nessana 0.1.0 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 841b59ccd2b8e575f45f778d97a1b5c7b158c13fca2bf3bf554792ef25d931b7
-  data.tar.gz: 056feefeef224de161623a01593d0620def012e44346ab9d5cdae79174d41e29
+  metadata.gz: ee396ef7c7de91a411465ca7cd27f2dd2ec0ae3ada00d65f2d7fd93bcf7231d1
+  data.tar.gz: f53065e4cd980ea6ea2da9127a87bede09ceaca1a7607df7f53323b4d090aa73
 SHA512:
-  metadata.gz: 9b1d6e33a8fccc0a1b6685c5ee6f4d98ef24a1084bc7066138a851c700b886c422c79858cb80dc33eb45ae779ee50a2a09eb234e0eb683fd7ff78105addbaaed
-  data.tar.gz: 2012a1a887a6b291c1b82636504104808335f6901beb7deca7ed3acf8dc38b220a39bc251df8b49ba6ec8e5d50eb693dada3e4e99343c02ff5885b9544f9c2e7
+  metadata.gz: 68b6913aa147d06ef5e1336fd8f694f148e2f67e58cf28b1e1e3690d7761fadbcb0addcd94fa21eafd4f7bbf4bd27f8047702451e65f434d59a66141d2b604ba
+  data.tar.gz: 0bcab82e1682510938fcaf5a69a4d3cffe2beba1af660c8417d81540dd464512dcaeaee0bf57d8e3918aba060f240a9e9c686fb190d82961ce1b9ff2cf94d808

data/lib/nessana/version.rb

@@ -1,3 +1,3 @@
 module Nessana
-	VERSION = '0.1.0'.freeze
+	VERSION = '0.2.0'.freeze
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: nessana
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.2.0
 platform: ruby
 authors:
 - Kristofer Rye <kristofer.rye@gmail.com>
@@ -10,20 +10,6 @@ bindir: bin
 cert_chain: []
 date: 2019-01-22 00:00:00.000000000 Z
 dependencies:
-- !ruby/object:Gem::Dependency
-  name: asana
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 0.6.3
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 0.6.3
 - !ruby/object:Gem::Dependency
   name: fastcsv
   requirement: !ruby/object:Gem::Requirement
@@ -58,14 +44,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.8.0
+        version: 0.9.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.8.0
+        version: 0.9.0
 - !ruby/object:Gem::Dependency
   name: codecov
   requirement: !ruby/object:Gem::Requirement
@@ -80,20 +66,6 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: 0.1.14
-- !ruby/object:Gem::Dependency
-  name: coveralls
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 0.8.22
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 0.8.22
 - !ruby/object:Gem::Dependency
   name: guard
   requirement: !ruby/object:Gem::Requirement
@@ -128,14 +100,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.11.3
+        version: 0.12.2
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.11.3
+        version: 0.12.2
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
@@ -206,7 +178,7 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: 0.16.1
-description: 'A Nessus dump parser and differ which can create Asana tasks.
+description: 'A fast Nessus dump parser and differ.
 
 '
 email: 
@@ -217,7 +189,6 @@ extra_rdoc_files: []
 files:
 - README.md
 - bin/nessana
-- bin/nessana_old
 - lib/nessana.rb
 - lib/nessana/detection.rb
 - lib/nessana/dump.rb
@@ -248,5 +219,5 @@ requirements: []
 rubygems_version: 3.0.2
 signing_key: 
 specification_version: 4
-summary: A Nessus dump parser and Asana task creator
+summary: A Nessus dump parser and differ
 test_files: []

data/bin/nessana_old

@@ -1,145 +0,0 @@
-#!/usr/bin/env ruby
-
-require 'asana'
-require 'csv'
-require 'json'
-require 'logger'
-require 'pp'
-require 'pry'
-require 'ruby-prof'
-require 'ruby-prof-flamegraph'
-require 'yaml'
-
-require 'nessana/vulnerability'
-require 'nessana/vulnerability_list'
-
-result = RubyProf.profile do
-
-$logger = Logger.new(STDOUT)
-$logger.level = Logger::DEBUG
-
-$file_contents = open('secrets.yml', 'rb') do |io|
-	io.read
-end
-
-$asana_access_token = YAML.load($file_contents)['ASANA_PAT']
-
-$client = Asana::Client.new do |c|
-	c.authentication :access_token, $asana_access_token
-end
-
-workspace = $client.workspaces.find_all.select do |workspace|
-	workspace.name == 'stolaf.org'
-end.first
-
-project = $client.projects.find_all(workspace: workspace.id).select do |project|
-	project.name == '[Sys] Security'
-end.first
-
-tag = $client.tags.find_all(workspace: workspace.id).select do |tag|
-	tag.name == 'Automated [Nessana]'
-end.first
-
-pp project.sections
-
-tasks = $client.tasks.find_by_tag(tag: tag.id).map do |flat_task|
-	$logger.debug "Fetching task with id=#{flat_task.id}"
-	$client.tasks.find_by_id(flat_task.id).to_h
-end.select do |task_hash|
-	!task_hash["completed"]
-end
-
-pp tasks
-
-end
-
-printer = RubyProf::FlameGraphPrinter.new(result)
-printer.print(STDERR, {})
-
-__END__
-
-output = nil
-
-result = RubyProf.profile do
-	vulnerabilities = VulnerabilityList.from_csv(ARGV[0])
-
-	$vulnerabilities = vulnerabilities.filter_risks.filter_not_accessible
-
-	# vuln_plugin_mapping = $vulnerabilities.each_with_object({}) do |vuln, hash|
-	# 	cve_string = vuln.cve ? " (#{vuln.cve})" : ""
-	# 	puts "Adding entry for #{vuln.plugin_id}#{cve_string} on host #{vuln.host}:#{vuln.port} (#{vuln.protocol})"
-	# 	hash[vuln.plugin_id] ||= []
-	# 	hash[vuln.plugin_id].push vuln
-	# end
-
-	vulns_by_plugin = $vulnerabilities.each_with_object({}) do |vuln, hash|
-		hash[vuln.plugin_id] ||= []
-		hash[vuln.plugin_id] << vuln
-	end
-
-	reports = vulns_by_plugin.map do |plugin_id, vulns|
-		uniqued_titles = vulns.map do |vuln|
-			vuln.name
-		end.uniq
-
-		uniqued_cves = vulns.map do |vuln|
-			vuln.cve
-		end.uniq
-
-		uniqued_cvsss = vulns.map do |vuln|
-			vuln.cvss
-		end.uniq
-
-		uniqued_risks = vulns.map do |vuln|
-			vuln.risk
-		end.uniq
-
-		throw "Plugin #{plugin_id} produced #{uniqued_titles.count} != 1 unique titles!" unless uniqued_titles.count == 1
-		throw "Plugin #{plugin_id} produced #{uniqued_cvsss.count} != 1 unique CVSS's!" unless uniqued_cvsss.count == 1
-		throw "Plugin #{plugin_id} produced #{uniqued_risks.count} != 1 unique risks!" unless uniqued_risks.count == 1
-
-		uniqued_hosts = vulns.map do |vuln|
-			vuln.readable_host
-		end.uniq
-
-		uniqued_synopses = vulns.map do |vuln|
-			vuln.synopsis
-		end.uniq
-
-		throw "More than one unique synopsis given?" unless uniqued_synopses.count == 1
-
-		uniqued_descriptions = vulns.map do |vuln|
-			vuln.description
-		end.uniq
-
-		throw "More than one unique description given?" unless uniqued_descriptions.count == 1
-
-		uniqued_solutions = vulns.map do |vuln|
-			vuln.solution
-		end.uniq
-
-		throw "More than one unique solution given?" unless uniqued_solutions.count == 1
-
-		{
-			cvss: uniqued_cvsss.first,
-			title: "[Nessus #{plugin_id}] #{uniqued_titles.join(', ')}",
-			body: "CVE: #{uniqued_cves.first || 'N/A'}\nCVSS: #{uniqued_cvsss.first || 'N/A'}\nRisk: #{uniqued_risks.first || 'N/A'}\n\nSYNOPSIS\n\n#{uniqued_synopses.first}\n\nDESCRIPTION\n\n#{uniqued_descriptions.first.join("\n\n")}\n\nSOLUTION\n\n#{uniqued_solutions.first.join("\n\n")}\n\nThis issue was detected on #{uniqued_hosts.count} hosts: #{uniqued_hosts.join(', ')}",
-			hosts: uniqued_hosts
-		}
-	end
-
-	output = reports.sort do |report_a, report_b|
-		report_b[:cvss] <=> report_a[:cvss]
-	end.map do |report|
-		[report[:title], report[:body]]
-	end.to_a
-end
-
-printer = RubyProf::GraphPrinter.new(result)
-printer.print(STDOUT, {})
-
-CSV.open(ARGV[1], 'wb') do |csv|
-	output.each do |row|
-		csv << row
-	end
-end