risu 1.6.3 → 1.7.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +12 -0
- data/Gemfile.ci +9 -9
- data/Gemfile.lock +118 -0
- data/LICENSE +1 -1
- data/NEWS.markdown +98 -0
- data/README.markdown +10 -3
- data/Rakefile +2 -2
- data/bin/risu +3 -3
- data/lib/risu.rb +6 -2
- data/lib/risu/base.rb +10 -3
- data/lib/risu/base/graph_template_helper.rb +71 -0
- data/lib/risu/base/host_template_helper.rb +75 -0
- data/lib/risu/base/malware_template_helper.rb +96 -0
- data/lib/risu/base/post_process_base.rb +210 -0
- data/lib/risu/base/post_process_manager.rb +120 -0
- data/lib/risu/base/schema.rb +10 -7
- data/lib/risu/base/shares_template_helper.rb +158 -0
- data/lib/risu/base/template_base.rb +12 -10
- data/lib/risu/base/template_helper.rb +105 -3
- data/lib/risu/base/template_manager.rb +16 -12
- data/lib/risu/base/templater.rb +23 -9
- data/lib/risu/cli.rb +1 -1
- data/lib/risu/cli/application.rb +23 -17
- data/lib/risu/cli/banner.rb +3 -3
- data/lib/risu/exceptions.rb +1 -1
- data/lib/risu/exceptions/invaliddocument.rb +1 -1
- data/lib/risu/models.rb +1 -1
- data/lib/risu/models/attachment.rb +3 -3
- data/lib/risu/models/familyselection.rb +3 -3
- data/lib/risu/models/host.rb +74 -9
- data/lib/risu/models/hostproperty.rb +3 -3
- data/lib/risu/models/individualpluginselection.rb +3 -3
- data/lib/risu/models/item.rb +92 -29
- data/lib/risu/models/patch.rb +3 -3
- data/lib/risu/models/plugin.rb +30 -2
- data/lib/risu/models/pluginspreference.rb +1 -1
- data/lib/risu/models/policy.rb +1 -1
- data/lib/risu/models/reference.rb +1 -1
- data/lib/risu/models/report.rb +1 -2
- data/lib/risu/models/serverpreference.rb +1 -1
- data/lib/risu/models/servicedescription.rb +3 -3
- data/lib/risu/models/version.rb +1 -1
- data/lib/risu/parsers.rb +1 -1
- data/lib/risu/parsers/nessus/nessus_document.rb +3 -3
- data/lib/risu/parsers/nessus/nessus_sax_listener.rb +23 -16
- data/lib/risu/parsers/nessus/postprocess.rb +3 -6
- data/lib/risu/parsers/nessus/postprocess/adobe_air.rb +82 -0
- data/lib/risu/parsers/nessus/postprocess/adobe_reader.rb +86 -0
- data/lib/risu/parsers/nessus/postprocess/apache.rb +67 -0
- data/lib/risu/parsers/nessus/postprocess/core_ftp.rb +52 -0
- data/lib/risu/parsers/nessus/postprocess/flash_player.rb +104 -0
- data/lib/risu/parsers/nessus/postprocess/flexnet.rb +53 -0
- data/lib/risu/parsers/nessus/postprocess/google_chrome.rb +52 -0
- data/lib/risu/parsers/nessus/postprocess/hp_system_mgt_homepage.rb +60 -0
- data/lib/risu/parsers/nessus/postprocess/java.rb +49 -198
- data/lib/risu/parsers/nessus/postprocess/openssh.rb +65 -0
- data/lib/risu/parsers/nessus/postprocess/openssl.rb +54 -0
- data/lib/risu/parsers/nessus/postprocess/oracle_database.rb +84 -0
- data/lib/risu/parsers/nessus/postprocess/php.rb +62 -0
- data/lib/risu/parsers/nessus/postprocess/post_process.rb +178 -0
- data/lib/risu/parsers/nessus/postprocess/risk_score.rb +10 -5
- data/lib/risu/parsers/nessus/postprocess/root_cause.rb +375 -0
- data/lib/risu/parsers/nessus/postprocess/servu.rb +57 -0
- data/lib/risu/parsers/nessus/postprocess/shockwave.rb +73 -0
- data/lib/risu/parsers/nessus/postprocess/windows.rb +57 -0
- data/lib/risu/parsers/nessus/postprocess/wireshark.rb +72 -0
- data/lib/risu/parsers/nexpose/nexpose_document.rb +1 -1
- data/lib/risu/parsers/nexpose/simple_nexpose.rb +1 -1
- data/lib/risu/renderers.rb +3 -1
- data/lib/risu/renderers/csvrenderer.rb +53 -0
- data/lib/risu/renderers/nilrenderer.rb +1 -1
- data/lib/risu/renderers/pdfrenderer.rb +57 -0
- data/lib/risu/templates/assets.rb +5 -4
- data/lib/risu/templates/cover_sheet.rb +4 -3
- data/lib/risu/templates/exec_summary.rb +4 -3
- data/lib/risu/templates/executive_summary_detailed.rb +9 -8
- data/lib/risu/templates/exploitablity_summary.rb +82 -0
- data/lib/risu/templates/failed_audits.rb +98 -0
- data/lib/risu/templates/finding_statistics.rb +2 -1
- data/lib/risu/templates/findings_host.rb +20 -22
- data/lib/risu/templates/findings_summary.rb +11 -9
- data/lib/risu/templates/findings_summary_with_pluginid.rb +31 -85
- data/lib/risu/templates/graphs.rb +9 -10
- data/lib/risu/templates/host_findings_csv.rb +67 -0
- data/lib/risu/templates/host_summary.rb +2 -1
- data/lib/risu/templates/malicious_process_detection.rb +2 -1
- data/lib/risu/templates/missing_root_causes.rb +162 -0
- data/lib/risu/templates/ms_patch_summary.rb +3 -2
- data/lib/risu/templates/ms_update_summary.rb +5 -4
- data/lib/risu/templates/ms_wsus_findings.rb +5 -4
- data/lib/risu/templates/notable.rb +7 -11
- data/lib/risu/templates/notable_detailed.rb +7 -4
- data/lib/risu/templates/pci_compliance.rb +5 -4
- data/lib/risu/templates/stig_findings_summary.rb +5 -4
- data/lib/risu/templates/talking_points.rb +164 -0
- data/lib/risu/templates/technical_findings.rb +8 -4
- data/lib/risu/templates/template.rb +3 -2
- data/lib/risu/templates/top_25.rb +115 -0
- data/risu.gemspec +16 -15
- metadata +142 -77
@@ -0,0 +1,67 @@
|
|
1
|
+
# Copyright (c) 2010-2014 Arxopia LLC.
|
2
|
+
# All rights reserved.
|
3
|
+
#
|
4
|
+
# Redistribution and use in source and binary forms, with or without
|
5
|
+
# modification, are permitted provided that the following conditions are met:
|
6
|
+
#
|
7
|
+
# * Redistributions of source code must retain the above copyright
|
8
|
+
# notice, this list of conditions and the following disclaimer.
|
9
|
+
# * Redistributions in binary form must reproduce the above copyright
|
10
|
+
# notice, this list of conditions and the following disclaimer in the
|
11
|
+
# documentation and/or other materials provided with the distribution.
|
12
|
+
# * Neither the name of the Arxopia LLC nor the names of its contributors
|
13
|
+
# may be used to endorse or promote products derived from this software
|
14
|
+
# without specific prior written permission.
|
15
|
+
#
|
16
|
+
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
|
17
|
+
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
18
|
+
# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
19
|
+
# DISCLAIMED. IN NO EVENT SHALL ARXOPIA LLC BE LIABLE FOR ANY DIRECT, INDIRECT,
|
20
|
+
# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
21
|
+
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
|
22
|
+
# OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
23
|
+
# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
24
|
+
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
+
# OF THE POSSIBILITY OF SUCH DAMAGE.
|
26
|
+
|
27
|
+
module Risu
|
28
|
+
module Templates
|
29
|
+
class HostFindingsCSV < Risu::Base::TemplateBase
|
30
|
+
|
31
|
+
#
|
32
|
+
#
|
33
|
+
def initialize ()
|
34
|
+
@template_info =
|
35
|
+
{
|
36
|
+
:name => "host_findings_csv",
|
37
|
+
:author => "hammackj",
|
38
|
+
:version => "0.0.1",
|
39
|
+
:renderer => "CSV",
|
40
|
+
:description => "Generates a findings report by host and outputs to CSV"
|
41
|
+
|
42
|
+
}
|
43
|
+
end
|
44
|
+
|
45
|
+
# Writes out a CSV block for the risks passed.
|
46
|
+
# @param risks, A query from the Plugin model of the risks
|
47
|
+
#
|
48
|
+
def csv risks
|
49
|
+
risks.order(:cvss_base_score).each do |plugin|
|
50
|
+
items = Item.where(:plugin_id => plugin.id)
|
51
|
+
|
52
|
+
items.each do |item|
|
53
|
+
host = Host.where(:id => item.host_id).first
|
54
|
+
|
55
|
+
@output.text "#{host.ip}, #{item.plugin_name}, #{plugin.risk_factor}"
|
56
|
+
end
|
57
|
+
end
|
58
|
+
end
|
59
|
+
|
60
|
+
#
|
61
|
+
#
|
62
|
+
def render(output)
|
63
|
+
csv Plugin.critical_risks
|
64
|
+
end
|
65
|
+
end
|
66
|
+
end
|
67
|
+
end
|
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2010-
|
1
|
+
# Copyright (c) 2010-2014 Arxopia LLC.
|
2
2
|
# All rights reserved.
|
3
3
|
#
|
4
4
|
# Redistribution and use in source and binary forms, with or without
|
@@ -36,6 +36,7 @@ module Risu
|
|
36
36
|
:name => "host_summary",
|
37
37
|
:author => "hammackj",
|
38
38
|
:version => "0.0.3",
|
39
|
+
:renderer => "PDF",
|
39
40
|
:description => "Generates a Host Summary Report"
|
40
41
|
}
|
41
42
|
end
|
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2010-
|
1
|
+
# Copyright (c) 2010-2014 Arxopia LLC.
|
2
2
|
# All rights reserved.
|
3
3
|
#
|
4
4
|
# Redistribution and use in source and binary forms, with or without
|
@@ -35,6 +35,7 @@ module Risu
|
|
35
35
|
:name => "malicious_process_detection",
|
36
36
|
:author => "hammackj",
|
37
37
|
:version => "0.0.1",
|
38
|
+
:renderer => "PDF",
|
38
39
|
:description => "Generates a Malicious Process Detection Report"
|
39
40
|
}
|
40
41
|
end
|
@@ -0,0 +1,162 @@
|
|
1
|
+
# Copyright (c) 2010-2014 Arxopia LLC.
|
2
|
+
# All rights reserved.
|
3
|
+
#
|
4
|
+
# Redistribution and use in source and binary forms, with or without
|
5
|
+
# modification, are permitted provided that the following conditions are met:
|
6
|
+
#
|
7
|
+
# * Redistributions of source code must retain the above copyright
|
8
|
+
# notice, this list of conditions and the following disclaimer.
|
9
|
+
# * Redistributions in binary form must reproduce the above copyright
|
10
|
+
# notice, this list of conditions and the following disclaimer in the
|
11
|
+
# documentation and/or other materials provided with the distribution.
|
12
|
+
# * Neither the name of the Arxopia LLC nor the names of its contributors
|
13
|
+
# may be used to endorse or promote products derived from this software
|
14
|
+
# without specific prior written permission.
|
15
|
+
#
|
16
|
+
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
|
17
|
+
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
18
|
+
# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
19
|
+
# DISCLAIMED. IN NO EVENT SHALL ARXOPIA LLC BE LIABLE FOR ANY DIRECT, INDIRECT,
|
20
|
+
# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
21
|
+
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
|
22
|
+
# OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
23
|
+
# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
24
|
+
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
+
# OF THE POSSIBILITY OF SUCH DAMAGE.
|
26
|
+
|
27
|
+
module Risu
|
28
|
+
module Templates
|
29
|
+
class MissingRootCauses < Risu::Base::TemplateBase
|
30
|
+
|
31
|
+
#
|
32
|
+
#
|
33
|
+
def initialize ()
|
34
|
+
@template_info =
|
35
|
+
{
|
36
|
+
:name => "missing_root_causes",
|
37
|
+
:author => "hammackj",
|
38
|
+
:version => "0.0.1",
|
39
|
+
:renderer => "PDF",
|
40
|
+
:description => "Generates a Report of all the findings without a root cause"
|
41
|
+
}
|
42
|
+
end
|
43
|
+
|
44
|
+
#
|
45
|
+
#
|
46
|
+
def render(output)
|
47
|
+
output.text Report.classification.upcase, :align => :center
|
48
|
+
output.text "\n"
|
49
|
+
|
50
|
+
output.font_size(22) do
|
51
|
+
output.text Report.title, :align => :center
|
52
|
+
end
|
53
|
+
|
54
|
+
output.font_size(18) do
|
55
|
+
output.text "Missing Root Causes Report", :align => :center
|
56
|
+
output.text "\n"
|
57
|
+
output.text "This report was prepared by\n#{Report.author}", :align => :center
|
58
|
+
end
|
59
|
+
|
60
|
+
output.text "\n\n\n"
|
61
|
+
|
62
|
+
output.font_size(20) {
|
63
|
+
output.fill_color "9B30FF"
|
64
|
+
output.text "Critical Findings", :style => :bold
|
65
|
+
output.fill_color "000000"
|
66
|
+
}
|
67
|
+
|
68
|
+
Item.critical_risks_unique_sorted.each do |item|
|
69
|
+
plugin = Plugin.find_by_id(item.plugin_id)
|
70
|
+
name = Plugin.find_by_id(item.plugin_id).plugin_name
|
71
|
+
count = Item.where(:plugin_id => item.plugin_id).count
|
72
|
+
|
73
|
+
if plugin.root_cause != nil
|
74
|
+
next
|
75
|
+
end
|
76
|
+
|
77
|
+
output.text "#{count} - #{name} - #{item.plugin_id}"
|
78
|
+
end
|
79
|
+
|
80
|
+
output.start_new_page
|
81
|
+
|
82
|
+
output.font_size(20) do
|
83
|
+
output.fill_color "FF0000"
|
84
|
+
output.text "High Findings", :style => :bold
|
85
|
+
output.fill_color "000000"
|
86
|
+
end
|
87
|
+
|
88
|
+
Item.high_risks_unique_sorted.each do |item|
|
89
|
+
plugin = Plugin.find_by_id(item.plugin_id)
|
90
|
+
name = Plugin.find_by_id(item.plugin_id).plugin_name
|
91
|
+
count = Item.where(:plugin_id => item.plugin_id).count
|
92
|
+
|
93
|
+
if plugin.root_cause != nil
|
94
|
+
next
|
95
|
+
end
|
96
|
+
|
97
|
+
output.text "#{count} - #{name} - #{item.plugin_id}"
|
98
|
+
end
|
99
|
+
|
100
|
+
output.start_new_page
|
101
|
+
|
102
|
+
output.font_size(20) {
|
103
|
+
output.fill_color "FF8040"
|
104
|
+
output.text "Medium Findings", :style => :bold
|
105
|
+
output.fill_color "000000"
|
106
|
+
}
|
107
|
+
|
108
|
+
Item.medium_risks_unique_sorted.each do |item|
|
109
|
+
plugin = Plugin.find_by_id(item.plugin_id)
|
110
|
+
name = Plugin.find_by_id(item.plugin_id).plugin_name
|
111
|
+
count = Item.where(:plugin_id => item.plugin_id).count
|
112
|
+
|
113
|
+
if plugin.root_cause != nil
|
114
|
+
next
|
115
|
+
end
|
116
|
+
|
117
|
+
output.text "#{count} - #{name} - #{item.plugin_id}"
|
118
|
+
end
|
119
|
+
|
120
|
+
output.start_new_page
|
121
|
+
|
122
|
+
output.font_size(20) {
|
123
|
+
output.fill_color "0000FF"
|
124
|
+
output.text "Low Findings", :style => :bold
|
125
|
+
output.fill_color "000000"
|
126
|
+
}
|
127
|
+
|
128
|
+
Item.low_risks_unique_sorted.each do |item|
|
129
|
+
plugin = Plugin.find_by_id(item.plugin_id)
|
130
|
+
name = Plugin.find_by_id(item.plugin_id).plugin_name
|
131
|
+
count = Item.where(:plugin_id => item.plugin_id).count
|
132
|
+
|
133
|
+
if plugin.root_cause != nil
|
134
|
+
next
|
135
|
+
end
|
136
|
+
|
137
|
+
output.text "#{count} - #{name} - #{item.plugin_id}"
|
138
|
+
end
|
139
|
+
|
140
|
+
output.start_new_page
|
141
|
+
|
142
|
+
output.font_size(20) {
|
143
|
+
output.fill_color "008000"
|
144
|
+
output.text "Info Findings", :style => :bold
|
145
|
+
output.fill_color "000000"
|
146
|
+
}
|
147
|
+
|
148
|
+
Item.info_risks_unique_sorted.each do |item|
|
149
|
+
plugin = Plugin.find_by_id(item.plugin_id)
|
150
|
+
name = Plugin.find_by_id(item.plugin_id).plugin_name
|
151
|
+
count = Item.where(:plugin_id => item.plugin_id).count
|
152
|
+
|
153
|
+
if plugin.root_cause != nil
|
154
|
+
next
|
155
|
+
end
|
156
|
+
|
157
|
+
output.text "#{count} - #{name} - #{item.plugin_id}"
|
158
|
+
end
|
159
|
+
end
|
160
|
+
end
|
161
|
+
end
|
162
|
+
end
|
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2010-
|
1
|
+
# Copyright (c) 2010-2014 Arxopia LLC.
|
2
2
|
# All rights reserved.
|
3
3
|
#
|
4
4
|
# Redistribution and use in source and binary forms, with or without
|
@@ -34,7 +34,8 @@ module Risu
|
|
34
34
|
{
|
35
35
|
:name => "ms_patch_summary",
|
36
36
|
:author => "hammackj",
|
37
|
-
:version => "0.0.
|
37
|
+
:version => "0.0.2",
|
38
|
+
:renderer => "PDF",
|
38
39
|
:description => "Generates a Microsoft Patch Summary Report"
|
39
40
|
}
|
40
41
|
end
|
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2010-
|
1
|
+
# Copyright (c) 2010-2014 Arxopia LLC.
|
2
2
|
# All rights reserved.
|
3
3
|
#
|
4
4
|
# Redistribution and use in source and binary forms, with or without
|
@@ -21,8 +21,8 @@
|
|
21
21
|
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
|
22
22
|
# OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
23
23
|
# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
24
|
-
#OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
-
#OF THE POSSIBILITY OF SUCH DAMAGE.
|
24
|
+
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
+
# OF THE POSSIBILITY OF SUCH DAMAGE.
|
26
26
|
|
27
27
|
module Risu
|
28
28
|
module Templates
|
@@ -35,7 +35,8 @@ module Risu
|
|
35
35
|
{
|
36
36
|
:name => "ms_update_summary",
|
37
37
|
:author => "hammackj",
|
38
|
-
:version => "0.0.
|
38
|
+
:version => "0.0.2",
|
39
|
+
:renderer => "PDF",
|
39
40
|
:description => "Generates a Microsoft Update Summary Report"
|
40
41
|
}
|
41
42
|
end
|
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2010-
|
1
|
+
# Copyright (c) 2010-2014 Arxopia LLC.
|
2
2
|
# All rights reserved.
|
3
3
|
#
|
4
4
|
# Redistribution and use in source and binary forms, with or without
|
@@ -21,8 +21,8 @@
|
|
21
21
|
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
|
22
22
|
# OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
23
23
|
# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
24
|
-
#OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
-
#OF THE POSSIBILITY OF SUCH DAMAGE.
|
24
|
+
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
+
# OF THE POSSIBILITY OF SUCH DAMAGE.
|
26
26
|
|
27
27
|
module Risu
|
28
28
|
module Templates
|
@@ -35,7 +35,8 @@ module Risu
|
|
35
35
|
{
|
36
36
|
:name => "ms_wsus_findings",
|
37
37
|
:author => "hammackj",
|
38
|
-
:version => "0.0.
|
38
|
+
:version => "0.0.2",
|
39
|
+
:renderer => "PDF",
|
39
40
|
:description => "Generates a report based on the findings of the Patch Management: WSUS Report plugin"
|
40
41
|
}
|
41
42
|
end
|
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2010-
|
1
|
+
# Copyright (c) 2010-2014 Arxopia LLC.
|
2
2
|
# All rights reserved.
|
3
3
|
#
|
4
4
|
# Redistribution and use in source and binary forms, with or without
|
@@ -21,8 +21,8 @@
|
|
21
21
|
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
|
22
22
|
# OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
23
23
|
# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
24
|
-
#OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
-
#OF THE POSSIBILITY OF SUCH DAMAGE.
|
24
|
+
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
+
# OF THE POSSIBILITY OF SUCH DAMAGE.
|
26
26
|
|
27
27
|
module Risu
|
28
28
|
module Templates
|
@@ -35,22 +35,19 @@ module Risu
|
|
35
35
|
{
|
36
36
|
:name => "notable",
|
37
37
|
:author => "hammackj",
|
38
|
-
:version => "0.0.
|
38
|
+
:version => "0.0.4",
|
39
|
+
:renderer => "PDF",
|
39
40
|
:description => "Notable Vulnerabilities"
|
40
41
|
}
|
41
42
|
end
|
42
43
|
|
43
44
|
# Renders a Notable Findings Report
|
44
45
|
def render(output)
|
45
|
-
|
46
|
-
output.text "\n"
|
46
|
+
report_classification
|
47
47
|
|
48
48
|
report_title Report.title
|
49
49
|
report_subtitle "Notable Vulnerabilities"
|
50
|
-
|
51
|
-
output.font_size(14) do
|
52
|
-
output.text "This report was prepared by\n#{Report.author}", :align => :center
|
53
|
-
end
|
50
|
+
report_author "This report was prepared by\n#{Report.author}"
|
54
51
|
|
55
52
|
output.text "\n\n\n"
|
56
53
|
|
@@ -59,7 +56,6 @@ module Risu
|
|
59
56
|
output.text "\n"
|
60
57
|
|
61
58
|
Item.top_10_table(output)
|
62
|
-
|
63
59
|
end
|
64
60
|
end
|
65
61
|
end
|
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2010-
|
1
|
+
# Copyright (c) 2010-2014 Arxopia LLC.
|
2
2
|
# All rights reserved.
|
3
3
|
#
|
4
4
|
# Redistribution and use in source and binary forms, with or without
|
@@ -21,8 +21,8 @@
|
|
21
21
|
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
|
22
22
|
# OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
23
23
|
# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
24
|
-
#OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
-
#OF THE POSSIBILITY OF SUCH DAMAGE.
|
24
|
+
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
+
# OF THE POSSIBILITY OF SUCH DAMAGE.
|
26
26
|
|
27
27
|
module Risu
|
28
28
|
module Templates
|
@@ -35,7 +35,8 @@ module Risu
|
|
35
35
|
{
|
36
36
|
:name => "notable_detailed",
|
37
37
|
:author => "hammackj",
|
38
|
-
:version => "0.0.
|
38
|
+
:version => "0.0.6",
|
39
|
+
:renderer => "PDF",
|
39
40
|
:description => "Notable Vulnerabilities Detailed"
|
40
41
|
}
|
41
42
|
end
|
@@ -134,6 +135,8 @@ module Risu
|
|
134
135
|
@output.text "<b>nessus_plugin</b>: http://www.tenablesecurity.com/plugins/index.php?view=single&id=#{plugin_id}", :inline_format => true
|
135
136
|
end
|
136
137
|
|
138
|
+
|
139
|
+
|
137
140
|
@output.text "\n"
|
138
141
|
counter += 1
|
139
142
|
end
|
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2010-
|
1
|
+
# Copyright (c) 2010-2014 Arxopia LLC.
|
2
2
|
# All rights reserved.
|
3
3
|
#
|
4
4
|
# Redistribution and use in source and binary forms, with or without
|
@@ -21,8 +21,8 @@
|
|
21
21
|
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
|
22
22
|
# OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
23
23
|
# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
24
|
-
#OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
-
#OF THE POSSIBILITY OF SUCH DAMAGE.
|
24
|
+
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
+
# OF THE POSSIBILITY OF SUCH DAMAGE.
|
26
26
|
|
27
27
|
module Risu
|
28
28
|
module Templates
|
@@ -34,7 +34,8 @@ module Risu
|
|
34
34
|
{
|
35
35
|
:name => "pci_compliance",
|
36
36
|
:author => "hammackj",
|
37
|
-
:version => "0.0.
|
37
|
+
:version => "0.0.6",
|
38
|
+
:renderer => "PDF",
|
38
39
|
:description => "Generates a PCI Compliance Overview Report"
|
39
40
|
}
|
40
41
|
end
|
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2010-
|
1
|
+
# Copyright (c) 2010-2014 Arxopia LLC.
|
2
2
|
# All rights reserved.
|
3
3
|
#
|
4
4
|
# Redistribution and use in source and binary forms, with or without
|
@@ -21,8 +21,8 @@
|
|
21
21
|
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
|
22
22
|
# OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
23
23
|
# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
24
|
-
#OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
-
#OF THE POSSIBILITY OF SUCH DAMAGE.
|
24
|
+
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
+
# OF THE POSSIBILITY OF SUCH DAMAGE.
|
26
26
|
|
27
27
|
module Risu
|
28
28
|
module Templates
|
@@ -34,7 +34,8 @@ module Risu
|
|
34
34
|
{
|
35
35
|
:name => "stig_findings_summary",
|
36
36
|
:author => "hammackj",
|
37
|
-
:version => "0.0.
|
37
|
+
:version => "0.0.5",
|
38
|
+
:renderer => "PDF",
|
38
39
|
:description => "DISA Stig findings summary report"
|
39
40
|
}
|
40
41
|
|