risu 1.5.0 → 1.5.1
Sign up to get free protection for your applications and to get access to all the features.
- data/Gemfile.ci +2 -5
- data/KNOWNISSUES.markdown +12 -11
- data/LICENSE +11 -11
- data/NEWS.markdown +43 -8
- data/README.markdown +36 -32
- data/Rakefile +29 -9
- data/TODO.markdown +150 -77
- data/bin/risu +26 -0
- data/lib/risu.rb +27 -1
- data/lib/risu/base.rb +26 -0
- data/lib/risu/base/prawn_templater.rb +36 -8
- data/lib/risu/base/schema.rb +199 -163
- data/lib/risu/base/template_base.rb +34 -7
- data/lib/risu/base/template_manager.rb +37 -37
- data/lib/risu/base/templater.rb +36 -9
- data/lib/risu/cli.rb +26 -0
- data/lib/risu/cli/application.rb +72 -39
- data/lib/risu/cli/banner.rb +47 -21
- data/lib/risu/exceptions.rb +26 -0
- data/lib/risu/exceptions/invaliddocument.rb +30 -1
- data/lib/risu/models.rb +26 -0
- data/lib/risu/models/familyselection.rb +28 -2
- data/lib/risu/models/host.rb +59 -2
- data/lib/risu/models/individualpluginselection.rb +26 -1
- data/lib/risu/models/item.rb +132 -79
- data/lib/risu/models/patch.rb +26 -1
- data/lib/risu/models/plugin.rb +28 -2
- data/lib/risu/models/pluginspreference.rb +26 -2
- data/lib/risu/models/policy.rb +27 -2
- data/lib/risu/models/reference.rb +81 -20
- data/lib/risu/models/report.rb +33 -8
- data/lib/risu/models/serverpreference.rb +26 -1
- data/lib/risu/models/servicedescription.rb +26 -1
- data/lib/risu/models/version.rb +26 -1
- data/lib/risu/parsers.rb +29 -0
- data/lib/risu/parsers/nessus/nessus_document.rb +47 -14
- data/lib/risu/parsers/nessus/nessus_sax_listener.rb +45 -16
- data/lib/risu/parsers/nexpose/nexpose_document.rb +91 -0
- data/lib/risu/parsers/nexpose/simple_nexpose.rb +108 -0
- data/lib/risu/renderers.rb +26 -0
- data/lib/risu/renderers/nilrenderer.rb +30 -4
- data/lib/risu/templates/assets.rb +36 -10
- data/lib/risu/templates/cover_sheet.rb +34 -8
- data/lib/risu/templates/exec_summary.rb +45 -19
- data/lib/risu/templates/executive_summary.rb +37 -11
- data/lib/risu/templates/finding_statistics.rb +33 -7
- data/lib/risu/templates/findings_host.rb +44 -18
- data/lib/risu/templates/findings_summary.rb +43 -17
- data/lib/risu/templates/findings_summary_with_pluginid.rb +60 -18
- data/lib/risu/templates/graphs.rb +30 -0
- data/lib/risu/templates/host_summary.rb +34 -8
- data/lib/risu/templates/ms_patch_summary.rb +35 -9
- data/lib/risu/templates/ms_update_summary.rb +34 -8
- data/lib/risu/templates/ms_wsus_findings.rb +99 -0
- data/lib/risu/templates/notable.rb +39 -13
- data/lib/risu/templates/notable_detailed.rb +42 -16
- data/lib/risu/templates/pci_compliance.rb +40 -14
- data/lib/risu/templates/stig_findings_summary.rb +62 -36
- data/lib/risu/templates/technical_findings.rb +29 -3
- data/lib/risu/templates/template.rb +35 -9
- data/risu.gemspec +28 -7
- metadata +94 -101
data/Gemfile.ci
CHANGED
data/KNOWNISSUES.markdown
CHANGED
@@ -3,7 +3,7 @@
|
|
3
3
|
## RMagick Breaks on ImageMagick Updates
|
4
4
|
The easy way to fix this is to just reinstall RMagick, like below:
|
5
5
|
|
6
|
-
[hammackj@taco:~/Projects/public/risu]$ risu
|
6
|
+
[hammackj@taco:~/Projects/public/risu]$ risu
|
7
7
|
/Library/Ruby/Gems/1.8/gems/rmagick-2.13.1/lib/RMagick2.bundle: This installation of RMagick was configured with ImageMagick 6.6.5 but ImageMagick 6.6.7-0 is in use. (RuntimeError)
|
8
8
|
from /Library/Ruby/Site/1.8/rubygems/custom_require.rb:29:in `require'
|
9
9
|
from /Library/Ruby/Gems/1.8/gems/rmagick-2.13.1/lib/RMagick.rb:11
|
@@ -23,28 +23,29 @@ The easy way to fix this is to just reinstall RMagick, like below:
|
|
23
23
|
from ./bin/risu:22
|
24
24
|
|
25
25
|
[hammackj@taco:~/Projects/public/risu]$ sudo gem install rmagick
|
26
|
-
|
26
|
+
|
27
27
|
## Mac OSX Native Dependencies
|
28
28
|
The gems for mysql and rmagick will fail to build if these are not installed.
|
29
29
|
|
30
|
-
|
30
|
+
###Mac Ports
|
31
|
+
% sudo port install sqlite3 ImageMagick mysql5
|
32
|
+
% gem install sqlite3
|
33
|
+
|
34
|
+
###Brew
|
35
|
+
% brew install sqlite3 ImageMagick mysql5
|
31
36
|
|
32
37
|
## Linux Native Dependencies
|
33
38
|
|
34
39
|
### Ubuntu 10.10
|
35
|
-
sudo apt-get install ruby1.8-dev libzip1 libzip-dev libxml2-dev libxml2 libmysqlclient-dev imagemagick libmagickwand3 libmagick9-dev
|
36
|
-
|
40
|
+
% sudo apt-get install ruby1.8-dev libzip1 libzip-dev libxml2-dev libxml2 libmysqlclient-dev imagemagick libmagickwand3 libmagick9-dev sqlite3 libsqlite3-dev
|
41
|
+
% gem install sqlite3
|
37
42
|
### Backtrack
|
38
43
|
sudo apt-get install ruby1.8-dev libzip1 libzip-dev libxml2-dev libxml2 libmysqlclient-dev imagemagick libmagickwand3 libmagick9-dev
|
39
44
|
|
45
|
+
|
40
46
|
## Sqlite
|
41
47
|
|
42
48
|
Sqlite is a great database to use as a light weight solution. I use Sqlite for all of my assessments. Setting it up on various platforms can be tricky, so here are some examples for what is required to set it up.
|
43
49
|
|
44
|
-
### Ubuntu 10.10
|
45
|
-
sudo apt-get install sqlite3 libsqlite3-dev
|
46
|
-
gem install sqlite3
|
47
50
|
|
48
|
-
|
49
|
-
sudo port install sqlite3
|
50
|
-
gem install sqlite3
|
51
|
+
|
data/LICENSE
CHANGED
@@ -1,4 +1,4 @@
|
|
1
|
-
Copyright (c) 2010-2012
|
1
|
+
Copyright (c) 2010-2012 Arxopia LLC.
|
2
2
|
All rights reserved.
|
3
3
|
|
4
4
|
Redistribution and use in source and binary forms, with or without
|
@@ -9,17 +9,17 @@ modification, are permitted provided that the following conditions are met:
|
|
9
9
|
* Redistributions in binary form must reproduce the above copyright
|
10
10
|
notice, this list of conditions and the following disclaimer in the
|
11
11
|
documentation and/or other materials provided with the distribution.
|
12
|
-
* Neither the name of the
|
13
|
-
|
14
|
-
|
12
|
+
* Neither the name of the Arxopia LLC nor the names of its contributors
|
13
|
+
may be used to endorse or promote products derived from this software
|
14
|
+
without specific prior written permission.
|
15
15
|
|
16
16
|
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
|
17
17
|
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
18
18
|
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
19
|
-
DISCLAIMED. IN NO EVENT SHALL
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
19
|
+
DISCLAIMED. IN NO EVENT SHALL ARXOPIA LLC BE LIABLE FOR ANY DIRECT, INDIRECT,
|
20
|
+
INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
21
|
+
LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
|
22
|
+
OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
23
|
+
LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
24
|
+
OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
+
OF THE POSSIBILITY OF SUCH DAMAGE.
|
data/NEWS.markdown
CHANGED
@@ -1,5 +1,40 @@
|
|
1
1
|
# News
|
2
2
|
|
3
|
+
#1.5.1 (August 1, 2012)
|
4
|
+
- Host Model
|
5
|
+
- top_n_vulnerable(n)
|
6
|
+
- risks_by_host(n); updated the query critical instead of high
|
7
|
+
- Item Model
|
8
|
+
- adjective_for_risk_text
|
9
|
+
- risk_text
|
10
|
+
- calculate_vulnerable_host_percent
|
11
|
+
- References Model
|
12
|
+
- added iavb method
|
13
|
+
- added iavt method
|
14
|
+
- added cisco_sa method
|
15
|
+
- added cisco_bug_id method
|
16
|
+
- added cisco_sr method
|
17
|
+
- added ics_alert method
|
18
|
+
- Lots of unit tests added along with travis-ci
|
19
|
+
- Fixed a divided by zero bug on all graphs related to Gruff on Ruby 1.9.3
|
20
|
+
- New Tags
|
21
|
+
- pcidss_backup_files added to the Host Model
|
22
|
+
- iavb added as a reference
|
23
|
+
- iavt added as a reference
|
24
|
+
- cisco-sa as a reference
|
25
|
+
- cisco-bug-id as a reference
|
26
|
+
- ics-alert as a reference
|
27
|
+
- cisco)sr as a reference
|
28
|
+
- always_run added to the Item Model (Related to a Registry Svc Check)
|
29
|
+
- Spell-checked all of the templates and fixed some spelling issues
|
30
|
+
- Added a template for the WSUS Patch Management Report Nessus Plugin ID: 58133
|
31
|
+
- In the -v, --version option displays the version of ruby and the version of rubygems
|
32
|
+
- Thank you to everyone that has submitted new tags/bug reports/etc
|
33
|
+
- Also Thank you for all the kind words related to the tool also.
|
34
|
+
- Known Issues
|
35
|
+
- Sqlite3 is really slow when parsing, This seems to be a known Sqlite issue.
|
36
|
+
I recommend using Mysql for the time being as the default database.
|
37
|
+
|
3
38
|
#1.5.0 (February 20, 2012)
|
4
39
|
- Updated the Item model to be compatible with Nessus 5.0
|
5
40
|
- Added critical_risks()
|
@@ -78,7 +113,7 @@ You can access it via `Host.first.patches` or `Patch.all`
|
|
78
113
|
- Please report any missing tags that risu outputs to jacob[dot]hammackj[@]hammackj[.]com, I expect a ton of Microsoft Patch tags missing
|
79
114
|
|
80
115
|
#1.4.7 (August 13, 2011)
|
81
|
-
- Fixed issue #39 Ruby 1.8.7 Syntax error reported by mlpotgieter
|
116
|
+
- Fixed issue #39 Ruby 1.8.7 Syntax error reported by mlpotgieter
|
82
117
|
- Ruby 1.8.7 will no longer be supported in v1.5, please upgrade your ruby installs.
|
83
118
|
|
84
119
|
#1.4.6 (July 12, 2011)
|
@@ -123,7 +158,7 @@ You can access it via `Host.first.patches` or `Patch.all`
|
|
123
158
|
- New HostProperties attribute: pcidss:medium_risk_flaw
|
124
159
|
- New HostProperties attribute: pcidss:reachable_db
|
125
160
|
- New HostProperties attribute: pcidss:www:xss
|
126
|
-
- Added more unit tests 91.7% code coverage for testing at the moment. Not including templates.
|
161
|
+
- Added more unit tests 91.7% code coverage for testing at the moment. Not including templates.
|
127
162
|
|
128
163
|
#1.4.2 (May 13, 2011)
|
129
164
|
|
@@ -176,7 +211,7 @@ You can access it via `Host.first.patches` or `Patch.all`
|
|
176
211
|
|
177
212
|
# 1.2.0 (February 13, 2011)
|
178
213
|
**This update breaks all existing templates, included templates are updated**
|
179
|
-
|
214
|
+
|
180
215
|
- Preformed tons code clean up
|
181
216
|
- Fixed a ton of typos
|
182
217
|
- Removed the Findings class, please use the named scopes on each ActiveRecord object now
|
@@ -191,10 +226,10 @@ You can access it via `Host.first.patches` or `Patch.all`
|
|
191
226
|
- Added a simple PCI/DSS compliance report template (Requires Nessus Professional Feed for the plugin)
|
192
227
|
- Updated the parser to take into account the new fields
|
193
228
|
- HostProperties attribute: pci-dss-compliance
|
194
|
-
- New XML element: exploitability_ease.
|
229
|
+
- New XML element: exploitability_ease.
|
195
230
|
- New XML element: cvss_temporal_vector.
|
196
231
|
- New XML element: exploit_framework_core.
|
197
|
-
- New XML element: cvss_temporal_score.
|
232
|
+
- New XML element: cvss_temporal_score.
|
198
233
|
- New XML element: exploit_available.
|
199
234
|
- New XML element: exploit_framework_metasploit.
|
200
235
|
- New XML element: metasploit_name
|
@@ -202,17 +237,17 @@ You can access it via `Host.first.patches` or `Patch.all`
|
|
202
237
|
- New XML element: canvas_package
|
203
238
|
- Updated technical findings template to account for the new exploitability values
|
204
239
|
- Fixed a bug with the way I was blacklisting the scan box
|
205
|
-
|
240
|
+
|
206
241
|
# 1.0.0 (October 8, 2010)
|
207
242
|
- Cleaned up more code
|
208
243
|
- Fixed a Mysql error for when the tables do not exist.
|
209
|
-
|
244
|
+
|
210
245
|
# 0.6.6 (October 4, 2010)
|
211
246
|
- Moved to prawn for pdf output
|
212
247
|
- added templates for the new prawn output
|
213
248
|
- added checks to warn when there are new xml tags
|
214
249
|
- moved everything into the risu executable
|
215
250
|
- cleaned up the code
|
216
|
-
|
251
|
+
|
217
252
|
# 0.6.5 (August 15, 2010)
|
218
253
|
- Initial public release
|
data/README.markdown
CHANGED
@@ -1,20 +1,20 @@
|
|
1
1
|
# risu
|
2
2
|
|
3
|
-
Risu is [Nessus](http://www.nessus.org) parser, that converts the generated reports into a
|
3
|
+
Risu is [Nessus](http://www.nessus.org) parser, that converts the generated reports into a [ActiveRecord](http://api.rubyonrails.org/classes/ActiveRecord/Base.html) database, this allows for easy report generation and vulnerability verification.
|
4
4
|
|
5
|
-
Version 1.5.
|
5
|
+
Version **1.5.1** is the current release.
|
6
6
|
|
7
7
|
## Requirements
|
8
8
|
|
9
9
|
### Ruby
|
10
|
-
Risu has been tested with ruby-1.8.7-p334, ruby-1.9.
|
10
|
+
Risu has been tested with ruby-1.8.7-p334, ruby-1.9.2-p180, ruby-1.9.3-p125. Please try to use one of these versions if possible. I recommend using RVM to setup your ruby environment you can get it [here](https://rvm.beginrescueend.com/).
|
11
11
|
|
12
12
|
### RubyGems
|
13
13
|
Risu relies heavily on [RubyGems](http://rubygems.org/) to install other dependencies I highly recommend using it. RubyGems is included by default in the 1.9.x versions of [Ruby](http://ruby-lang.org/).
|
14
14
|
|
15
15
|
- libxml
|
16
16
|
- rails
|
17
|
-
- yaml
|
17
|
+
- yaml
|
18
18
|
- logger
|
19
19
|
- rmagick
|
20
20
|
- gruff
|
@@ -25,11 +25,11 @@ Risu relies heavily on [RubyGems](http://rubygems.org/) to install other depende
|
|
25
25
|
|
26
26
|
These are all available through [RubyGems](http://rubygems.org/). The should be installed automatically when you install risu, If not this command will install them all:
|
27
27
|
|
28
|
-
% gem install rmagick gruff prawn
|
29
|
-
|
28
|
+
% gem install rmagick gruff prawn yard mysql libxml-ruby rails sqlite3 logger yaml
|
29
|
+
|
30
30
|
**You my need sudo/root access depending on your system setup**
|
31
31
|
|
32
|
-
Any database that ActiveRecord supports should work. Risu has been tested with [MySQL](http://www.mysql.com/) and [SQLite3](http://sqlite.org/).
|
32
|
+
Any database that ActiveRecord supports should work. Risu has been tested with [MySQL](http://www.mysql.com/) and [SQLite3](http://sqlite.org/).
|
33
33
|
|
34
34
|
## Installation
|
35
35
|
Installation is really easy just gem install!
|
@@ -60,45 +60,49 @@ The data can be viewed with a query browser available for your database. A Rails
|
|
60
60
|
To generate a report please execute the following after the the data is parsed into the database.
|
61
61
|
|
62
62
|
% risu -t <TEMPLATE_NAME> -o "REPORT_NAME.pdf"
|
63
|
-
|
63
|
+
|
64
64
|
## Risu Console
|
65
65
|
|
66
66
|
Using the risu Console is just like using Rails. You can access all of the ActiveRecord models directly and pull specific data from each model. Like SQL only easier!
|
67
67
|
|
68
|
-
|
68
|
+
$ risu --console
|
69
69
|
|
70
|
-
_
|
71
|
-
_ __(_)___ _ _
|
70
|
+
_
|
71
|
+
_ __(_)___ _ _
|
72
72
|
| '__| / __| | | |
|
73
73
|
| | | \__ \ |_| |
|
74
74
|
|_| |_|___/\__,_|
|
75
75
|
|
76
76
|
|
77
|
-
risu Console v1.5.
|
77
|
+
risu Console v1.5.1
|
78
78
|
>> Host.first
|
79
79
|
=> #<Risu::Models::Host id: 1, report_id: 1, name: "10.69.69.74", os: "Linux Kernel 2.6 on Debian 4.0 (etch)", mac: "XX:XX:XX:XX:XX:XX", start: "2011-04-20 16:29:37", end: "2011-04-20 16:32:14", ip: "10.69.69.74", fqdn: "redada.hammackj.net", netbios: "REDADA", local_checks_proto: nil, smb_login_used: nil, ssh_auth_meth: nil, ssh_login_used: nil, pci_dss_compliance: nil, notes: nil>
|
80
|
-
|
80
|
+
|
81
81
|
## Templates
|
82
82
|
Several templates are included:
|
83
83
|
|
84
|
-
|
85
|
-
|
86
|
-
|
87
|
-
|
88
|
-
|
89
|
-
|
90
|
-
|
91
|
-
|
92
|
-
|
93
|
-
|
94
|
-
|
95
|
-
|
96
|
-
|
97
|
-
|
98
|
-
|
99
|
-
|
100
|
-
|
101
|
-
|
84
|
+
$ risu -l
|
85
|
+
Available Templates
|
86
|
+
assets - Generates a Assets Summary Report
|
87
|
+
cover_sheet - Generates a coversheet with a logo (Example Template)
|
88
|
+
exec_summary - Generates a simple executive summary.
|
89
|
+
exec_summary_detailed - Generates a detailed executive summary report
|
90
|
+
finding_statistics - Generates report finding statistics
|
91
|
+
findings_host - Generates a findings report by host
|
92
|
+
findings_summary - Generates a findings summary report
|
93
|
+
findings_summary_with_pluginid - Generates a Findings Summary with Nessus Plugin ID
|
94
|
+
graphs - Generates a report with all the graphs in it
|
95
|
+
host_summary - Generates a Host Summary Report
|
96
|
+
ms_patch_summary - Generates a Microsoft Patch Summary Report
|
97
|
+
ms_update_summary - Generates a Microsoft Update Summary Report
|
98
|
+
ms_wsus_findings - Generates a report based on the findings of the Patch Management: WSUS Report plugin
|
99
|
+
notable - Notable Vulnerabilities
|
100
|
+
notable_detailed - Notable Vulnerabilities Detailed
|
101
|
+
pci_compliance - Generates a PCI Compliance Overview Report
|
102
|
+
stig_findings_summary - DISA Stig findings summary report
|
103
|
+
technical_findings - Generates a Technical Findings Report
|
104
|
+
template - template
|
105
|
+
$
|
102
106
|
|
103
107
|
The templates are written in ruby using [prawn](http://prawn.majesticseacreature.com/), they are fairly easy to make. I will add any templates as requested. See the 'template' example for creating your own template.
|
104
108
|
|
@@ -116,5 +120,5 @@ I have received several requests for a method to donate to the project. You can
|
|
116
120
|
# Contact
|
117
121
|
You can reach me at jacob[dot]hammack[at]hammackj[dot]com.
|
118
122
|
|
119
|
-
You can also contact me on IRC as hammackj on irc.freenode.net, #risu
|
123
|
+
You can also contact me on IRC as hammackj on irc.freenode.net, #risu
|
120
124
|
|
data/Rakefile
CHANGED
@@ -1,9 +1,34 @@
|
|
1
|
+
# Copyright (c) 2010-2012 Arxopia LLC.
|
2
|
+
# All rights reserved.
|
3
|
+
|
4
|
+
# Redistribution and use in source and binary forms, with or without
|
5
|
+
# modification, are permitted provided that the following conditions are met:
|
6
|
+
|
7
|
+
# * Redistributions of source code must retain the above copyright
|
8
|
+
# notice, this list of conditions and the following disclaimer.
|
9
|
+
# * Redistributions in binary form must reproduce the above copyright
|
10
|
+
# notice, this list of conditions and the following disclaimer in the
|
11
|
+
# documentation and/or other materials provided with the distribution.
|
12
|
+
# * Neither the name of the Arxopia LLC nor the names of its contributors
|
13
|
+
# may be used to endorse or promote products derived from this software
|
14
|
+
# without specific prior written permission.
|
15
|
+
|
16
|
+
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
|
17
|
+
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
18
|
+
# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
19
|
+
# DISCLAIMED. IN NO EVENT SHALL ARXOPIA LLC BE LIABLE FOR ANY DIRECT, INDIRECT,
|
20
|
+
# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
21
|
+
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
|
22
|
+
# OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
23
|
+
# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
24
|
+
#OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
+
#OF THE POSSIBILITY OF SUCH DAMAGE.
|
26
|
+
|
1
27
|
$LOAD_PATH.unshift File.expand_path("../lib", __FILE__)
|
2
28
|
|
3
|
-
require 'rubygems'
|
29
|
+
require 'rubygems'
|
4
30
|
require "risu"
|
5
31
|
require 'rake'
|
6
|
-
require 'rspec/core/rake_task'
|
7
32
|
require 'rake/testtask'
|
8
33
|
|
9
34
|
task :build do
|
@@ -12,7 +37,6 @@ end
|
|
12
37
|
|
13
38
|
task :release => :build do
|
14
39
|
system "gem push #{Risu::APP_NAME}-#{Risu::VERSION}.gem"
|
15
|
-
|
16
40
|
puts "Just released #{Risu::APP_NAME} v#{Risu::VERSION}. #{Risu::APP_NAME} is always available in RubyGems! More information at http://hammackj.com/projects/risu/"
|
17
41
|
end
|
18
42
|
|
@@ -24,13 +48,9 @@ task :clean do
|
|
24
48
|
system "rm -rf coverage"
|
25
49
|
end
|
26
50
|
|
27
|
-
task :default => [:
|
28
|
-
|
29
|
-
RSpec::Core::RakeTask.new(:spec) do |t|
|
30
|
-
t.pattern = './spec/**/*_spec.rb'
|
31
|
-
end
|
51
|
+
task :default => [:test_unit]
|
32
52
|
|
33
|
-
Rake::TestTask.new("
|
53
|
+
Rake::TestTask.new("test_unit") { |t|
|
34
54
|
t.libs << "test"
|
35
55
|
t.pattern = 'test/*/*_test.rb'
|
36
56
|
t.verbose = true
|
data/TODO.markdown
CHANGED
@@ -1,34 +1,160 @@
|
|
1
1
|
# TODO
|
2
2
|
|
3
|
-
**Release dates are estimates, and features can be changed at any time.**
|
3
|
+
**Release dates and road map are estimates, and features can be changed at any time.**
|
4
4
|
|
5
|
-
|
6
|
-
-
|
5
|
+
#**Bugs**
|
6
|
+
- Notable reports show an incorrect number, might be fixed already.
|
7
7
|
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
-
|
8
|
+
#Road map
|
9
|
+
|
10
|
+
##1.5.2 (Oct, 1 2012) - Filtering Magic
|
11
|
+
- Fix SQLite3 issue where it has to wait for the OS to write every insert.(MAJOR SPEED ISSUE)
|
12
|
+
- add high/med/low_risks_by_host functions Item Model
|
13
|
+
- Do all the @todo / @fix items!
|
14
|
+
- Add a filtering system for lowering the rating of plugins based on config
|
15
|
+
- Implement the ability to filter data out of the report
|
16
|
+
- Filter on
|
17
|
+
- Host Mac Address
|
18
|
+
- Host IP
|
19
|
+
- Plugin ID
|
20
|
+
- Host id
|
21
|
+
- Arbitrary number of filters
|
22
|
+
- Add filtered api, to use the filters
|
23
|
+
- Option 1: eg critical_risks_filtered()
|
24
|
+
- Option 2: eg critical_risks(:filtered => true)
|
25
|
+
- Nexpose Detailed xml parsing
|
26
|
+
- Nexpose Simple xml parsing
|
27
|
+
- list scan in database via cli
|
28
|
+
- generate report based on scan_id/report id
|
29
|
+
- finding summary: crit/high spacing
|
30
|
+
- page kerning?
|
31
|
+
- 100% Code coverage for all unit testing
|
32
|
+
|
33
|
+
#1.5.3 (June 1, 2012) - Rendering
|
34
|
+
- Ruby 1.8.x will no longer be officially supported.
|
35
|
+
- Official support for ruby 1.9.3+ only (Due to rails v4)
|
36
|
+
- Look at moving to nokogiri for xml parsing; http://nokogiri.org if its faster
|
37
|
+
- Implement different renderers
|
38
|
+
- pdf
|
39
|
+
- cvs
|
40
|
+
- html
|
41
|
+
- rtf
|
42
|
+
- openoffice xml
|
43
|
+
- Abstract the api for prawn to support different renders
|
44
|
+
- DSL for report creation to abstract the reports to have different output types
|
45
|
+
- Language abstraction for text generation
|
12
46
|
|
13
|
-
|
47
|
+
## 1.6 (??) - Additional Parsers
|
48
|
+
- Remove rmagick (GRRRR!)
|
49
|
+
- Add Parser for Nessus NBE Format
|
50
|
+
- Add Parser for Nessus NSR Format
|
51
|
+
- Add Parser for Nessus V1 of the XML Format
|
52
|
+
- Add Parser for OpenVas Output
|
53
|
+
- Add Parser for SecurityCenter Output
|
54
|
+
- Add Parser for Nexpose xml
|
55
|
+
- Add Parser for Qualys xml
|
56
|
+
- Add Parser for Nmpa XML?
|
57
|
+
- Easier way to select the Scan to generate reports from
|
58
|
+
|
59
|
+
## 2.0 (??)
|
60
|
+
-
|
61
|
+
|
62
|
+
##List of things TODO
|
63
|
+
###Core
|
64
|
+
- migration error handling
|
65
|
+
- catch mysql/sqlite/postgres errors during up/down
|
66
|
+
- bug report info collection option
|
67
|
+
- Complete comments for all existing code
|
68
|
+
- create an api determining vulnerability % based on the network
|
69
|
+
- create an api for creating a vulnerability score per host to show a risk %
|
70
|
+
- More text generation from graphs
|
71
|
+
- pdf bookmarks
|
72
|
+
- add postgres and test it
|
73
|
+
- rewrite the application class
|
74
|
+
|
75
|
+
###Parsers
|
76
|
+
- move all pci related host properties to their own table
|
77
|
+
- Nexpose SimpleXML parser
|
78
|
+
- Create a Nessus document generator, for testing the parser
|
79
|
+
- Add Schema checks to make sure the schema is compatible with the version of risu
|
80
|
+
|
81
|
+
###Models
|
82
|
+
- Plugin reference accessors with auto text
|
83
|
+
|
84
|
+
###Graphs
|
85
|
+
- most common os graph
|
86
|
+
- vulns by service bar chart
|
87
|
+
- most common services graph
|
88
|
+
- most common vuln category
|
89
|
+
- # hosts by severity
|
90
|
+
- stig bar graph for cat 1 / 2 /3
|
91
|
+
- unsupported vs supported os graph
|
92
|
+
- Add a CVSS risk factor graph
|
93
|
+
- security risk graph
|
94
|
+
|
95
|
+
###Reports / Templates
|
96
|
+
- SANS TOP XX report
|
97
|
+
- add (hostname) to reports
|
14
98
|
- Fix list report
|
15
99
|
- by host ordered by risk
|
16
100
|
- vulnerability name
|
17
101
|
- first cve
|
18
102
|
- Host
|
19
103
|
- vuln name | cve
|
20
|
-
- vuln name | cve
|
21
|
-
- add findings by host report
|
22
|
-
- ms_wsus_findings: Takes the plugin_output from plugin ####pluginid###
|
104
|
+
- vuln name | cve
|
105
|
+
- add findings by host report
|
106
|
+
- ms_wsus_findings: Takes the plugin_output from plugin ####pluginid###
|
23
107
|
- windows policy report
|
24
|
-
-
|
25
|
-
- move all pci related host properties to their own table
|
108
|
+
- clean up old templates, some are nasty
|
26
109
|
- stig detailed report
|
27
|
-
-
|
28
|
-
-
|
110
|
+
-http://www.scribd.com/doc/3752867/6/Vulnerability-Severity-Code-Definitions
|
111
|
+
- Category I
|
112
|
+
- Vulnerabilities that allow an attacker immediate access into a machine, allow superuser access, or bypass a firewall.These can lead to the immediate compromise of the web serverallowing the attacker to take complete control of the web server and associated operating system, which can then be used as aresource to control other systems in your network.Some examples would be the running of unsupported software, anonymous access to privledge accounts, and the presence of sample applications installed on the web server.
|
113
|
+
- Category II
|
114
|
+
- Vulnerabilities aide the ability of an attacker to gain access into a machine, compromise sensitive data, or bypass a firewall.These will lead to the eventual compromise of the web server allowing the attacker to manipulate the content or server settings on the web server and have access to other systems in your network.Some examples would be trust relationships with unauthorized separate enclaves, non compliance with appropriate host operating system security controls, and the non compliance with the IAVM program.
|
115
|
+
- Category III
|
116
|
+
- Vulnerabilities that impact the security posture of the system and if configured, will improve the overall security of asset.These could result in the degradation of service, compromise of information, and in some cases lead to unauthorized access to thesystem.Some examples would be untrained staff, development tools on a production environment, and the uncontrolled release of information to the web server.
|
29
117
|
- template for rhs plugins
|
30
118
|
- template for wsus plugins
|
31
|
-
-
|
119
|
+
- Update Assets templates to use this if possible plugin: http://www.nessus.org/plugins/index.php?view=single&id=54615 for extra data
|
120
|
+
- Colorize the reports with better style
|
121
|
+
- Ensure font sizes are standard in the templates
|
122
|
+
- The font in tech findings could be 1 size smaller
|
123
|
+
- add more detailed pci templates
|
124
|
+
- Provide more templates
|
125
|
+
- Virtual Machine Summary
|
126
|
+
- Fix list Report?
|
127
|
+
- Compact the data in tech findings to be more printer friendly
|
128
|
+
- finding summary coversheet looks odd
|
129
|
+
- unsupported OS template
|
130
|
+
- add list of unsupported os ip's accessor
|
131
|
+
- detailed findings should be combined to save paper on printing
|
132
|
+
- Sort Technical Findings Report by count/score
|
133
|
+
- Add template validation and more error checking
|
134
|
+
- Added TOC/Index to the technical findings report, issue 15
|
135
|
+
- More text blocks for various plugins services
|
136
|
+
- finish implementation of service descriptions
|
137
|
+
- outstanding/very good/good/improvement needed/unsatisfactory
|
138
|
+
- report type rtf
|
139
|
+
Per host
|
140
|
+
- scan time start/end
|
141
|
+
- remote host info is/netbios/name/dns/ip/mac
|
142
|
+
- All types of reports nessus does
|
143
|
+
-vuln by host
|
144
|
+
-hosts.each
|
145
|
+
- host.items.each
|
146
|
+
- name
|
147
|
+
- synopsis
|
148
|
+
- description
|
149
|
+
- solution
|
150
|
+
- risk
|
151
|
+
- reference
|
152
|
+
- ports
|
153
|
+
- plugin output
|
154
|
+
|
155
|
+
###Testing
|
156
|
+
- Move all tests to use Fixtures
|
157
|
+
- hash all template results to make sure templates are being created correctly
|
32
158
|
- Create tests for everything (95%+ code coverage goal)
|
33
159
|
- Parser tests
|
34
160
|
- Add test for new xml element
|
@@ -55,67 +181,14 @@
|
|
55
181
|
- ms update summary
|
56
182
|
- pci compliance
|
57
183
|
- tech findings
|
58
|
-
- CentOS 6 tutorial
|
59
|
-
- Ubuntu latest tutorial
|
60
|
-
- Implement the ability to filter data out of the report
|
61
|
-
- Filter on
|
62
|
-
- Host Mac Address
|
63
|
-
- Host IP
|
64
|
-
- Plugin ID
|
65
|
-
- Ensure font sizes are standard in the templates
|
66
|
-
- The font in tech findings could be 1 size smaller
|
67
|
-
- Add a filtering system for lowering the rating of plugins based on config
|
68
|
-
- Compact the data in tech findings to be more printer friendly
|
69
184
|
- Add tests for Patch model
|
70
|
-
- Plugin reference accessors with auto text
|
71
|
-
- finding summary coversheet looks odd
|
72
|
-
- unsupported OS template
|
73
|
-
- unsupported vs supported os graph
|
74
|
-
- add list of unsupported os ip's accessor
|
75
|
-
- detailed findings should be combined to save paper on printing
|
76
|
-
- add more detailed pci templates
|
77
|
-
- Provide more templates
|
78
|
-
- Virtual Machine Summary
|
79
|
-
- Fix list Report?
|
80
|
-
- Add a CVSS risk factor graph
|
81
|
-
- Update Assets templates to use this if possible plugin: http://www.nessus.org/plugins/index.php?view=single&id=54615 for extra data
|
82
|
-
- Sort Technical Findings Report by count/score
|
83
|
-
- Add template validation and more error checking
|
84
|
-
- Colorize the reports with better style
|
85
|
-
- Added TOC/Index to the technical findings report, issue 15
|
86
|
-
- Category I
|
87
|
-
- Vulnerabilities that allow an attacker immediate access into amachine, allow superuser access, or bypass a firewall.These can lead to the immediate compromise of the web serverallowing the attacker to take complete control of the web serverand associated operating system, which can then be used as aresource to control other systems in your network.Some examples would be the running of unsupported software,anonymous access to privledge accounts, and the presence of sample applications installed on the web server.
|
88
|
-
- Category II
|
89
|
-
- Vulnerabilities aide the ability of an attacker to gain access into amachine, compromise sensitive data, or bypass a firewall.These will lead to the eventual compromise of the web serverallowing the attacker to manipulate the content or server settingson the web server and have access to other systems in yournetwork.Some examples would be trust relationships with unauthorizedseparate enclaves, non compliance with appropriate hostoperating system security controls, and the non compliance withthe IAVM program.
|
90
|
-
- Category III
|
91
|
-
- Vulnerabilities that impact the security posture of the system andif configured, will improve the overall security of asset.These could result in the degradation of service, compromise of information, and in some cases lead to unauthorized access to thesystem.Some examples would be untrained staff, development tools on aproduction environment, and the uncontrolled release of information to the web server.
|
92
185
|
|
93
|
-
|
94
|
-
|
95
|
-
-
|
96
|
-
-
|
186
|
+
###Marketing
|
187
|
+
- CentOS 6 setup Tutorial
|
188
|
+
- Backtrack5 r2 setup Tutorial
|
189
|
+
- Ubuntu LTS setup Tutorial
|
190
|
+
- Presentation on Risu
|
97
191
|
|
98
|
-
|
99
|
-
-
|
100
|
-
|
101
|
-
- cvs
|
102
|
-
- html
|
103
|
-
- rtf
|
104
|
-
- Abstract the api for prawn to support different renders
|
105
|
-
- DSL for report creation to abstract the reports to have different output types
|
106
|
-
|
107
|
-
## 1.6 (??)
|
108
|
-
- Remove rmagick (GRRRR!)
|
109
|
-
- Move to ruby 1.9.3 only support
|
110
|
-
- Add Parser for Nessus NBE Format
|
111
|
-
- Add Parser for Nessus NSR Format
|
112
|
-
- Add Parser for Nessus V1 of the XML Format
|
113
|
-
- Add Parser for OpenVas Output
|
114
|
-
- Add Parser for SecurityCenter Output
|
115
|
-
- Add Parser for Nexpose xml
|
116
|
-
- Add Parser for Qualys xml
|
117
|
-
- Look at moving to nokogiri for xml parsing; http://nokogiri.org
|
118
|
-
- Easier way to select the Scan to generate reports from
|
119
|
-
|
120
|
-
## 2.0 (??)
|
121
|
-
- Rails FrontEnd to Risu
|
192
|
+
####Website
|
193
|
+
- Increase the readability of the site some
|
194
|
+
- Bold the current version info
|