heimdall_tools 1.3.49 → 1.3.50
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +85 -119
- data/lib/heimdall_tools.rb +1 -0
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: b18e944c199cc2c1312da5ea554db437f2c27853036334f95cdaad0567680788
|
|
4
|
+
data.tar.gz: 2404b491dbe900134e480fe3ae1f641206ed73b3e3d8f0c1225cec053a16b324
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: d336f6df9950edf830d1d49ba13704b718ae3c1c9a3a9233813d64dba710499d27ccb0812b1eb0636f303201429b091026ec698d6e06e4e95f1efc41634e0c8d
|
|
7
|
+
data.tar.gz: ad4549d6ded0e20a3669634f8cb24836e6332966851921dbfb55e0a5d0811d6e98c9e155a461f1c1478335ddd92b6fbcb7c53de577a174a105f0f87a36f442d7
|
data/README.md
CHANGED
|
@@ -1,3 +1,7 @@
|
|
|
1
|
+
# Heimdall Tools has been depreciated. See the new [SAF CLI](https://github.com/mitre/saf)
|
|
2
|
+
|
|
3
|
+
|
|
4
|
+
|
|
1
5
|
# Heimdall Tools
|
|
2
6
|
|
|
3
7
|
|
|
@@ -5,17 +9,15 @@
|
|
|
5
9
|
|
|
6
10
|
HeimdallTools supplies several methods to convert output from various tools to "Heimdall Data Format"(HDF) format to be viewable in Heimdall. The current converters are:
|
|
7
11
|
|
|
8
|
-
1.
|
|
9
|
-
1.
|
|
10
|
-
1.
|
|
11
|
-
1.
|
|
12
|
-
1.
|
|
13
|
-
1.
|
|
14
|
-
1.
|
|
15
|
-
1.
|
|
16
|
-
1.
|
|
17
|
-
1. [**prowler_mapper**](#prowler_mapper) - assess, audit, harden, and facilitate incidence response for AWS resources
|
|
18
|
-
1. [**sarif_mapper**](#sarif_mapper) - static analysis results interchange format
|
|
12
|
+
1. [**aws_config_mapper**](#aws_config_mapper) - assess, audit, and evaluate AWS resources
|
|
13
|
+
1. [**burpsuite_mapper**](#burpsuite_mapper) - commercial dynamic analysis tool
|
|
14
|
+
1. [**dbprotect_mapper**](#dbprotect_mapper) - database vulnerability scanner
|
|
15
|
+
1. [**fortify_mapper**](#fortify_mapper) - commercial static code analysis tool
|
|
16
|
+
1. [**jfrog_xray_mapper**](#jfrog_xray_mapper) - package vulnerability scanner
|
|
17
|
+
1. [**nessus_mapper**](#nessus_mapper) - commercial security scanner (supports compliance and vulnerability scans from Tenable.sc and Tenable.io)
|
|
18
|
+
1. [**netsparker_mapper**](#netsparker_mapper) - web application security scanner
|
|
19
|
+
1. [**nikto_mapper**](#nikto_mapper) - open-source web server scanner
|
|
20
|
+
1. [**sarif_mapper**](#sarif_mapper) - static analysis results interchange format
|
|
19
21
|
1. [**scoutsuite_mapper**](#scoutsuite_mapper) - multi-cloud security auditing tool
|
|
20
22
|
1. [**snyk_mapper**](#snyk_mapper) - commercial package vulnerability scanner
|
|
21
23
|
1. [**sonarqube_mapper**](#sonarqube_mapper) - open-source static code analysis tool
|
|
@@ -86,27 +88,6 @@ For Docker usage, replace the `heimdall_tools` command with the correct Docker c
|
|
|
86
88
|
|
|
87
89
|
Note that all of the above Docker commands will mount your current directory on the Docker container. Ensure that you have navigated to the directory you intend to convert files in before executing the command.
|
|
88
90
|
|
|
89
|
-
## asff_mapper
|
|
90
|
-
|
|
91
|
-
asff_mapper translates AWS Security Finding Format results from JSON to HDF-formatted JSON so as to be viewable on Heimdall
|
|
92
|
-
|
|
93
|
-
Note: The following commands are examples to extract data via the AWS CLI that need to be fed to the mapper:
|
|
94
|
-
|
|
95
|
-
Output|Use|Command
|
|
96
|
-
---|---|---
|
|
97
|
-
ASFF json|All the findings that will be fed into the mapper|aws securityhub get-findings > asff.json
|
|
98
|
-
AWS SecurityHub enabled standards json|Get all the enabled standards so you can get their identifiers|aws securityhub get-enabled-standards > asff_standards.json
|
|
99
|
-
AWS SecurityHub standard controls json|Get all the controls for a standard that will be fed into the mapper|aws securityhub describe-standards-controls --standards-subscription-arn "arn:aws:securityhub:us-east-1:123456789123:subscription/cis-aws-foundations-benchmark/v/1.2.0" > asff_cis_standard.json
|
|
100
|
-
|
|
101
|
-
USAGE: heimdall_tools asff_mapper -i <asff-finding-json> [--sh <standard-1-json> ... <standard-n-json>] -o <hdf-scan-results-json>
|
|
102
|
-
|
|
103
|
-
FLAGS:
|
|
104
|
-
-i --input -j --json <asff-finding-json> : path to ASFF findings file.
|
|
105
|
-
--sh --securityhub-standards --input-securityhub-standards : array of paths to AWS SecurityHub standard files.
|
|
106
|
-
-o --output <hdf-scan-results-json> : path to output scan-results json.
|
|
107
|
-
|
|
108
|
-
example: heimdall_tools asff_mapper -i asff_findings.json --sh aws_standard.json cis_standard.json -o asff_hdf.json
|
|
109
|
-
|
|
110
91
|
## aws_config_mapper
|
|
111
92
|
|
|
112
93
|
aws_config_mapper pulls Ruby AWS SDK data to translate AWS Config Rule results into HDF format json to be viewable in Heimdall
|
|
@@ -120,11 +101,11 @@ aws_config_mapper pulls Ruby AWS SDK data to translate AWS Config Rule results i
|
|
|
120
101
|
[Developer Guide for configuring Ruby AWS SDK for authentication](https://docs.aws.amazon.com/sdk-for-ruby/v3/developer-guide/setup-config.html)
|
|
121
102
|
|
|
122
103
|
USAGE: heimdall_tools aws_config_mapper [OPTIONS] -o
|
|
123
|
-
|
|
104
|
+
|
|
124
105
|
FLAGS:
|
|
125
|
-
-o --output
|
|
126
|
-
-V --verbose
|
|
127
|
-
|
|
106
|
+
-o --output : path to output scan-results json.
|
|
107
|
+
-V --verbose : verbose run [optional].
|
|
108
|
+
|
|
128
109
|
example: heimdall_tools aws_config_mapper -o aws_config_results_hdf.json
|
|
129
110
|
|
|
130
111
|
## burpsuite_mapper
|
|
@@ -132,12 +113,12 @@ aws_config_mapper pulls Ruby AWS SDK data to translate AWS Config Rule results i
|
|
|
132
113
|
burpsuite_mapper translates an BurpSuite Pro exported XML results file into HDF format json to be viewable in Heimdall
|
|
133
114
|
|
|
134
115
|
USAGE: heimdall_tools burpsuite_mapper [OPTIONS] -x -o
|
|
135
|
-
|
|
116
|
+
|
|
136
117
|
FLAGS:
|
|
137
|
-
-x
|
|
138
|
-
-o --output
|
|
139
|
-
-V --verbose
|
|
140
|
-
|
|
118
|
+
-x : path to BurpSuitePro exported XML results file.
|
|
119
|
+
-o --output : path to output scan-results json.
|
|
120
|
+
-V --verbose : verbose run [optional].
|
|
121
|
+
|
|
141
122
|
example: heimdall_tools burpsuite_mapper -x burpsuite_results.xml -o scan_results.json
|
|
142
123
|
|
|
143
124
|
## dbprotect_mapper
|
|
@@ -145,12 +126,12 @@ burpsuite_mapper translates an BurpSuite Pro exported XML results file into HDF
|
|
|
145
126
|
dbprotect_mapper translates DBProtect report in `Check Results Details` format XML to HDF format JSON be viewed on Heimdall.
|
|
146
127
|
|
|
147
128
|
USAGE: heimdall_tools dbprotect_mapper [OPTIONS] -x -o
|
|
148
|
-
|
|
129
|
+
|
|
149
130
|
FLAGS:
|
|
150
|
-
-x
|
|
151
|
-
-o --output
|
|
152
|
-
-V --verbose
|
|
153
|
-
|
|
131
|
+
-x : path to DBProtect report XML file.
|
|
132
|
+
-o --output : path to output scan-results json.
|
|
133
|
+
-V --verbose : verbose run [optional].
|
|
134
|
+
|
|
154
135
|
example: heimdall_tools dbprotect_mapper -x check_results_details_report.xml -o db_protect_hdf.json
|
|
155
136
|
|
|
156
137
|
## fortify_mapper
|
|
@@ -158,12 +139,12 @@ dbprotect_mapper translates DBProtect report in `Check Results Details` format X
|
|
|
158
139
|
fortify_mapper translates an Fortify results FVDL file into HDF format json to be viewable in Heimdall
|
|
159
140
|
|
|
160
141
|
USAGE: heimdall_tools fortify_mapper [OPTIONS] -f -o
|
|
161
|
-
|
|
142
|
+
|
|
162
143
|
FLAGS:
|
|
163
|
-
-f --fvdl
|
|
164
|
-
-o --output
|
|
165
|
-
-V --verbose
|
|
166
|
-
|
|
144
|
+
-f --fvdl : path to Fortify Scan FVDL file.
|
|
145
|
+
-o --output : path to output scan-results json.
|
|
146
|
+
-V --verbose : verbose run [optional].
|
|
147
|
+
|
|
167
148
|
example: heimdall_tools fortify_mapper -f audit.fvdl -o scan_results.json
|
|
168
149
|
|
|
169
150
|
## jfrog_xray_mapper
|
|
@@ -171,12 +152,12 @@ fortify_mapper translates an Fortify results FVDL file into HDF format json to b
|
|
|
171
152
|
jfrog_xray_mapper translates an JFrog Xray results JSON file into HDF format JSON to be viewable in Heimdall
|
|
172
153
|
|
|
173
154
|
USAGE: heimdall_tools jfrog_xray_mapper [OPTIONS] -j -o
|
|
174
|
-
|
|
155
|
+
|
|
175
156
|
FLAGS:
|
|
176
|
-
-j
|
|
177
|
-
-o --output
|
|
178
|
-
-V --verbose
|
|
179
|
-
|
|
157
|
+
-j : path to xray results JSON file.
|
|
158
|
+
-o --output : path to output scan-results json.
|
|
159
|
+
-V --verbose : verbose run [optional].
|
|
160
|
+
|
|
180
161
|
example: heimdall_tools jfrog_xray_mapper -j xray_results.json -o xray_results_hdf.json
|
|
181
162
|
|
|
182
163
|
## nessus_mapper
|
|
@@ -187,12 +168,12 @@ Supports compliance and vulnerability scans from Tenable.sc and Tenable.io.
|
|
|
187
168
|
Note: A separate HDF JSON file is generated for each host reported in the Nessus Report.
|
|
188
169
|
|
|
189
170
|
USAGE: heimdall_tools nessus_mapper [OPTIONS] -x -o
|
|
190
|
-
|
|
171
|
+
|
|
191
172
|
FLAGS:
|
|
192
|
-
-x
|
|
193
|
-
-o --output_prefix
|
|
194
|
-
-V --verbose
|
|
195
|
-
|
|
173
|
+
-x : path to Nessus-exported XML results file.
|
|
174
|
+
-o --output_prefix : path to output scan-results json.
|
|
175
|
+
-V --verbose : verbose run [optional].
|
|
176
|
+
|
|
196
177
|
example: heimdall_tools nessus_mapper -x nessus-results.xml -o test-env
|
|
197
178
|
|
|
198
179
|
## netsparker_mapper
|
|
@@ -202,12 +183,12 @@ netsparker_mapper translates an Netsparker XML results file into HDF format JSON
|
|
|
202
183
|
The current iteration only works with Netsparker Enterprise Vulnerabilities Scan.
|
|
203
184
|
|
|
204
185
|
USAGE: heimdall_tools netsparker_mapper [OPTIONS] -x -o
|
|
205
|
-
|
|
186
|
+
|
|
206
187
|
FLAGS:
|
|
207
|
-
-x
|
|
208
|
-
-o --output
|
|
209
|
-
-V --verbose
|
|
210
|
-
|
|
188
|
+
-x : path to netsparker results XML file.
|
|
189
|
+
-o --output : path to output scan-results json.
|
|
190
|
+
-V --verbose : verbose run [optional].
|
|
191
|
+
|
|
211
192
|
example: heimdall_tools netsparker_mapper -x netsparker_results.xml -o netsparker_hdf.json
|
|
212
193
|
|
|
213
194
|
## nikto_mapper
|
|
@@ -217,39 +198,25 @@ nikto_mapper translates an Nikto results JSON file into HDF format JSON to be vi
|
|
|
217
198
|
Note: Current this mapper only support single target Nikto Scans.
|
|
218
199
|
|
|
219
200
|
USAGE: heimdall_tools nikto_mapper [OPTIONS] -x -o
|
|
220
|
-
|
|
201
|
+
|
|
221
202
|
FLAGS:
|
|
222
|
-
-j
|
|
223
|
-
-o --output_prefix
|
|
224
|
-
-V --verbose
|
|
225
|
-
|
|
203
|
+
-j : path to Nikto results JSON file.
|
|
204
|
+
-o --output_prefix : path to output scan-results json.
|
|
205
|
+
-V --verbose : verbose run [optional].
|
|
206
|
+
|
|
226
207
|
example: heimdall_tools nikto_mapper -j nikto_results.json -o nikto_results.json
|
|
227
208
|
|
|
228
|
-
## prowler_mapper
|
|
229
|
-
|
|
230
|
-
prowler_mapper translates Prowler-derived AWS Security Finding Format results from concatenated JSON blobs to HDF-formatted JSON so as to be viewable on Heimdall
|
|
231
|
-
|
|
232
|
-
Note: Currently this mapper only supports Prowler's ASFF output format.
|
|
233
|
-
|
|
234
|
-
USAGE: heimdall_tools prowler_mapper -i <prowler-asff-json> -o <hdf-scan-results-json>
|
|
235
|
-
|
|
236
|
-
FLAGS:
|
|
237
|
-
-i --input -j --json <prowler-asff-json> : path to Prowler ASFF findings file.
|
|
238
|
-
-o --output <hdf-scan-results-json> : path to output scan-results json.
|
|
239
|
-
|
|
240
|
-
example: heimdall_tools prowler_mapper -i prowler_results.js -o prowler_hdf.json
|
|
241
|
-
|
|
242
209
|
## sarif_mapper
|
|
243
210
|
|
|
244
211
|
sarif_mapper translates a SARIF JSON file into HDF format JSON to be viewable in Heimdall
|
|
245
212
|
|
|
246
213
|
USAGE: heimdall_tools sarif_mapper [OPTIONS] -j -o
|
|
247
|
-
|
|
214
|
+
|
|
248
215
|
FLAGS:
|
|
249
|
-
-j
|
|
250
|
-
-o --output_prefix
|
|
251
|
-
-V --verbose
|
|
252
|
-
|
|
216
|
+
-j : path to SARIF results JSON file.
|
|
217
|
+
-o --output_prefix : path to output scan-results json.
|
|
218
|
+
-V --verbose : verbose run [optional].
|
|
219
|
+
|
|
253
220
|
example: heimdall_tools sarif_mapper -j sarif_results.json -o sarif_results_hdf.json
|
|
254
221
|
|
|
255
222
|
## scoutsuite_mapper
|
|
@@ -259,11 +226,11 @@ scoutsuite_mapper translates Scout Suite results from Javascript to HDF-formatte
|
|
|
259
226
|
Note: Currently this mapper only supports AWS.
|
|
260
227
|
|
|
261
228
|
USAGE: heimdall_tools scoutsuite_mapper -i -o
|
|
262
|
-
|
|
229
|
+
|
|
263
230
|
FLAGS:
|
|
264
|
-
-i --input -j --javascript
|
|
265
|
-
-o --output
|
|
266
|
-
|
|
231
|
+
-i --input -j --javascript : path to Scout Suite results Javascript file.
|
|
232
|
+
-o --output : path to output scan-results json.
|
|
233
|
+
|
|
267
234
|
example: heimdall_tools scoutsuite_mapper -i scoutsuite_results.js -o scoutsuite_hdf.json
|
|
268
235
|
|
|
269
236
|
## snyk_mapper
|
|
@@ -273,12 +240,12 @@ snyk_mapper translates an Snyk results JSON file into HDF format json to be view
|
|
|
273
240
|
Note: A separate HDF JSON is generated for each project reported in the Snyk Report.
|
|
274
241
|
|
|
275
242
|
USAGE: heimdall_tools snyk_mapper [OPTIONS] -x -o
|
|
276
|
-
|
|
243
|
+
|
|
277
244
|
FLAGS:
|
|
278
|
-
-j
|
|
279
|
-
-o --output_prefix
|
|
280
|
-
-V --verbose
|
|
281
|
-
|
|
245
|
+
-j : path to Snyk results JSON file.
|
|
246
|
+
-o --output_prefix : path to output scan-results json.
|
|
247
|
+
-V --verbose : verbose run [optional].
|
|
248
|
+
|
|
282
249
|
example: heimdall_tools snyk_mapper -j snyk_results.json -o output-file-prefix
|
|
283
250
|
|
|
284
251
|
## sonarqube_mapper
|
|
@@ -286,18 +253,18 @@ Note: A separate HDF JSON is generated for each project reported in the Snyk Rep
|
|
|
286
253
|
sonarqube_mapper pulls SonarQube results, for the specified project, from the API and outputs in HDF format Json to be viewed on Heimdall
|
|
287
254
|
|
|
288
255
|
USAGE: heimdall_tools sonarqube_mapper [OPTIONS] -n -u -o
|
|
289
|
-
|
|
256
|
+
|
|
290
257
|
FLAGS:
|
|
291
|
-
-n --name
|
|
292
|
-
-u --api_url
|
|
293
|
-
--auth
|
|
294
|
-
-o --output
|
|
295
|
-
-V --verbose
|
|
296
|
-
|
|
258
|
+
-n --name : Project Key of the project in SonarQube
|
|
259
|
+
-u --api_url : url of the SonarQube Server API. Typically ends with /api.
|
|
260
|
+
--auth : username:password or token [optional].
|
|
261
|
+
-o --output : path to output scan-results json.
|
|
262
|
+
-V --verbose : verbose run [optional].
|
|
263
|
+
|
|
297
264
|
example:
|
|
298
|
-
|
|
265
|
+
|
|
299
266
|
heimdall_tools sonarqube_mapper -n sonar_project_key -u http://sonar:9000/api -o scan_results.json
|
|
300
|
-
|
|
267
|
+
|
|
301
268
|
heimdall_tools sonarqube_mapper -n sonar_project_key -u http://sonar:9000/api --auth admin:admin -o scan_results.json
|
|
302
269
|
|
|
303
270
|
## xccdf_results_mapper
|
|
@@ -307,11 +274,11 @@ Note: SCC outputs scan results in XCCDF-Results format.
|
|
|
307
274
|
xccdf_results_mapper translates an XCCDF_Results XML scan into HDF format json to be viewable in Heimdall.
|
|
308
275
|
|
|
309
276
|
USAGE: heimdall_tools xccdf_results_mapper [OPTIONS] -x -o
|
|
310
|
-
|
|
277
|
+
|
|
311
278
|
FLAGS:
|
|
312
|
-
-x
|
|
313
|
-
-o --output
|
|
314
|
-
|
|
279
|
+
-x : path to XCCDF-Results XML file.
|
|
280
|
+
-o --output : path to output scan-results json.
|
|
281
|
+
|
|
315
282
|
example: heimdall_tools xccdf_results_mapper -x xccdf_results.xml -o scan_results.json
|
|
316
283
|
|
|
317
284
|
## zap_mapper
|
|
@@ -319,13 +286,13 @@ xccdf_results_mapper translates an XCCDF_Results XML scan into HDF format json t
|
|
|
319
286
|
zap_mapper translates OWASP ZAP results Json to HDF format Json be viewed on Heimdall
|
|
320
287
|
|
|
321
288
|
USAGE: heimdall_tools zap_mapper [OPTIONS] -j -n -o
|
|
322
|
-
|
|
289
|
+
|
|
323
290
|
FLAGS:
|
|
324
|
-
-j --json
|
|
325
|
-
-n --name
|
|
326
|
-
-o --output
|
|
327
|
-
-V --verbose
|
|
328
|
-
|
|
291
|
+
-j --json : path to OWASP ZAP results JSON file.
|
|
292
|
+
-n --name : URL of the site being evaluated.
|
|
293
|
+
-o --output : path to output scan-results json.
|
|
294
|
+
-V --verbose : verbose run [optional].
|
|
295
|
+
|
|
329
296
|
example: heimdall_tools zap_mapper -j zap_results.json -n site_name -o scan_results.json
|
|
330
297
|
|
|
331
298
|
## version
|
|
@@ -392,7 +359,6 @@ To release a new version, update the version number in `version.rb` according to
|
|
|
392
359
|
|
|
393
360
|
### Authors
|
|
394
361
|
|
|
395
|
-
- Author:: Amndeep Singh Mann [Amndeep7](https://github.com/Amndeep7)
|
|
396
362
|
- Author:: Rony Xavier [rx294](https://github.com/rx294)
|
|
397
363
|
- Author:: Dan Mirsky [mirskiy](https://github.com/mirskiy)
|
|
398
364
|
|
data/lib/heimdall_tools.rb
CHANGED
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
$LOAD_PATH.unshift(File.expand_path(__dir__))
|
|
2
2
|
require 'heimdall_tools/version'
|
|
3
|
+
puts "NOTICE: The heimdall_tools Ruby gem is deprecated. Please see instructions on how to convert to the new TypeScript SAF CLI. https://github.com/mitre/saf\n\n"
|
|
3
4
|
|
|
4
5
|
module HeimdallTools
|
|
5
6
|
autoload :Help, 'heimdall_tools/help'
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: heimdall_tools
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.3.
|
|
4
|
+
version: 1.3.50
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Robert Thew
|
|
@@ -11,7 +11,7 @@ authors:
|
|
|
11
11
|
autorequire:
|
|
12
12
|
bindir: exe
|
|
13
13
|
cert_chain: []
|
|
14
|
-
date: 2021-
|
|
14
|
+
date: 2021-12-23 00:00:00.000000000 Z
|
|
15
15
|
dependencies:
|
|
16
16
|
- !ruby/object:Gem::Dependency
|
|
17
17
|
name: aws-sdk-configservice
|
|
@@ -304,7 +304,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
304
304
|
- !ruby/object:Gem::Version
|
|
305
305
|
version: '0'
|
|
306
306
|
requirements: []
|
|
307
|
-
rubygems_version: 3.2.
|
|
307
|
+
rubygems_version: 3.2.32
|
|
308
308
|
signing_key:
|
|
309
309
|
specification_version: 4
|
|
310
310
|
summary: Convert a variety of security product results to HDF
|