heimdall_tools 1.3.40 → 1.3.45
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +15 -0
- data/lib/data/aws-config-mapping.csv +107 -107
- data/lib/heimdall_tools/aws_config_mapper.rb +55 -37
- data/lib/heimdall_tools/burpsuite_mapper.rb +7 -12
- data/lib/heimdall_tools/cli.rb +9 -21
- data/lib/heimdall_tools/command.rb +0 -2
- data/lib/heimdall_tools/dbprotect_mapper.rb +13 -26
- data/lib/heimdall_tools/fortify_mapper.rb +2 -4
- data/lib/heimdall_tools/hdf.rb +4 -5
- data/lib/heimdall_tools/jfrog_xray_mapper.rb +26 -28
- data/lib/heimdall_tools/nessus_mapper.rb +41 -48
- data/lib/heimdall_tools/netsparker_mapper.rb +21 -28
- data/lib/heimdall_tools/nikto_mapper.rb +27 -28
- data/lib/heimdall_tools/snyk_mapper.rb +20 -23
- data/lib/heimdall_tools/sonarqube_mapper.rb +23 -21
- data/lib/heimdall_tools/zap_mapper.rb +4 -6
- data/lib/utilities/xml_to_hash.rb +6 -6
- metadata +39 -25
@@ -3,19 +3,17 @@ require 'nokogiri'
|
|
3
3
|
require 'csv'
|
4
4
|
require 'heimdall_tools/hdf'
|
5
5
|
|
6
|
-
|
7
6
|
RESOURCE_DIR = Pathname.new(__FILE__).join('../../data')
|
8
7
|
|
9
8
|
CWE_NIST_MAPPING_FILE = File.join(RESOURCE_DIR, 'cwe-nist-mapping.csv')
|
10
|
-
DEFAULT_NIST_TAG =
|
9
|
+
DEFAULT_NIST_TAG = %w{SA-11 RA-5}.freeze
|
11
10
|
|
12
11
|
# rubocop:disable Metrics/AbcSize
|
13
12
|
|
14
13
|
module HeimdallTools
|
15
14
|
class ZapMapper
|
16
|
-
def initialize(zap_json, name
|
15
|
+
def initialize(zap_json, name)
|
17
16
|
@zap_json = zap_json
|
18
|
-
@verbose = verbose
|
19
17
|
|
20
18
|
begin
|
21
19
|
data = JSON.parse(zap_json, symbolize_names: true)
|
@@ -58,7 +56,7 @@ module HeimdallTools
|
|
58
56
|
|
59
57
|
def format_code_desc(code_desc)
|
60
58
|
desc = ''
|
61
|
-
code_desc.
|
59
|
+
code_desc.each_key do |key|
|
62
60
|
desc += "#{key.capitalize}: #{code_desc[key]}\n"
|
63
61
|
end
|
64
62
|
desc
|
@@ -98,7 +96,7 @@ module HeimdallTools
|
|
98
96
|
dup_ids.each do |dup_id|
|
99
97
|
index = 1
|
100
98
|
controls.select { |x| x['id'].eql?(dup_id) }.each do |control|
|
101
|
-
control['id'] = control['id']
|
99
|
+
control['id'] = "#{control['id']}.#{index}"
|
102
100
|
index += 1
|
103
101
|
end
|
104
102
|
end
|
@@ -6,11 +6,13 @@ def xml_node_to_hash(node)
|
|
6
6
|
result_hash = {}
|
7
7
|
if node.attributes != {}
|
8
8
|
attributes = {}
|
9
|
-
node.attributes.
|
9
|
+
node.attributes.each_key do |key|
|
10
10
|
attributes[node.attributes[key].name] = node.attributes[key].value
|
11
11
|
end
|
12
12
|
end
|
13
|
-
if
|
13
|
+
if node.children.empty?
|
14
|
+
attributes
|
15
|
+
else
|
14
16
|
node.children.each do |child|
|
15
17
|
result = xml_node_to_hash(child)
|
16
18
|
|
@@ -36,9 +38,7 @@ def xml_node_to_hash(node)
|
|
36
38
|
# if there is a collision then node content supersets attributes
|
37
39
|
result_hash = attributes.merge(result_hash)
|
38
40
|
end
|
39
|
-
|
40
|
-
else
|
41
|
-
return attributes
|
41
|
+
result_hash
|
42
42
|
end
|
43
43
|
else
|
44
44
|
node.content.to_s
|
@@ -47,7 +47,7 @@ end
|
|
47
47
|
|
48
48
|
def xml_to_hash(xml)
|
49
49
|
begin
|
50
|
-
data = Nokogiri::XML(xml
|
50
|
+
data = Nokogiri::XML(xml, &:strict)
|
51
51
|
rescue Nokogiri::XML::SyntaxError => e
|
52
52
|
puts "XML Parsing caught exception: #{e}"
|
53
53
|
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: heimdall_tools
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.3.
|
4
|
+
version: 1.3.45
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Robert Thew
|
@@ -10,7 +10,7 @@ authors:
|
|
10
10
|
autorequire:
|
11
11
|
bindir: exe
|
12
12
|
cert_chain: []
|
13
|
-
date: 2021-
|
13
|
+
date: 2021-05-01 00:00:00.000000000 Z
|
14
14
|
dependencies:
|
15
15
|
- !ruby/object:Gem::Dependency
|
16
16
|
name: aws-sdk-configservice
|
@@ -27,75 +27,75 @@ dependencies:
|
|
27
27
|
- !ruby/object:Gem::Version
|
28
28
|
version: '1'
|
29
29
|
- !ruby/object:Gem::Dependency
|
30
|
-
name:
|
30
|
+
name: csv
|
31
31
|
requirement: !ruby/object:Gem::Requirement
|
32
32
|
requirements:
|
33
33
|
- - "~>"
|
34
34
|
- !ruby/object:Gem::Version
|
35
|
-
version: 1
|
35
|
+
version: '3.1'
|
36
36
|
type: :runtime
|
37
37
|
prerelease: false
|
38
38
|
version_requirements: !ruby/object:Gem::Requirement
|
39
39
|
requirements:
|
40
40
|
- - "~>"
|
41
41
|
- !ruby/object:Gem::Version
|
42
|
-
version: 1
|
42
|
+
version: '3.1'
|
43
43
|
- !ruby/object:Gem::Dependency
|
44
|
-
name:
|
44
|
+
name: git-lite-version-bump
|
45
45
|
requirement: !ruby/object:Gem::Requirement
|
46
46
|
requirements:
|
47
|
-
- - "
|
47
|
+
- - ">="
|
48
48
|
- !ruby/object:Gem::Version
|
49
|
-
version:
|
49
|
+
version: 0.17.2
|
50
50
|
type: :runtime
|
51
51
|
prerelease: false
|
52
52
|
version_requirements: !ruby/object:Gem::Requirement
|
53
53
|
requirements:
|
54
|
-
- - "
|
54
|
+
- - ">="
|
55
55
|
- !ruby/object:Gem::Version
|
56
|
-
version:
|
56
|
+
version: 0.17.2
|
57
57
|
- !ruby/object:Gem::Dependency
|
58
|
-
name:
|
58
|
+
name: httparty
|
59
59
|
requirement: !ruby/object:Gem::Requirement
|
60
60
|
requirements:
|
61
61
|
- - "~>"
|
62
62
|
- !ruby/object:Gem::Version
|
63
|
-
version:
|
63
|
+
version: 0.18.0
|
64
64
|
type: :runtime
|
65
65
|
prerelease: false
|
66
66
|
version_requirements: !ruby/object:Gem::Requirement
|
67
67
|
requirements:
|
68
68
|
- - "~>"
|
69
69
|
- !ruby/object:Gem::Version
|
70
|
-
version:
|
70
|
+
version: 0.18.0
|
71
71
|
- !ruby/object:Gem::Dependency
|
72
|
-
name:
|
72
|
+
name: json
|
73
73
|
requirement: !ruby/object:Gem::Requirement
|
74
74
|
requirements:
|
75
75
|
- - "~>"
|
76
76
|
- !ruby/object:Gem::Version
|
77
|
-
version: '3
|
77
|
+
version: '2.3'
|
78
78
|
type: :runtime
|
79
79
|
prerelease: false
|
80
80
|
version_requirements: !ruby/object:Gem::Requirement
|
81
81
|
requirements:
|
82
82
|
- - "~>"
|
83
83
|
- !ruby/object:Gem::Version
|
84
|
-
version: '3
|
84
|
+
version: '2.3'
|
85
85
|
- !ruby/object:Gem::Dependency
|
86
|
-
name:
|
86
|
+
name: nokogiri
|
87
87
|
requirement: !ruby/object:Gem::Requirement
|
88
88
|
requirements:
|
89
89
|
- - "~>"
|
90
90
|
- !ruby/object:Gem::Version
|
91
|
-
version:
|
91
|
+
version: '1.11'
|
92
92
|
type: :runtime
|
93
93
|
prerelease: false
|
94
94
|
version_requirements: !ruby/object:Gem::Requirement
|
95
95
|
requirements:
|
96
96
|
- - "~>"
|
97
97
|
- !ruby/object:Gem::Version
|
98
|
-
version:
|
98
|
+
version: '1.11'
|
99
99
|
- !ruby/object:Gem::Dependency
|
100
100
|
name: openssl
|
101
101
|
requirement: !ruby/object:Gem::Requirement
|
@@ -111,19 +111,19 @@ dependencies:
|
|
111
111
|
- !ruby/object:Gem::Version
|
112
112
|
version: '2.1'
|
113
113
|
- !ruby/object:Gem::Dependency
|
114
|
-
name:
|
114
|
+
name: thor
|
115
115
|
requirement: !ruby/object:Gem::Requirement
|
116
116
|
requirements:
|
117
|
-
- - "
|
117
|
+
- - "~>"
|
118
118
|
- !ruby/object:Gem::Version
|
119
|
-
version: 0.
|
119
|
+
version: '0.19'
|
120
120
|
type: :runtime
|
121
121
|
prerelease: false
|
122
122
|
version_requirements: !ruby/object:Gem::Requirement
|
123
123
|
requirements:
|
124
|
-
- - "
|
124
|
+
- - "~>"
|
125
125
|
- !ruby/object:Gem::Version
|
126
|
-
version: 0.
|
126
|
+
version: '0.19'
|
127
127
|
- !ruby/object:Gem::Dependency
|
128
128
|
name: bundler
|
129
129
|
requirement: !ruby/object:Gem::Requirement
|
@@ -180,6 +180,20 @@ dependencies:
|
|
180
180
|
- - ">="
|
181
181
|
- !ruby/object:Gem::Version
|
182
182
|
version: '0'
|
183
|
+
- !ruby/object:Gem::Dependency
|
184
|
+
name: rubocop
|
185
|
+
requirement: !ruby/object:Gem::Requirement
|
186
|
+
requirements:
|
187
|
+
- - "~>"
|
188
|
+
- !ruby/object:Gem::Version
|
189
|
+
version: '1.11'
|
190
|
+
type: :development
|
191
|
+
prerelease: false
|
192
|
+
version_requirements: !ruby/object:Gem::Requirement
|
193
|
+
requirements:
|
194
|
+
- - "~>"
|
195
|
+
- !ruby/object:Gem::Version
|
196
|
+
version: '1.11'
|
183
197
|
description: Converter utils that can be included as a gem or used from the command
|
184
198
|
line
|
185
199
|
email:
|
@@ -248,7 +262,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
248
262
|
- !ruby/object:Gem::Version
|
249
263
|
version: '0'
|
250
264
|
requirements: []
|
251
|
-
rubygems_version: 3.2.
|
265
|
+
rubygems_version: 3.2.15
|
252
266
|
signing_key:
|
253
267
|
specification_version: 4
|
254
268
|
summary: Convert Forify, Openzap and Sonarqube results to HDF
|