nipper_parser 1.0.0 → 1.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 5eb54da76791f956afd5e6c7c845127c02bbb39b
-  data.tar.gz: 68702d1dd51b46f06b97d82bfb45940d5137dc0f
+  metadata.gz: 4a042f45d32532f487c29dca148378d91aa7e599
+  data.tar.gz: 6403288acfcc080a3e27bac6c0a91ae450b9ed3f
 SHA512:
-  metadata.gz: 3c1e8c381bf6ced1f2324841c17a3b3f6e873744914b902a0bf408e5d0ce3956b28f9b7a025396378f6f2729b826c6e298f7f1a55e6b41bce9e58803af0bc2f6
-  data.tar.gz: afa11d53d7ae2ca158ca347cd3279d893a64f1f3c5b852e0985bddc49c331999499e1249483e6c7e9ffeb495c68a551fad2fca6208ec0231462fc2c644665ba9
+  metadata.gz: eb512be1015bfd3c4cab072828b6122cdb9062b76dc127ea8058fd2c97e62743961fd505930890fedcc931d8b1f4f0a5d577806076049927e407be6fb7bc3d40
+  data.tar.gz: 718322087f9b8c07cb6c4ac02f110402c742383447b0b9265880ab8ee6d3cf16df3e22ab2213bd4c9a905f425140c677815363072b13881bcd3c26d46ba36847

data/.travis.yml

@@ -1,5 +1,8 @@
 sudo: false
 language: ruby
 rvm:
-  - 2.4.1
-before_install: gem install bundler -v 1.14.5
+  - 2.3.0
+  - 2.4.0
+before_install:
+  - gem install bundler -v 1.14.5
+  - bundle install

data/README.md

@@ -1,9 +1,8 @@
 # NipperParser
-[![travis-cli](https://api.travis-ci.org/KINGSABRI/nipper_parser.svg)](https://travis-ci.org/KINGSABRI/nipper_parser/) 
+[![Gem Version](https://badge.fury.io/rb/nipper_parser.svg)](https://badge.fury.io/rb/nipper_parser)
 [![Code Climate](https://codeclimate.com/github/KINGSABRI/nipper_parser/badges/gpa.svg)](https://codeclimate.com/github/KINGSABRI/nipper_parser) 
 [![Codacy Badge](https://api.codacy.com/project/badge/Grade/8c81748967664cc5bb92147581fb6802)](https://www.codacy.com/app/king-sabri/attack-domain?utm_source=github.com&utm_medium=referral&utm_content=KINGSABRI/nipper_parser&utm_campaign=Badge_Grade)  
 [![inch-ci](https://inch-ci.org/github/KINGSABRI/nipper_parser.svg?branch=master)](https://inch-ci.org/github/KINGSABRI/nipper_parser)
-[![Gem Version](https://badge.fury.io/rb/nipper_parser.svg)](https://badge.fury.io/rb/nipper_parser)
 
 NipperParser gem is an unofficial parser for [Titania Nipper Studio](https://www.titania.com/products/nipper-studio) XML report.
 
@@ -12,21 +11,21 @@ NipperParser gem is an unofficial parser for [Titania Nipper Studio](https://www
 
 | Modules / Sections     | Supported |
 |------------------------|-----------|
-| Information            |     x     |
-| Security Audit         |     x     |
-| Vulnerability Audit    |     x     |
+| Information            |     ✓     |
+| Security Audit         |     ✓     |
+| Vulnerability Audit    |     ✓     |
 | CIS Benchmarks         |           |
 | STIG Compliance        |           |
 | SANS Policy Compliance |           |
 | PCI Audit              |           |
-| Filtering Complexity   |           |
+| Filtering Complexity   |     ✓     |
 | Configuration Report   |           |
 | Raw Configuration      |           |
 | Raw Change Tracking    |           |
 | Appendix               |           |
  
 
-## Installation (not published yet)
+## Installation
 
 ```ruby
 gem install nipper_parser

data/lib/nipper_parser.rb

@@ -1,11 +1,13 @@
-# lib = File.expand_path('..', __FILE__)
-# $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+lib = File.expand_path('..', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
 
 require 'nokogiri'
 require 'nipper_parser/version'
 require 'nipper_parser/parsers/parser_utils'
 require 'nipper_parser/parsers/information'
 require 'nipper_parser/parsers/security_audit'
+require 'nipper_parser/parsers/vulnerability_audit'
+require 'nipper_parser/parsers/filtering_complexity'
 
 module NipperParser
 
@@ -36,12 +38,23 @@ module NipperParser
       alias_method :open, :new
     end
 
-    attr_reader :information, :security_audit
+    # @!attribute #information for report general information section, it calls [Information] class
+    attr_reader :information
+    # @!attribute #security_audit for security audit section, it calls [SecurityAudit] class
+    attr_reader :security_audit
+    # @!attribute #vulnerability_audit for report vulnerability audit section, it calls [VulnerabilityAudit] class
+    attr_reader :vulnerability_audit
+    # @!attribute #filtering_complexity for report filtering complexity section, it calls [FilteringComplexity] class
+    attr_reader :filtering_complexity
+
     def initialize(file)
       config_parsed = Nokogiri::XML(File.open(file))
+
       # instantiate all parsers
-      @information    = Information.new(config_parsed)
-      @security_audit = SecurityAudit.new(config_parsed)
+      @information           = Information.new(config_parsed)
+      @security_audit        = SecurityAudit.new(config_parsed)
+      @vulnerability_audit   = VulnerabilityAudit.new(config_parsed)
+      @filtering_complexity  = FilteringComplexity.new(config_parsed)
     end
   end
 
@@ -55,13 +68,48 @@ if __FILE__ == $0
   pp nipper_parser.information.title
   pp nipper_parser.information.author
   pp nipper_parser.information.date
-  pp nipper_parser.security_audit
+  pp nipper_parser.security_audit.title
+  pp nipper_parser.security_audit.introduction.security_issue_overview
   pp nipper_parser.security_audit.findings
-  pp nipper_parser.security_audit.findings[0].class
-  pp nipper_parser.security_audit.findings[0].title
-  pp nipper_parser.security_audit.findings[0].impact
+  finding = nipper_parser.security_audit.findings[0]
+  pp finding.class
+  pp finding.title
+  pp finding.impact
   pp nipper_parser.security_audit.conclusions
   pp nipper_parser.security_audit.conclusions.per_device
   pp nipper_parser.security_audit.recommendations.list
   pp nipper_parser.security_audit.mitigation_classification
+  pp nipper_parser.vulnerability_audit.class
+  pp nipper_parser.vulnerability_audit.title
+  pp nipper_parser.vulnerability_audit.introduction
+  pp nipper_parser.vulnerability_audit.introduction.excluded_devices
+  cve = nipper_parser.vulnerability_audit.cves[0]
+  pp cve.title
+  pp cve.rating
+  pp cve.summary
+  pp cve.affected_devices
+  pp cve.vendor_sec_advisories
+  pp cve.references
+  pp nipper_parser.vulnerability_audit.conclusions
+  pp nipper_parser.vulnerability_audit.conclusions.list_critical
+  pp nipper_parser.vulnerability_audit.recommendations
+  pp nipper_parser.filtering_complexity
+  pp nipper_parser.filtering_complexity.title
+  pp nipper_parser.filtering_complexity.introduction
+  pp nipper_parser.filtering_complexity.introduction.devices
+  observations = nipper_parser.filtering_complexity.observations
+  puts  "Number of observations: #{observations.size}"
+  observation = observations[2]
+  pp observation.title
+  pp observation.index
+  pp observation.ref
+  pp observation.overview
+  pp observation.affected_devices
+  pp observation.affected_devices[0].title
+  puts
+  pp observation.affected_devices[0].details
+  puts
+  pp observation.affected_devices[0].details_tables[0].title
+  pp observation.affected_devices[0].details_tables[0].tables
+
 end

data/lib/nipper_parser/parsers/README.md

@@ -41,14 +41,14 @@ experience.
 #### Usage
 
 ```ruby
+pp security_audit = nipper_parser.security_audit
+
 # - Introduction
 pp security_audit.introduction.class
 pp security_audit.introduction.title
 pp security_audit.introduction.date
 pp security_audit.introduction.security_issue_overview
-
 # - Findings
-pp security_audit = nipper_parser.security_audit
 pp security_audit.findings
 finding = security_audit.findings[0]              # Play wit a finding
 pp finding.class
@@ -85,18 +85,33 @@ A report detailing publically known software vulnerabilities in the device firmw
 manufacturer and third-party references.
 
 **Vulnerability Audit Section Contains:**
-- Introduction                  [not yet implemented - PR is welcome]
-- CVEs list                     [not yet implemented - PR is welcome]
-- Conclusions                   [not yet implemented - PR is welcome]
-- Recommendations               [not yet implemented - PR is welcome]
+- Introduction                  [implemented]
+- CVEs list                     [implemented]
+- Conclusions                   [implemented]
+- Recommendations               [implemented]
 
 #### Usage
 
 ```ruby
+vulnerability_audit = nipper_parser.vulnerability_audit
+
 # - Introduction
+pp vulnerability_audit.class
+pp vulnerability_audit.introduction
+pp vulnerability_audit.introduction.excluded_devices
 # - CVEs
+cve = vulnerability_audit.cves[0]
+pp cve.title
+pp cve.rating
+pp cve.summary
+pp cve.affected_devices
+pp cve.vendor_sec_advisories
+pp cve.references
 # - Conclusions
+pp vulnerability_audit.conclusions.class
+pp vulnerability_audit.conclusions.list_critical
 # - Recommendations
+pp vulnerability_audit.recommendations.list
 ```
 
 ### CIS Benchmarks
@@ -174,7 +189,24 @@ group recursion and more.
 
 ```ruby
 # - Introduction
+filtering = nipper_parser.filtering_complexity
+pp filtering.title
+pp filtering.introduction
+pp filtering.introduction.devices
+
 # - Observations
+observations = filtering.observations
+puts  "Number of observations: #{observations.size}"
+observation = observations[0]
+pp observation.title
+pp observation.index
+pp observation.ref
+pp observation.overview
+pp observation.affected_devices
+pp observation.affected_devices[0].title
+pp observation.affected_devices[0].details
+pp observation.affected_devices[0].details_tables[0].title
+pp observation.affected_devices[0].details_tables[0].tables
 ```
 
 ### Configuration Report

data/lib/nipper_parser/parsers/filtering_complexity.rb

@@ -0,0 +1,155 @@
+module NipperParser
+
+  # FilteringComplexity parses the 'Filtering Complexity' part.
+  #   Filtering Complexity part contains the following sections:
+  #     - introduction
+  #     - Observations
+  #
+  # @example Basic Usage:
+  #   require 'nokogiri'
+  #   require 'pp'
+  #   config = Nokogiri::XML open(ARGV[0])
+  #   vulnerability_audit = NipperParser::FilteringComplexity.new(config)
+  #   pp FilteringComplexity.class
+  #   pp FilteringComplexity.introduction
+  #   pp FilteringComplexity.introduction.excluded_devices
+  #   filter = FilteringComplexity.cves[0]
+  #
+  # @param config [Nokogiri::XML] parsed XML
+  # @attr_reader title the report title
+  # @attr_reader config a parsed XML [Nokogiri::XML] object
+  class FilteringComplexity
+    include ParserUtils
+
+    # Skeleton for SecurityAudit parts
+
+    Introduction = Struct.new(
+        :index,
+        :title, :ref, :devices,
+        :security_issue_overview, :rating
+    )
+
+    Observation = Struct.new(
+        :index, :title, :ref, :overview,
+        :affected_devices, :false_positive
+    )
+
+    attr_reader :config, :title
+
+    # @param config [Nokogiri::XML::Document]
+    def initialize(config)
+      part    = config.xpath("//report/part[@ref='COMPLEXITY']")
+      @config = part[0].elements
+      @title  = part[0].attributes['title'].text
+
+    end
+
+    # Introduction of the Security Audit report
+    def introduction
+      intro = @config[0]
+      attribute = attributes(intro)
+      index     = attribute.index
+      title     = attribute.title
+      reference = attribute.ref
+      devices   = generate_table(intro.elements[1].elements)
+
+      Introduction.new(index, title, reference, devices)
+    end
+
+    # observations parses observations
+    #
+    # @return [Array<Observation>]
+    def observations
+      obs = @config.to_a.clone
+      obs.shift   # pop first item, the introduction
+      @observations = obs.map do |observation|
+
+        Observation.new(
+            attributes(observation).index,
+            attributes(observation).title,
+            attributes(observation).ref,
+            observation.elements[0].text.strip,      # overview
+            affected_devices(observation),           # affected_devices
+            false                                    # observation can be marked as a false positive
+        )
+      end
+
+    end
+
+    # List all false positive observations
+    #
+    # @return [Array<Observation>]
+    def false_positive
+      observations.select(&:false_positive)
+    end
+
+    private
+    AffectedDevice = Struct.new(
+        :index, :title, :ref,
+        :details, :details_tables
+    )
+    # affected_devices parses affected devices from give Observation object. @see #observations
+    #
+    # @param observation [Nokogiri::XML::Element]
+    # @return [Array<AffectedDevices>]
+    def affected_devices(observation)
+      obs_devices = observation.elements
+      obs_devices.shift  # pop first item, the overview
+
+      obs_devices.map do |device|
+        AffectedDevice.new(
+            attributes(device).index,   #fixme affected device index should not be same as observation index
+            attributes(device).title,
+            attributes(device).ref,
+            device.elements[0].text,                # details
+            details_tables(device)                  # details tables
+        )
+      end
+    end
+
+    DetailsTable = Struct.new(
+        :index, :title, :ref,
+        :tables
+    )
+    # details_tables parses tables of affected devices from give device. @see #affected_devices
+    #
+    # @param device [Nokogiri::XML::Element]
+    # @return [Array<AffectedDevices>]
+    def details_tables(device)
+      tables = device.elements
+      tables.shift
+      begin
+        tables.map do |table|
+          DetailsTable.new(
+              attributes(table).index,
+              attributes(table).title,
+              attributes(table).ref,
+              generate_table(table.elements)     # tables
+          )
+        end
+      rescue
+        # tables.map do |table|
+        #   DetailsTable.new(
+        #       nil, nil, nil,
+        #       tables.xpath('listitem').map(&:text)
+        #   )
+        # end
+
+        tables.xpath('listitem').map(&:text)
+      end
+
+    end
+
+  end
+end
+
+
+
+if __FILE__ == $0
+  require 'nokogiri'
+  require 'pp'
+  config = Nokogiri::XML open(ARGV[0])
+  filter = NipperParser::FilteringComplexity.new(config)
+  pp filter.introduction.class
+  pp filter.introduction.index
+end

data/lib/nipper_parser/parsers/parser_utils.rb

@@ -1,3 +1,6 @@
+require 'date'
+
+
 module NipperParser
 
   # ParserUtils is a helper module for parsers' quick and dirty operations.
@@ -26,13 +29,16 @@ module NipperParser
     end
 
     Attribute = Struct.new(:index, :title, :ref)
-    # @param attr [Nokogiri::XML::Element] attributes
-    # @return [Hash<Attribute>]
+    # @param attr [Nokogiri::XML::Element]
+    # @return [ParserUtils::Attribute]
     def attributes(attr)
+      require 'pp'
+      # pp caller_locations
+
       Attribute.new(
-          attr.attributes['index'].text,
+          attr.attributes['index'].text.to_f,
           attr.attributes['title'].text,
-          attr.attributes['ref'].text
+          attr.attributes['ref'].text,
       )
     end
 

data/lib/nipper_parser/parsers/security_audit.rb

@@ -1,5 +1,6 @@
 require 'date'
 require_relative 'parser_utils'
+
 module NipperParser
 
   # SecurityAudit parses the 'Security Audit' part including all it's sections.
@@ -96,10 +97,13 @@ module NipperParser
     )
 
     attr_reader :config, :title
+
     # @param config [Nokogiri::XML::Document]
     def initialize(config)
-      @config = config.xpath("//report/part[@ref='SECURITYAUDIT']")[0].elements
-      @title  = @config[0].elements[1].attributes['title'].text
+      part    = config.xpath("//report/part[@ref='SECURITYAUDIT']")
+      @config = part[0].elements
+      @title  = part[0].attributes['title'].text
+
       introduction
       findings
     end
@@ -107,9 +111,10 @@ module NipperParser
     # Introduction of the Security Audit report
     def introduction
       intro = @config[0]
-      index     = attributes(intro).index
-      title     = attributes(intro).title
-      reference = attributes(intro).ref.to_i
+      attribute = attributes(intro)
+      index     = attribute.index
+      title     = attribute.title
+      reference = attribute.ref
       date      = Date.parse(intro.elements[0].text).to_s
       devices   = generate_table(intro.elements[1].elements)
       security_issue_overview = {}
@@ -133,7 +138,7 @@ module NipperParser
 
       @findings = findings.map do |finding|
         Finding.new(
-            attributes(finding).index.to_f,
+            attributes(finding).index,
             attributes(finding).title,
             attributes(finding).ref,
             finding.elements[0].elements[0].elements.map(&:attributes),            # affected_devices
@@ -149,7 +154,7 @@ module NipperParser
     # Conclusions
     def conclusions
       conc = @config.search("section[@ref='SECURITY.CONCLUSIONS']")[0]
-      index     = attributes(conc).index.to_f
+      index     = attributes(conc).index
       title     = attributes(conc).title
       reference = attributes(conc).ref
       per_device = generate_table(conc.elements[1].elements)
@@ -171,7 +176,7 @@ module NipperParser
     # Recommendations
     def recommendations
       recom = @config.search("section[@ref='SECURITY.RECOMMENDATIONS']")[0]
-      index     = attributes(recom).index.to_f
+      index     = attributes(recom).index
       title     = attributes(recom).title
       reference = attributes(recom).ref
       list      = generate_table(recom.elements[1].elements)
@@ -286,7 +291,6 @@ end
 if __FILE__ == $0
   require 'nokogiri'
   require 'pp'
-  require_relative 'parser_utils'
   config = Nokogiri::XML open(ARGV[0])
   security_audit = NipperParser::SecurityAudit.new(config)
   pp security_audit.introduction.class

data/lib/nipper_parser/parsers/vulnerability_audit.rb

@@ -0,0 +1,158 @@
+module NipperParser
+
+  # VulnerabilityAudit parse the 'Vulnerability Audit' part.
+  #   Vulnerability Audit part contains the following sections:
+  #     - introduction
+  #     - CVEs
+  #     - Conclusions
+  #     - Recommendations
+  #
+  # @example Basic Usage:
+  #   require 'nokogiri'
+  #   require 'pp'
+  #   config = Nokogiri::XML open(ARGV[0])
+  #   vulnerability_audit = NipperParser::VulnerabilityAudit.new(config)
+  #   pp vulnerability_audit.class
+  #   pp vulnerability_audit.introduction
+  #   pp vulnerability_audit.introduction.excluded_devices
+  #   cve = vulnerability_audit.cves[0]
+  #   pp cve.title
+  #   pp cve.rating
+  #   pp cve.summary
+  #   pp cve.affected_devices
+  #   pp cve.vendor_sec_advisories
+  #   pp cve.references
+  #   pp nipper_parser.vulnerability_audit.conclusions
+  #   pp nipper_parser.vulnerability_audit.conclusions.list_critical
+  #   pp nipper_parser.vulnerability_audit.recommendations
+  #
+  # @param config [Nokogiri::XML] parsed XML
+  # @attr_reader title the report title
+  # @attr_reader config a parsed XML [Nokogiri::XML] object
+class VulnerabilityAudit
+    include ParserUtils
+
+    # Skeleton for SecurityAudit parts
+    Introduction = Struct.new(
+        :index, :title, :ref, :date, :devices,
+        :excluded_devices
+    )
+    CVE = Struct.new(
+        :index, :title, :ref,
+        :rating, :summary, :affected_devices,
+        :vendor_sec_advisories, :references
+    )
+    Conclusion = Struct.new(
+        :index, :title, :ref,
+        :per_device, :per_rating,
+        :list_critical, :list_high,
+        :list_medium, :list_low
+    )
+    Recommendations = Struct.new(
+        :index, :title, :ref,
+        :list
+    )
+
+    attr_reader :config, :title
+
+    # @param config [Nokogiri::XML::Document]
+    def initialize(config)
+      part    = config.xpath("//report/part[@ref='VULNAUDIT']")
+      @config = part[0].elements
+      @title  = part[0].attributes['title'].text
+    end
+
+    # Introduction of the Security Audit report
+    def introduction
+      intro = @config[0]
+      attribute = attributes(intro)
+      index     = attribute.index
+      title     = attribute.title
+      reference = attribute.ref
+      date      = Date.parse(intro.elements[0].text).to_s
+      devices   = generate_table(intro.elements[1].elements)
+      excluded  = {devices: @config[0].elements[3].elements.map(&:text),  # TODO enhance excluded results, need more excluded cases to see structure
+                   reason: @config[0].elements[2].text}
+
+      Introduction.new(
+          index, title, reference,
+          date, devices, excluded
+      )
+    end
+
+
+    def cves
+      cves = @config.to_a.clone
+      cves.shift  # pop first item, the introduction
+      cves.pop(2) # pop last 2 items, conclusion, recommendations
+
+      cves.map.with_index do |cve, i|
+        CVE.new(
+            attributes(cve).index,
+            attributes(cve).title,
+            attributes(cve).ref,
+            cve.elements[0],                                             # FIXME rating
+            cve.elements[1].elements.text,                               # summary
+            # cve.elements[2].elements[1].nil?? cve.elements[2].elements.map{|d| d.text} : cve.elements[2].elements[1].elements.map(&:text),
+            # this fix some affected devices scenario
+            if cve.elements[2].elements[1].nil?
+              cve.elements[2].elements.map{|d| d.text}
+            else
+              cve.elements[2].elements[1].elements.map(&:text)
+            end,
+            cve.elements[3].elements[1].elements.map(&:text),            # vendor_sec_advisories
+            cve.elements[4].nil?? [] : cve.elements[4].elements[1].elements.map(&:text) # references, check if no references
+        )
+      end
+    end
+
+    # Conclusions
+    def conclusions
+      conc = @config.search("section[@ref='VULNAUDIT.CONCLUSIONS']")[0]
+      attribute = attributes(conc)
+      index     = attribute.index
+      title     = attribute.title
+      reference = attribute.ref
+      per_device = generate_table(conc.elements[1].elements)
+      summary_findings = generate_table(conc.elements[3].elements)
+      per_rating = {
+          critical: summary_findings.select{|finding| finding[:rating] == 'Critical'},
+          high:     summary_findings.select{|finding| finding[:rating] == 'High'},
+          medium:   summary_findings.select{|finding| finding[:rating] == 'Medium'},
+          low:      summary_findings.select{|finding| finding[:rating] == 'Low'},
+      }
+
+      Conclusion.new(
+          index, title, reference, per_device, per_rating,
+          per_rating[:critical], per_rating[:high],
+          per_rating[:medium], per_rating[:low]
+      )
+    end
+
+    # Recommendations
+    def recommendations
+      recom = @config.search("section[@ref='VULNAUDIT.RECOMMENDATIONS']")[0]
+      attribute = attributes(recom)
+      index     = attribute.index
+      title     = attribute.title
+      reference = attribute.ref
+      list      = recom.elements[2].elements.map(&:text)
+
+      Recommendations.new(
+          index, title, reference,
+          list
+      )
+    end
+
+  end
+end
+
+
+
+if __FILE__ == $0
+  require 'nokogiri'
+  require 'pp'
+  require_relative 'parser_utils'
+
+
+end

data/lib/nipper_parser/version.rb

@@ -1,3 +1,3 @@
 module NipperParser
-  VERSION = '1.0.0'
+  VERSION = '1.2.0'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: nipper_parser
 version: !ruby/object:Gem::Version
-  version: 1.0.0
+  version: 1.2.0
 platform: ruby
 authors:
 - KING SABRI
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2017-08-09 00:00:00.000000000 Z
+date: 2017-08-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: nokogiri
@@ -71,13 +71,14 @@ files:
 - lib/nipper_parser.rb
 - lib/nipper_parser/parsers/README.md
 - lib/nipper_parser/parsers/cis_compliance.rb
+- lib/nipper_parser/parsers/filtering_complexity.rb
 - lib/nipper_parser/parsers/information.rb
 - lib/nipper_parser/parsers/parser_utils.rb
 - lib/nipper_parser/parsers/pci_audit.rb
 - lib/nipper_parser/parsers/sans_compliance.rb
 - lib/nipper_parser/parsers/security_audit.rb
 - lib/nipper_parser/parsers/stig_compliance.rb
-- lib/nipper_parser/parsers/vulnerabilty_audit.rb
+- lib/nipper_parser/parsers/vulnerability_audit.rb
 - lib/nipper_parser/version.rb
 - nipper_parser.gemspec
 homepage: https://github.com/KINGSABRI/nipper_parser

data/lib/nipper_parser/parsers/vulnerabilty_audit.rb

@@ -1,102 +0,0 @@
-module NipperParser
-
-  # VulnerabilityAudit parse the 'Vulnerability Audit' part.
-  #   Vulnerability Audit part contains the following sections:
-  #     - introduction
-  #     - CVEs
-  #     - Conclusions
-  #     - Recommendations
-  #
-  #
-  #
-  #
-  class VulnerabilityAudit
-    include ParserUtils
-
-    # Skeleton for SecurityAudit parts
-    Introduction = Struct.new(
-        :index, :title, :ref, :date, :devices,
-        :security_issue_overview, :rating
-    )
-    CVE = Struct.new(
-        :index, :title, :ref,
-        :rating, :summary, :affected_devices,
-        :vendor_sec_advisories, :references
-    )
-    Conclusion = Struct.new(
-        :index, :title, :ref,
-        :per_device, :per_rating,
-        :list_critical, :list_high,
-        :list_medium, :list_low, :list_info
-    )
-    Recommendations = Struct.new(
-        :index, :title, :ref,
-        :list
-    )
-
-    attr_reader :config, :title
-
-    def initialize(config)
-      @config = config.xpath("//report/part[@ref='VULNAUDIT']")[0].elements
-      @title  = @config[0].elements[1].attributes['title'].text
-    end
-
-    # CVEs
-    def cves
-      cves = @config.to_a.clone
-      cves.shift  # pop first item, the introduction
-      cves.pop(2) # pop last 2 item, conclusion, recommendations
-
-      cves.map do |cve|
-        CVE.new(
-            attributes(cve).index,
-            attributes(cve).title,
-            attributes(cve).ref,
-            cve.elements[0],                                            # FIXME
-            cve.elements[1].elements.text,                      # summary
-            cve.elements[2].elements[1].elements.map(&:text),   # affect_devices
-            cve.elements[3].elements[1].elements.map(&:text),   # vendor_sec_advisories
-            cve.elements[4].elements[1].elements.map(&:text),   # references
-        )
-      end
-
-    end
-
-    # Conclusions
-    def conclusions
-      conc = @config[-2]
-      index     = attributes(conc).index
-      title     = attributes(conc).title
-      reference = attributes(conc).ref
-      per_device = generate_table(conc.elements[1].elements)
-      per_rating = {
-          critical: conc.elements[3].elements.map(&:text),
-          high:     conc.elements[5].elements.map(&:text),
-          medium:   conc.elements[7].elements.map(&:text),
-          low:      conc.elements[9].elements.map(&:text),
-          info:     conc.elements[11].elements.map(&:text)
-      }
-
-      Conclusion.new(
-          index, title, reference, per_device, per_rating,
-          per_rating[:critical], per_rating[:high],
-          per_rating[:medium], per_rating[:low], per_rating[:info],
-      )
-    end
-
-    # Recommendations
-    def recommendations
-      recom = @config[-1]
-      index     = attributes(recom).index
-      title     = attributes(recom).title
-      reference = attributes(recom).ref
-      list      = generate_table(recom.elements[1].elements)
-
-      Recommendations.new(
-          index, title, reference,
-          list
-      )
-    end
-
-  end
-end