heimdall_tools 1.3.37 → 1.3.41

data/lib/heimdall_tools/nikto_mapper.rb

@@ -9,10 +9,10 @@ NIKTO_NIST_MAPPING_FILE = File.join(RESOURCE_DIR, 'nikto-nist-mapping.csv')
 IMPACT_MAPPING = {
   high: 0.7,
   medium: 0.5,
-  low: 0.3,
+  low: 0.3
 }.freeze
 
-DEFAULT_NIST_TAG = ["SA-11", "RA-5"].freeze
+DEFAULT_NIST_TAG = %w{SA-11 RA-5}.freeze
 
 # Loading spinner sign
 $spinner = Enumerator.new do |e|
@@ -26,7 +26,7 @@ end
 
 module HeimdallTools
   class NiktoMapper
-    def initialize(nikto_json, name=nil, verbose = false)
+    def initialize(nikto_json, _name = nil, verbose = false)
       @nikto_json = nikto_json
       @verbose = verbose
 
@@ -36,9 +36,9 @@ module HeimdallTools
         raise "Invalid Nikto to NIST mapping file: Exception: #{e}"
       end
 
-        # TODO: Support Multi-target scan results
-        # Nikto multi-target scans generate invalid format JSONs
-        # Possible workaround to use https://stackoverflow.com/a/58209963/1670307
+      # TODO: Support Multi-target scan results
+      # Nikto multi-target scans generate invalid format JSONs
+      # Possible workaround to use https://stackoverflow.com/a/58209963/1670307
 
       begin
         @project = JSON.parse(nikto_json)
@@ -64,14 +64,14 @@ module HeimdallTools
     def finding(vulnerability)
       finding = {}
       finding['status'] = 'failed'
-      finding['code_desc'] = "URL : #{vulnerability['url'].to_s } Method: #{vulnerability['method'].to_s}"
+      finding['code_desc'] = "URL : #{vulnerability['url']} Method: #{vulnerability['method']}"
       finding['run_time'] = NA_FLOAT
       finding['start_time'] = NA_STRING
       [finding]
     end
 
     def nist_tag(niktoid)
-      entries = @nikto_nist_mapping.select { |x| niktoid.eql?(x[:niktoid].to_s) }
+      entries = @nikto_nist_mapping.select { |x| niktoid.eql?(x[:niktoid].to_s) && !x[:nistid].nil? }
       tags = entries.map { |x| x[:nistid] }
       tags.empty? ? DEFAULT_NIST_TAG : tags.flatten.uniq
     end
@@ -83,32 +83,32 @@ module HeimdallTools
     def parse_mapper
       csv_data = CSV.read(NIKTO_NIST_MAPPING_FILE, **{ encoding: 'UTF-8',
                                                    headers: true,
-                                                   header_converters: :symbol})
+                                                   header_converters: :symbol })
       csv_data.map(&:to_hash)
     end
 
     def desc_tags(data, label)
-      { "data": data || NA_STRING, "label": label || NA_STRING }
+      { data: data || NA_STRING, label: label || NA_STRING }
     end
 
-    # Nikto report could have multiple vulnerability entries for multiple findings of same issue type.  
-    # The meta data is identical across entries   
-    # method collapse_duplicates return unique controls with applicable findings collapsed into it. 
-    def collapse_duplicates(controls) 
-      unique_controls = []  
-
-      controls.map { |x| x['id'] }.uniq.each do |id|  
-        collapsed_results = controls.select { |x| x['id'].eql?(id) }.map {|x| x['results']} 
-        unique_control = controls.find { |x| x['id'].eql?(id) } 
-        unique_control['results'] = collapsed_results.flatten 
-        unique_controls << unique_control 
-      end 
-      unique_controls 
-    end 
+    # Nikto report could have multiple vulnerability entries for multiple findings of same issue type.
+    # The meta data is identical across entries
+    # method collapse_duplicates return unique controls with applicable findings collapsed into it.
+    def collapse_duplicates(controls)
+      unique_controls = []
+
+      controls.map { |x| x['id'] }.uniq.each do |id|
+        collapsed_results = controls.select { |x| x['id'].eql?(id) }.map { |x| x['results'] }
+        unique_control = controls.find { |x| x['id'].eql?(id) }
+        unique_control['results'] = collapsed_results.flatten
+        unique_controls << unique_control
+      end
+      unique_controls
+    end
 
     def to_hdf
       controls = []
-      @project['vulnerabilities'].each do | vulnerability |
+      @project['vulnerabilities'].each do |vulnerability|
         printf("\rProcessing: %s", $spinner.next)
 
         item = {}
@@ -125,11 +125,11 @@ module HeimdallTools
         # Duplicating vulnerability msg field
         item['desc']               = vulnerability['msg'].to_s
 
-        # Nitko does not provide finding severity; hard-coding severity to medium 
-        item['impact']             = impact('medium') 
+        # Nitko does not provide finding severity; hard-coding severity to medium
+        item['impact']             = impact('medium')
         item['code']               = NA_STRING
         item['results']            = finding(vulnerability)
-        item['tags']['nist']       = nist_tag( vulnerability['id'].to_s )
+        item['tags']['nist']       = nist_tag(vulnerability['id'].to_s)
         item['tags']['ösvdb']      = vulnerability['OSVDB']
 
         controls << item

data/lib/heimdall_tools/snyk_mapper.rb

@@ -10,12 +10,12 @@ CWE_NIST_MAPPING_FILE = File.join(RESOURCE_DIR, 'cwe-nist-mapping.csv')
 IMPACT_MAPPING = {
   high: 0.7,
   medium: 0.5,
-  low: 0.3,
+  low: 0.3
 }.freeze
 
 SNYK_VERSION_REGEX = 'v(\d+.)(\d+.)(\d+)'.freeze
 
-DEFAULT_NIST_TAG = ["SA-11", "RA-5"].freeze
+DEFAULT_NIST_TAG = %w{SA-11 RA-5}.freeze
 
 # Loading spinner sign
 $spinner = Enumerator.new do |e|
@@ -29,7 +29,7 @@ end
 
 module HeimdallTools
   class SnykMapper
-    def initialize(synk_json, name=nil, verbose = false)
+    def initialize(synk_json, _name = nil, verbose = false)
       @synk_json = synk_json
       @verbose = verbose
 
@@ -38,10 +38,9 @@ module HeimdallTools
         @projects = JSON.parse(synk_json)
 
         # Cover single and multi-project scan use cases.
-        unless @projects.kind_of?(Array)
-          @projects = [ @projects ]
+        unless @projects.is_a?(Array)
+          @projects = [@projects]
         end
-
       rescue StandardError => e
         raise "Invalid Snyk JSON file provided Exception: #{e}"
       end
@@ -52,7 +51,7 @@ module HeimdallTools
       begin
         info['policy'] = project['policy']
         reg = Regexp.new(SNYK_VERSION_REGEX, Regexp::IGNORECASE)
-        info['version'] = info['policy'].scan(reg).join 
+        info['version'] = info['policy'].scan(reg).join
         info['projectName'] = project['projectName']
         info['summary'] = project['summary']
 
@@ -65,7 +64,7 @@ module HeimdallTools
     def finding(vulnerability)
       finding = {}
       finding['status'] = 'failed'
-      finding['code_desc'] = "From : [ #{vulnerability['from'].join(" , ").to_s } ]"
+      finding['code_desc'] = "From : [ #{vulnerability['from'].join(' , ')} ]"
       finding['run_time'] = NA_FLOAT
 
       # Snyk results does not profile scan timestamp; using current time to satisfy HDF format
@@ -74,16 +73,16 @@ module HeimdallTools
     end
 
     def nist_tag(cweid)
-      entries = @cwe_nist_mapping.select { |x| cweid.include? x[:cweid].to_s }
+      entries = @cwe_nist_mapping.select { |x| cweid.include?(x[:cweid].to_s) && !x[:nistid].nil? }
       tags = entries.map { |x| x[:nistid] }
       tags.empty? ? DEFAULT_NIST_TAG : tags.flatten.uniq
     end
 
     def parse_identifiers(vulnerability, ref)
       # Extracting id number from reference style CWE-297
-      vulnerability['identifiers'][ref].map { |e| e.split("#{ref}-")[1]  }
-      rescue
-        return []
+      vulnerability['identifiers'][ref].map { |e| e.split("#{ref}-")[1] }
+    rescue StandardError
+      []
     end
 
     def impact(severity)
@@ -99,17 +98,17 @@ module HeimdallTools
     end
 
     def desc_tags(data, label)
-      { "data": data || NA_STRING, "label": label || NA_STRING }
+      { data: data || NA_STRING, label: label || NA_STRING }
     end
 
     # Snyk report could have multiple vulnerability entries for multiple findings of same issue type.
-    # The meta data is identical across entries 
+    # The meta data is identical across entries
     # method collapse_duplicates return unique controls with applicable findings collapsed into it.
     def collapse_duplicates(controls)
       unique_controls = []
 
       controls.map { |x| x['id'] }.uniq.each do |id|
-        collapsed_results = controls.select { |x| x['id'].eql?(id) }.map {|x| x['results']}
+        collapsed_results = controls.select { |x| x['id'].eql?(id) }.map { |x| x['results'] }
         unique_control = controls.find { |x| x['id'].eql?(id) }
         unique_control['results'] = collapsed_results.flatten
         unique_controls << unique_control
@@ -117,12 +116,11 @@ module HeimdallTools
       unique_controls
     end
 
-
     def to_hdf
       project_results = {}
-      @projects.each do | project |
+      @projects.each do |project|
         controls = []
-        project['vulnerabilities'].each do | vulnerability |
+        project['vulnerabilities'].each do |vulnerability|
           printf("\rProcessing: %s", $spinner.next)
 
           item = {}
@@ -135,13 +133,13 @@ module HeimdallTools
           item['title']              = vulnerability['title'].to_s
           item['id']                 = vulnerability['id'].to_s
           item['desc']               = vulnerability['description'].to_s
-          item['impact']             = impact(vulnerability['severity']) 
+          item['impact']             = impact(vulnerability['severity'])
           item['code']               = ''
           item['results']            = finding(vulnerability)
-          item['tags']['nist']       = nist_tag( parse_identifiers( vulnerability, 'CWE') )
-          item['tags']['cweid']      = parse_identifiers( vulnerability, 'CWE')
-          item['tags']['cveid']      = parse_identifiers( vulnerability, 'CVE')
-          item['tags']['ghsaid']     = parse_identifiers( vulnerability, 'GHSA')
+          item['tags']['nist']       = nist_tag(parse_identifiers(vulnerability, 'CWE'))
+          item['tags']['cweid']      = parse_identifiers(vulnerability, 'CWE')
+          item['tags']['cveid']      = parse_identifiers(vulnerability, 'CVE')
+          item['tags']['ghsaid']     = parse_identifiers(vulnerability, 'GHSA')
 
           controls << item
         end

data/lib/heimdall_tools/sonarqube_mapper.rb

@@ -5,7 +5,7 @@ require 'heimdall_tools/hdf'
 
 RESOURCE_DIR = Pathname.new(__FILE__).join('../../data')
 
-DEFAULT_NIST_TAG = ["SA-11", "RA-5"].freeze
+DEFAULT_NIST_TAG = %w{SA-11 RA-5}.freeze
 
 MAPPING_FILES = {
   cwe: File.join(RESOURCE_DIR, 'cwe-nist-mapping.csv'),
@@ -33,16 +33,18 @@ class SonarQubeApi
 
   PAGE_SIZE = 100
 
-  def initialize(api_url, auth=nil)
+  def initialize(api_url, auth = nil)
     @api_url = api_url
     @auth = auth
   end
 
-  def query_api(endpoint, params={})
-    creds = {
-              username: @auth.split(':')[0],
-              password: @auth.split(':')[1]
-    } unless @auth.nil?
+  def query_api(endpoint, params = {})
+    unless @auth.nil?
+      creds = {
+        username: @auth.split(':')[0],
+                password: @auth.split(':')[1]
+      }
+    end
 
     response = HTTParty.get(@api_url + endpoint, { query: params, basic_auth: creds })
     check_response response
@@ -109,9 +111,9 @@ end
 module HeimdallTools
   class SonarQubeMapper
     # Fetches the necessary data from the API and builds report
-    def initialize(project_name, sonarqube_url, auth=nil)
+    def initialize(project_name, sonarqube_url, auth = nil)
       @project_name = project_name
-      @api = SonarQubeApi.new(sonarqube_url,auth)
+      @api = SonarQubeApi.new(sonarqube_url, auth)
 
       @mappings = load_nist_mappings
       @findings = @api.query_issues(@project_name).map { |x| Finding.new(x, @api) }
@@ -132,16 +134,16 @@ module HeimdallTools
                                             headers: true,
                                             header_converters: :symbol,
                                             converters: :all })
-        mappings[mapping_type] = Hash[csv_data.reject{ |row| row[:nistid].nil? }.map { |row|
-          [row[(mapping_type.to_s.downcase + 'id').to_sym].to_s, [row[:nistid], "Rev_#{row[:rev]}"]]
-        }]
+        mappings[mapping_type] = csv_data.reject { |row| row[:nistid].nil? }.map { |row|
+          [row["#{mapping_type.to_s.downcase}id".to_sym].to_s, [row[:nistid], "Rev_#{row[:rev]}"]]
+        }.to_h
       end
       mappings
     end
 
     # Returns a report in HDF format
     def to_hdf
-      results = HeimdallDataFormat.new(profile_name: "SonarQube Scan",
+      results = HeimdallDataFormat.new(profile_name: 'SonarQube Scan',
                                        version: @api.query_version,
                                        title: "SonarQube Scan of Project: #{@project_name}",
                                        summary: "SonarQube Scan of Project: #{@project_name}",
@@ -156,7 +158,7 @@ class Control
   # OWASP is stated specifically, ex owasp-a1
   #
   # SonarQube is inconsistent with tags (ex some cwe rules don't have cwe number in desc,) as noted below
-  TAG_DATA = {} # NOTE: We count on Ruby to preserve order for TAG_DATA
+  TAG_DATA = {}.freeze # NOTE: We count on Ruby to preserve order for TAG_DATA
   TAG_DATA[:cwe] = {
     # Some rules with cwe tag don't have cwe number in description!
     # Currently only squid:S2658, but it has OWASP tag so we can use that.
@@ -206,8 +208,8 @@ class Control
       reg = Regexp.new(tag_data[:regex], Regexp::IGNORECASE)
       parsed_tags += @data['htmlDesc'].scan(reg).map(&:first)
 
-      if parsed_tags.empty? and not KNOWN_BAD_RULES.include? @key
-        puts "Error: Rule #{@key}: No regex matches for #{tag_type} tag." if parsed_tags.empty?
+      if parsed_tags.empty? and not KNOWN_BAD_RULES.include? @key && parsed_tags.empty?
+        puts "Error: Rule #{@key}: No regex matches for #{tag_type} tag."
       end
     else
       # If the tag type doesn't have a regex, it is specific enough to be mapped directly
@@ -239,11 +241,11 @@ class Control
       return [@mappings[tag_type][parsed_tag]].flatten.uniq
     end
 
-    DEFAULT_NIST_TAG # Entries with unmapped NIST tags are defaulted to NIST tags ‘SA-11, RA-5 Rev_4’
+    DEFAULT_NIST_TAG # Entries with unmapped NIST tags fall back to defaults
   end
 
   def hdf
-    # Note: Structure is based on fortify -> HDF converter output
+    # NOTE: Structure is based on fortify -> HDF converter output
     {
       title: @data['name'],
         desc: @data['htmlDesc'],
@@ -256,7 +258,7 @@ class Control
         id: @key,
         descriptions: NA_ARRAY,
         refs: NA_ARRAY,
-        source_location: NA_HASH,
+        source_location: NA_HASH
     }
   end
 end
@@ -284,10 +286,10 @@ class Finding
 
     snip_html = "StartLine: #{snip_start}, EndLine: #{snip_end}<br>Code:<pre>#{snip}</pre>"
     {
-        status: 'failed',
+      status: 'failed',
         code_desc: "Path:#{component}:#{vuln_start}:#{vuln_end} #{snip_html}",
         run_time:  NA_FLOAT,
-        start_time: Time.now.strftime("%a,%d %b %Y %X")
+        start_time: Time.now.strftime('%a,%d %b %Y %X')
     }
   end
 end

data/lib/heimdall_tools/zap_mapper.rb

@@ -3,11 +3,10 @@ require 'nokogiri'
 require 'csv'
 require 'heimdall_tools/hdf'
 
-
 RESOURCE_DIR = Pathname.new(__FILE__).join('../../data')
 
 CWE_NIST_MAPPING_FILE = File.join(RESOURCE_DIR, 'cwe-nist-mapping.csv')
-DEFAULT_NIST_TAG = ["SA-11", "RA-5"].freeze
+DEFAULT_NIST_TAG = %w{SA-11 RA-5}.freeze
 
 # rubocop:disable Metrics/AbcSize
 
@@ -58,14 +57,14 @@ module HeimdallTools
 
     def format_code_desc(code_desc)
       desc = ''
-      code_desc.keys.each do |key|
+      code_desc.each_key do |key|
         desc += "#{key.capitalize}: #{code_desc[key]}\n"
       end
       desc
     end
 
     def nist_tag(cweid)
-      entries = @cwe_nist_mapping.select { |x| x[:cweid].to_s.eql?(cweid.to_s) }
+      entries = @cwe_nist_mapping.select { |x| x[:cweid].to_s.eql?(cweid.to_s) && !x[:nistid].nil? }
       tags = entries.map { |x| [x[:nistid], "Rev_#{x[:rev]}"] }
       tags.empty? ? DEFAULT_NIST_TAG : tags.flatten.uniq
     end
@@ -98,7 +97,7 @@ module HeimdallTools
       dup_ids.each do |dup_id|
         index = 1
         controls.select { |x| x['id'].eql?(dup_id) }.each do |control|
-          control['id'] = control['id'] + '.' + index.to_s
+          control['id'] = "#{control['id']}.#{index}"
           index += 1
         end
       end

data/lib/utilities/xml_to_hash.rb

@@ -6,11 +6,13 @@ def xml_node_to_hash(node)
     result_hash = {}
     if node.attributes != {}
       attributes = {}
-      node.attributes.keys.each do |key|
+      node.attributes.each_key do |key|
         attributes[node.attributes[key].name] = node.attributes[key].value
       end
     end
-    if !node.children.empty?
+    if node.children.empty?
+      attributes
+    else
       node.children.each do |child|
         result = xml_node_to_hash(child)
 
@@ -36,9 +38,7 @@ def xml_node_to_hash(node)
         # if there is a collision then node content supersets attributes
         result_hash = attributes.merge(result_hash)
       end
-      return result_hash
-    else
-      return attributes
+      result_hash
     end
   else
     node.content.to_s
@@ -47,7 +47,7 @@ end
 
 def xml_to_hash(xml)
   begin
-    data = Nokogiri::XML(xml) { |config| config.strict }
+    data = Nokogiri::XML(xml, &:strict)
   rescue Nokogiri::XML::SyntaxError => e
     puts "XML Parsing caught exception: #{e}"
   end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: heimdall_tools
 version: !ruby/object:Gem::Version
-  version: 1.3.37
+  version: 1.3.41
 platform: ruby
 authors:
 - Robert Thew
@@ -10,7 +10,7 @@ authors:
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2021-03-01 00:00:00.000000000 Z
+date: 2021-03-29 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-configservice
@@ -27,75 +27,75 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '1'
 - !ruby/object:Gem::Dependency
-  name: nokogiri
+  name: csv
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.10.9
+        version: '3.1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.10.9
+        version: '3.1'
 - !ruby/object:Gem::Dependency
-  name: thor
+  name: git-lite-version-bump
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '0.19'
+        version: 0.17.2
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '0.19'
+        version: 0.17.2
 - !ruby/object:Gem::Dependency
-  name: json
+  name: httparty
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.3'
+        version: 0.18.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.3'
+        version: 0.18.0
 - !ruby/object:Gem::Dependency
-  name: csv
+  name: json
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.1'
+        version: '2.3'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.1'
+        version: '2.3'
 - !ruby/object:Gem::Dependency
-  name: httparty
+  name: nokogiri
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.18.0
+        version: 1.10.9
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.18.0
+        version: 1.10.9
 - !ruby/object:Gem::Dependency
   name: openssl
   requirement: !ruby/object:Gem::Requirement
@@ -111,19 +111,19 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '2.1'
 - !ruby/object:Gem::Dependency
-  name: git-lite-version-bump
+  name: thor
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.17.2
+        version: '0.19'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.17.2
+        version: '0.19'
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
@@ -180,6 +180,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: rubocop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.11'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.11'
 description: Converter utils that can be included as a gem or used from the command
   line
 email:
@@ -215,12 +229,14 @@ files:
 - lib/heimdall_tools/help/fortify_mapper.md
 - lib/heimdall_tools/help/jfrog_xray_mapper.md
 - lib/heimdall_tools/help/nessus_mapper.md
+- lib/heimdall_tools/help/netsparker_mapper.md
 - lib/heimdall_tools/help/nikto_mapper.md
 - lib/heimdall_tools/help/snyk_mapper.md
 - lib/heimdall_tools/help/sonarqube_mapper.md
 - lib/heimdall_tools/help/zap_mapper.md
 - lib/heimdall_tools/jfrog_xray_mapper.rb
 - lib/heimdall_tools/nessus_mapper.rb
+- lib/heimdall_tools/netsparker_mapper.rb
 - lib/heimdall_tools/nikto_mapper.rb
 - lib/heimdall_tools/snyk_mapper.rb
 - lib/heimdall_tools/sonarqube_mapper.rb