ls-files`.split($\)
|
|
19
19
|
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
20
|
+
spec.add_dependency 'dradis-plugins', '~> 4.0'
|
|
21
|
+
spec.add_dependency 'nokogiri'
|
|
22
|
+
spec.add_dependency 'rake', '~> 13.0'
|
|
23
23
|
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
24
|
+
spec.add_development_dependency 'bundler', '~> 2.0'
|
|
25
|
+
spec.add_dependency 'combustion', '~> 0.6.0'
|
|
26
|
+
spec.add_dependency 'rspec-rails'
|
|
27
27
|
end
|
|
@@ -66,7 +66,7 @@ module Dradis::Plugins::Saint
|
|
|
66
66
|
issue_plugin_id = Digest::SHA1.hexdigest(evidence_desc)
|
|
67
67
|
issue = @issues[issue_plugin_id]
|
|
68
68
|
|
|
69
|
-
evidence_text =
|
|
69
|
+
evidence_text = mapping_service.apply_mapping(source: 'evidence', data: xml_evidence)
|
|
70
70
|
|
|
71
71
|
if issue
|
|
72
72
|
# Create Dradis evidence
|
|
@@ -109,7 +109,7 @@ module Dradis::Plugins::Saint
|
|
|
109
109
|
logger.info{ "\t\t => Creating new issue..." }
|
|
110
110
|
plugin_id = Digest::SHA1.hexdigest(element_desc)
|
|
111
111
|
|
|
112
|
-
issue_text =
|
|
112
|
+
issue_text = mapping_service.apply_mapping(source: 'vulnerability', data: xml_vuln)
|
|
113
113
|
issue = content_service.create_issue(text: issue_text, id: plugin_id)
|
|
114
114
|
else
|
|
115
115
|
# Create Note in Host
|
|
@@ -0,0 +1,55 @@
|
|
|
1
|
+
module Dradis::Plugins::Saint
|
|
2
|
+
module Mapping
|
|
3
|
+
DEFAULT_MAPPING = {
|
|
4
|
+
evidence: {
|
|
5
|
+
'Port' => '{{ saint[evidence.port] }}',
|
|
6
|
+
'Severity' => '{{ saint[evidence.severity] }}',
|
|
7
|
+
'Class' => '{{ saint[evidence.class] }}',
|
|
8
|
+
'cve' => '{{ saint[evidence.cve] }}',
|
|
9
|
+
'CVSS Base Score' => '{{ saint[evidence.cvss_base_score] }}'
|
|
10
|
+
},
|
|
11
|
+
vulnerability: {
|
|
12
|
+
'Title' => '{{ saint[vulnerability.description] }}',
|
|
13
|
+
'Host Name' => '{{ saint[vulnerability.hostname] }}',
|
|
14
|
+
'IP Address' => '{{ saint[vulnerability.ipaddr] }}',
|
|
15
|
+
'Host Type' => '{{ saint[vulnerability.hosttype] }}',
|
|
16
|
+
'Scan Time' => '{{ saint[vulnerability.scan_time] }}',
|
|
17
|
+
'Status' => '{{ saint[vulnerability.status] }}',
|
|
18
|
+
'Severity' => '{{ saint[vulnerability.severity] }}',
|
|
19
|
+
'CVE' => '{{ saint[vulnerability.cve] }}',
|
|
20
|
+
'CVSS Base Score' => '{{ saint[vulnerability.cvss_base_score] }}',
|
|
21
|
+
'Impact' => '{{ saint[vulnerability.impact] }}',
|
|
22
|
+
'Background' => '{{ saint[vulnerability.background] }}',
|
|
23
|
+
'Problem' => '{{ saint[vulnerability.problem] }}',
|
|
24
|
+
'Resolution' => '{{ saint[vulnerability.resolution] }}',
|
|
25
|
+
'Reference' => '{{ saint[vulnerability.reference] }}'
|
|
26
|
+
}
|
|
27
|
+
}.freeze
|
|
28
|
+
|
|
29
|
+
SOURCE_FIELDS = {
|
|
30
|
+
evidence: [
|
|
31
|
+
'evidence.port',
|
|
32
|
+
'evidence.severity',
|
|
33
|
+
'evidence.class',
|
|
34
|
+
'evidence.cve',
|
|
35
|
+
'evidence.cvss_base_score'
|
|
36
|
+
],
|
|
37
|
+
vulnerability: [
|
|
38
|
+
'vulnerability.description',
|
|
39
|
+
'vulnerability.hostname',
|
|
40
|
+
'vulnerability.ipaddr',
|
|
41
|
+
'vulnerability.hosttype',
|
|
42
|
+
'vulnerability.scan_time',
|
|
43
|
+
'vulnerability.status',
|
|
44
|
+
'vulnerability.severity',
|
|
45
|
+
'vulnerability.cve',
|
|
46
|
+
'vulnerability.cvss_base_score',
|
|
47
|
+
'vulnerability.impact',
|
|
48
|
+
'vulnerability.background',
|
|
49
|
+
'vulnerability.problem',
|
|
50
|
+
'vulnerability.resolution',
|
|
51
|
+
'vulnerability.reference'
|
|
52
|
+
]
|
|
53
|
+
}.freeze
|
|
54
|
+
end
|
|
55
|
+
end
|
data/lib/dradis/plugins/saint.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dradis-saint
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 4.
|
|
4
|
+
version: 4.13.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Daniel Martin
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-
|
|
11
|
+
date: 2024-08-07 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dradis-plugins
|
|
@@ -58,14 +58,14 @@ dependencies:
|
|
|
58
58
|
requirements:
|
|
59
59
|
- - "~>"
|
|
60
60
|
- !ruby/object:Gem::Version
|
|
61
|
-
version: '
|
|
61
|
+
version: '2.0'
|
|
62
62
|
type: :development
|
|
63
63
|
prerelease: false
|
|
64
64
|
version_requirements: !ruby/object:Gem::Requirement
|
|
65
65
|
requirements:
|
|
66
66
|
- - "~>"
|
|
67
67
|
- !ruby/object:Gem::Version
|
|
68
|
-
version: '
|
|
68
|
+
version: '2.0'
|
|
69
69
|
- !ruby/object:Gem::Dependency
|
|
70
70
|
name: combustion
|
|
71
71
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -117,6 +117,7 @@ files:
|
|
|
117
117
|
- lib/dradis/plugins/saint/field_processor.rb
|
|
118
118
|
- lib/dradis/plugins/saint/gem_version.rb
|
|
119
119
|
- lib/dradis/plugins/saint/importer.rb
|
|
120
|
+
- lib/dradis/plugins/saint/mapping.rb
|
|
120
121
|
- lib/dradis/plugins/saint/version.rb
|
|
121
122
|
- lib/saint/base.rb
|
|
122
123
|
- lib/saint/evidence.rb
|
|
@@ -134,12 +135,8 @@ files:
|
|
|
134
135
|
- spec/saint/vulnerability_spec.rb
|
|
135
136
|
- spec/spec_helper.rb
|
|
136
137
|
- spec/xml_element.rb
|
|
137
|
-
- templates/evidence.fields
|
|
138
138
|
- templates/evidence.sample
|
|
139
|
-
- templates/evidence.template
|
|
140
|
-
- templates/vulnerability.fields
|
|
141
139
|
- templates/vulnerability.sample
|
|
142
|
-
- templates/vulnerability.template
|
|
143
140
|
homepage: https://dradis.com/integrations/saint.html
|
|
144
141
|
licenses:
|
|
145
142
|
- GPL-2
|
|
@@ -159,7 +156,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
159
156
|
- !ruby/object:Gem::Version
|
|
160
157
|
version: '0'
|
|
161
158
|
requirements: []
|
|
162
|
-
rubygems_version: 3.
|
|
159
|
+
rubygems_version: 3.5.6
|
|
163
160
|
signing_key:
|
|
164
161
|
specification_version: 4
|
|
165
162
|
summary: Saint upload add-on for Dradis Framework.
|
data/templates/evidence.fields
DELETED
data/templates/evidence.template
DELETED
|
@@ -1,14 +0,0 @@
|
|
|
1
|
-
vulnerability.description
|
|
2
|
-
vulnerability.hostname
|
|
3
|
-
vulnerability.ipaddr
|
|
4
|
-
vulnerability.hosttype
|
|
5
|
-
vulnerability.scan_time
|
|
6
|
-
vulnerability.status
|
|
7
|
-
vulnerability.severity
|
|
8
|
-
vulnerability.cve
|
|
9
|
-
vulnerability.cvss_base_score
|
|
10
|
-
vulnerability.impact
|
|
11
|
-
vulnerability.background
|
|
12
|
-
vulnerability.problem
|
|
13
|
-
vulnerability.resolution
|
|
14
|
-
vulnerability.reference
|
|
@@ -1,41 +0,0 @@
|
|
|
1
|
-
#[Title]#
|
|
2
|
-
%vulnerability.description%
|
|
3
|
-
|
|
4
|
-
#[Host Name]#
|
|
5
|
-
%vulnerability.hostname%
|
|
6
|
-
|
|
7
|
-
#[IP Address]#
|
|
8
|
-
%vulnerability.ipaddr%
|
|
9
|
-
|
|
10
|
-
#[Host Type]#
|
|
11
|
-
%vulnerability.hosttype%
|
|
12
|
-
|
|
13
|
-
#[Scan Time]#
|
|
14
|
-
%vulnerability.scan_time%
|
|
15
|
-
|
|
16
|
-
#[Status]#
|
|
17
|
-
%vulnerability.status%
|
|
18
|
-
|
|
19
|
-
#[Severity]#
|
|
20
|
-
%vulnerability.severity%
|
|
21
|
-
|
|
22
|
-
#[CVE]#
|
|
23
|
-
%vulnerability.cve%
|
|
24
|
-
|
|
25
|
-
#[CVSS Base Score]#
|
|
26
|
-
%vulnerability.cvss_base_score%
|
|
27
|
-
|
|
28
|
-
#[Impact]#
|
|
29
|
-
%vulnerability.impact%
|
|
30
|
-
|
|
31
|
-
#[Background]#
|
|
32
|
-
%vulnerability.background%
|
|
33
|
-
|
|
34
|
-
#[Problem]#
|
|
35
|
-
%vulnerability.problem%
|
|
36
|
-
|
|
37
|
-
#[Resolution]#
|
|
38
|
-
%vulnerability.resolution%
|
|
39
|
-
|
|
40
|
-
#[Reference]#
|
|
41
|
-
%vulnerability.reference%
|