risu 1.6.3 → 1.7.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +12 -0
- data/Gemfile.ci +9 -9
- data/Gemfile.lock +118 -0
- data/LICENSE +1 -1
- data/NEWS.markdown +98 -0
- data/README.markdown +10 -3
- data/Rakefile +2 -2
- data/bin/risu +3 -3
- data/lib/risu.rb +6 -2
- data/lib/risu/base.rb +10 -3
- data/lib/risu/base/graph_template_helper.rb +71 -0
- data/lib/risu/base/host_template_helper.rb +75 -0
- data/lib/risu/base/malware_template_helper.rb +96 -0
- data/lib/risu/base/post_process_base.rb +210 -0
- data/lib/risu/base/post_process_manager.rb +120 -0
- data/lib/risu/base/schema.rb +10 -7
- data/lib/risu/base/shares_template_helper.rb +158 -0
- data/lib/risu/base/template_base.rb +12 -10
- data/lib/risu/base/template_helper.rb +105 -3
- data/lib/risu/base/template_manager.rb +16 -12
- data/lib/risu/base/templater.rb +23 -9
- data/lib/risu/cli.rb +1 -1
- data/lib/risu/cli/application.rb +23 -17
- data/lib/risu/cli/banner.rb +3 -3
- data/lib/risu/exceptions.rb +1 -1
- data/lib/risu/exceptions/invaliddocument.rb +1 -1
- data/lib/risu/models.rb +1 -1
- data/lib/risu/models/attachment.rb +3 -3
- data/lib/risu/models/familyselection.rb +3 -3
- data/lib/risu/models/host.rb +74 -9
- data/lib/risu/models/hostproperty.rb +3 -3
- data/lib/risu/models/individualpluginselection.rb +3 -3
- data/lib/risu/models/item.rb +92 -29
- data/lib/risu/models/patch.rb +3 -3
- data/lib/risu/models/plugin.rb +30 -2
- data/lib/risu/models/pluginspreference.rb +1 -1
- data/lib/risu/models/policy.rb +1 -1
- data/lib/risu/models/reference.rb +1 -1
- data/lib/risu/models/report.rb +1 -2
- data/lib/risu/models/serverpreference.rb +1 -1
- data/lib/risu/models/servicedescription.rb +3 -3
- data/lib/risu/models/version.rb +1 -1
- data/lib/risu/parsers.rb +1 -1
- data/lib/risu/parsers/nessus/nessus_document.rb +3 -3
- data/lib/risu/parsers/nessus/nessus_sax_listener.rb +23 -16
- data/lib/risu/parsers/nessus/postprocess.rb +3 -6
- data/lib/risu/parsers/nessus/postprocess/adobe_air.rb +82 -0
- data/lib/risu/parsers/nessus/postprocess/adobe_reader.rb +86 -0
- data/lib/risu/parsers/nessus/postprocess/apache.rb +67 -0
- data/lib/risu/parsers/nessus/postprocess/core_ftp.rb +52 -0
- data/lib/risu/parsers/nessus/postprocess/flash_player.rb +104 -0
- data/lib/risu/parsers/nessus/postprocess/flexnet.rb +53 -0
- data/lib/risu/parsers/nessus/postprocess/google_chrome.rb +52 -0
- data/lib/risu/parsers/nessus/postprocess/hp_system_mgt_homepage.rb +60 -0
- data/lib/risu/parsers/nessus/postprocess/java.rb +49 -198
- data/lib/risu/parsers/nessus/postprocess/openssh.rb +65 -0
- data/lib/risu/parsers/nessus/postprocess/openssl.rb +54 -0
- data/lib/risu/parsers/nessus/postprocess/oracle_database.rb +84 -0
- data/lib/risu/parsers/nessus/postprocess/php.rb +62 -0
- data/lib/risu/parsers/nessus/postprocess/post_process.rb +178 -0
- data/lib/risu/parsers/nessus/postprocess/risk_score.rb +10 -5
- data/lib/risu/parsers/nessus/postprocess/root_cause.rb +375 -0
- data/lib/risu/parsers/nessus/postprocess/servu.rb +57 -0
- data/lib/risu/parsers/nessus/postprocess/shockwave.rb +73 -0
- data/lib/risu/parsers/nessus/postprocess/windows.rb +57 -0
- data/lib/risu/parsers/nessus/postprocess/wireshark.rb +72 -0
- data/lib/risu/parsers/nexpose/nexpose_document.rb +1 -1
- data/lib/risu/parsers/nexpose/simple_nexpose.rb +1 -1
- data/lib/risu/renderers.rb +3 -1
- data/lib/risu/renderers/csvrenderer.rb +53 -0
- data/lib/risu/renderers/nilrenderer.rb +1 -1
- data/lib/risu/renderers/pdfrenderer.rb +57 -0
- data/lib/risu/templates/assets.rb +5 -4
- data/lib/risu/templates/cover_sheet.rb +4 -3
- data/lib/risu/templates/exec_summary.rb +4 -3
- data/lib/risu/templates/executive_summary_detailed.rb +9 -8
- data/lib/risu/templates/exploitablity_summary.rb +82 -0
- data/lib/risu/templates/failed_audits.rb +98 -0
- data/lib/risu/templates/finding_statistics.rb +2 -1
- data/lib/risu/templates/findings_host.rb +20 -22
- data/lib/risu/templates/findings_summary.rb +11 -9
- data/lib/risu/templates/findings_summary_with_pluginid.rb +31 -85
- data/lib/risu/templates/graphs.rb +9 -10
- data/lib/risu/templates/host_findings_csv.rb +67 -0
- data/lib/risu/templates/host_summary.rb +2 -1
- data/lib/risu/templates/malicious_process_detection.rb +2 -1
- data/lib/risu/templates/missing_root_causes.rb +162 -0
- data/lib/risu/templates/ms_patch_summary.rb +3 -2
- data/lib/risu/templates/ms_update_summary.rb +5 -4
- data/lib/risu/templates/ms_wsus_findings.rb +5 -4
- data/lib/risu/templates/notable.rb +7 -11
- data/lib/risu/templates/notable_detailed.rb +7 -4
- data/lib/risu/templates/pci_compliance.rb +5 -4
- data/lib/risu/templates/stig_findings_summary.rb +5 -4
- data/lib/risu/templates/talking_points.rb +164 -0
- data/lib/risu/templates/technical_findings.rb +8 -4
- data/lib/risu/templates/template.rb +3 -2
- data/lib/risu/templates/top_25.rb +115 -0
- data/risu.gemspec +16 -15
- metadata +142 -77
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 23f609c5df6f31deb50608fdf1beff5b6a8b3783
|
4
|
+
data.tar.gz: 46319a15896857ccb3b72cb7401c9ea696392888
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: ad64d389f1cd8fbc67c0cb6de29a9bcb3b3f930e1a8fe0949e1cdec4323c3648907a4dd0a0ef7a2bf36c88f65ea84b06cd49bdc0face447396a81499b4c2ce0e
|
7
|
+
data.tar.gz: 54f0eed09834c480da59f3552e145f3e953f662a9e946d587e63df2672406145b0fd8289b62301e26d1139e0672836665e3817e51557070242a06edcb4058fc0
|
data/Gemfile
ADDED
@@ -0,0 +1,12 @@
|
|
1
|
+
source "https://rubygems.org"
|
2
|
+
|
3
|
+
gem "rails", '4.0.0'
|
4
|
+
gem "libxml-ruby", '2.6.0'
|
5
|
+
gem "prawn", '0.12.0'
|
6
|
+
gem "gruff", '0.3.7'
|
7
|
+
gem "mysql2", '0.3.11'
|
8
|
+
gem "rmagick", '2.13.2'
|
9
|
+
gem "sqlite3", '1.3.7'
|
10
|
+
gem "simplecov"
|
11
|
+
gem "nokogiri", '1.6.0'
|
12
|
+
gem "minitest", '4.3.2'
|
data/Gemfile.ci
CHANGED
@@ -1,12 +1,12 @@
|
|
1
|
-
source :rubygems
|
2
1
|
source "https://rubygems.org"
|
3
2
|
|
4
|
-
gem "rails"
|
5
|
-
gem "libxml-ruby"
|
6
|
-
gem "prawn"
|
7
|
-
gem "gruff"
|
8
|
-
gem "mysql2"
|
9
|
-
gem "rmagick"
|
10
|
-
gem "sqlite3"
|
3
|
+
gem "rails", '4.0.0'
|
4
|
+
gem "libxml-ruby", '2.6.0'
|
5
|
+
gem "prawn", '0.12.0'
|
6
|
+
gem "gruff", '0.3.7'
|
7
|
+
gem "mysql2", '0.3.11'
|
8
|
+
gem "rmagick", '2.13.2'
|
9
|
+
gem "sqlite3", '1.3.7'
|
11
10
|
gem "simplecov"
|
12
|
-
gem "nokogiri"
|
11
|
+
gem "nokogiri", '1.6.0'
|
12
|
+
gem "minitest", '4.3.2'
|
data/Gemfile.lock
ADDED
@@ -0,0 +1,118 @@
|
|
1
|
+
GEM
|
2
|
+
remote: https://rubygems.org/
|
3
|
+
specs:
|
4
|
+
Ascii85 (1.0.2)
|
5
|
+
actionmailer (4.0.2)
|
6
|
+
actionpack (= 4.0.2)
|
7
|
+
mail (~> 2.5.4)
|
8
|
+
actionpack (4.0.2)
|
9
|
+
activesupport (= 4.0.2)
|
10
|
+
builder (~> 3.1.0)
|
11
|
+
erubis (~> 2.7.0)
|
12
|
+
rack (~> 1.5.2)
|
13
|
+
rack-test (~> 0.6.2)
|
14
|
+
activemodel (4.0.2)
|
15
|
+
activesupport (= 4.0.2)
|
16
|
+
builder (~> 3.1.0)
|
17
|
+
activerecord (4.0.2)
|
18
|
+
activemodel (= 4.0.2)
|
19
|
+
activerecord-deprecated_finders (~> 1.0.2)
|
20
|
+
activesupport (= 4.0.2)
|
21
|
+
arel (~> 4.0.0)
|
22
|
+
activerecord-deprecated_finders (1.0.3)
|
23
|
+
activesupport (4.0.2)
|
24
|
+
i18n (~> 0.6, >= 0.6.4)
|
25
|
+
minitest (~> 4.2)
|
26
|
+
multi_json (~> 1.3)
|
27
|
+
thread_safe (~> 0.1)
|
28
|
+
tzinfo (~> 0.3.37)
|
29
|
+
afm (0.2.0)
|
30
|
+
arel (4.0.1)
|
31
|
+
atomic (1.1.14)
|
32
|
+
builder (3.1.4)
|
33
|
+
docile (1.1.1)
|
34
|
+
erubis (2.7.0)
|
35
|
+
gruff (0.5.1)
|
36
|
+
rmagick
|
37
|
+
hashery (2.1.1)
|
38
|
+
hike (1.2.3)
|
39
|
+
i18n (0.6.9)
|
40
|
+
libxml-ruby (2.7.0)
|
41
|
+
mail (2.5.4)
|
42
|
+
mime-types (~> 1.16)
|
43
|
+
treetop (~> 1.4.8)
|
44
|
+
mime-types (1.25.1)
|
45
|
+
mini_portile (0.5.2)
|
46
|
+
minitest (4.7.5)
|
47
|
+
multi_json (1.8.2)
|
48
|
+
mysql2 (0.3.14)
|
49
|
+
nokogiri (1.6.1)
|
50
|
+
mini_portile (~> 0.5.0)
|
51
|
+
pdf-reader (1.3.3)
|
52
|
+
Ascii85 (~> 1.0.0)
|
53
|
+
afm (~> 0.2.0)
|
54
|
+
hashery (~> 2.0)
|
55
|
+
ruby-rc4
|
56
|
+
ttfunk
|
57
|
+
polyglot (0.3.3)
|
58
|
+
prawn (0.13.2)
|
59
|
+
pdf-reader (~> 1.2)
|
60
|
+
ruby-rc4
|
61
|
+
ttfunk (~> 1.0.3)
|
62
|
+
rack (1.5.2)
|
63
|
+
rack-test (0.6.2)
|
64
|
+
rack (>= 1.0)
|
65
|
+
rails (4.0.2)
|
66
|
+
actionmailer (= 4.0.2)
|
67
|
+
actionpack (= 4.0.2)
|
68
|
+
activerecord (= 4.0.2)
|
69
|
+
activesupport (= 4.0.2)
|
70
|
+
bundler (>= 1.3.0, < 2.0)
|
71
|
+
railties (= 4.0.2)
|
72
|
+
sprockets-rails (~> 2.0.0)
|
73
|
+
railties (4.0.2)
|
74
|
+
actionpack (= 4.0.2)
|
75
|
+
activesupport (= 4.0.2)
|
76
|
+
rake (>= 0.8.7)
|
77
|
+
thor (>= 0.18.1, < 2.0)
|
78
|
+
rake (10.1.1)
|
79
|
+
rmagick (2.13.2)
|
80
|
+
ruby-rc4 (0.1.5)
|
81
|
+
simplecov (0.8.2)
|
82
|
+
docile (~> 1.1.0)
|
83
|
+
multi_json
|
84
|
+
simplecov-html (~> 0.8.0)
|
85
|
+
simplecov-html (0.8.0)
|
86
|
+
sprockets (2.10.1)
|
87
|
+
hike (~> 1.2)
|
88
|
+
multi_json (~> 1.0)
|
89
|
+
rack (~> 1.0)
|
90
|
+
tilt (~> 1.1, != 1.3.0)
|
91
|
+
sprockets-rails (2.0.1)
|
92
|
+
actionpack (>= 3.0)
|
93
|
+
activesupport (>= 3.0)
|
94
|
+
sprockets (~> 2.8)
|
95
|
+
sqlite3 (1.3.8)
|
96
|
+
thor (0.18.1)
|
97
|
+
thread_safe (0.1.3)
|
98
|
+
atomic
|
99
|
+
tilt (1.4.1)
|
100
|
+
treetop (1.4.15)
|
101
|
+
polyglot
|
102
|
+
polyglot (>= 0.3.1)
|
103
|
+
ttfunk (1.0.3)
|
104
|
+
tzinfo (0.3.38)
|
105
|
+
|
106
|
+
PLATFORMS
|
107
|
+
ruby
|
108
|
+
|
109
|
+
DEPENDENCIES
|
110
|
+
gruff
|
111
|
+
libxml-ruby
|
112
|
+
mysql2
|
113
|
+
nokogiri
|
114
|
+
prawn
|
115
|
+
rails
|
116
|
+
rmagick
|
117
|
+
simplecov
|
118
|
+
sqlite3
|
data/LICENSE
CHANGED
data/NEWS.markdown
CHANGED
@@ -1,5 +1,103 @@
|
|
1
1
|
# News
|
2
2
|
|
3
|
+
#1.7.0 (September 12, 2014)
|
4
|
+
- Update Copyrights to 2014
|
5
|
+
- Wiki
|
6
|
+
- New page for installing on [OSX]((https://github.com/arxopia/risu/wiki/OSX-Installation-Guide)
|
7
|
+
- Models
|
8
|
+
- Host Model
|
9
|
+
- Changed the field type of 'mac' from string to text to increase the size
|
10
|
+
- windows_os_graph_has_data()
|
11
|
+
- HostProperty Model
|
12
|
+
- Added pcidss:insecure_http_methods tag
|
13
|
+
- Added cpe-XXX, where XXX is a digit of the number of CPE found for that host.
|
14
|
+
- Added LastUnauthenticatedResults tag
|
15
|
+
- Added LastAuthenticatedResults tag
|
16
|
+
- Added Credentialed_Scan tag
|
17
|
+
- Added policy-used tag
|
18
|
+
- Added KBXXXXXX tag, used for Microsoft patches
|
19
|
+
- Plugin
|
20
|
+
- Added exploited_by_malware
|
21
|
+
- Added compliance
|
22
|
+
- Added root_cause; This is a custom field which will be manually filled over time with the root_cause of
|
23
|
+
the vulnerability, this data will be inserted with a post-processing plug-in
|
24
|
+
- Added root_cause_graph()
|
25
|
+
- Added root_cause_graph_text()
|
26
|
+
- Item
|
27
|
+
- Added exploitablity_matrix method, returns and formatted array of findings based on parameters.
|
28
|
+
- Added calculate_vulnerable_host_percent_with_patches_applied method, which calculates the vulnerable host percent
|
29
|
+
after removing all of the notable findings. This gives a sense of how the network would be after patching
|
30
|
+
- Added risk_percent_patched_rounded_text
|
31
|
+
- Reference
|
32
|
+
- Added hp.
|
33
|
+
- Added glsa.
|
34
|
+
- Added freebsd.
|
35
|
+
- _Experimental Post Processing_, Sums up the findings and removes the duplicates. This allows for cleaner
|
36
|
+
authenticated reports. Very experimental at the moment, the are auto loaded from the same directories as
|
37
|
+
templates for the time being
|
38
|
+
- Use of the --post-process command line option will turn this on and off
|
39
|
+
- Java Plugins
|
40
|
+
- Adobe Reader plugins
|
41
|
+
- Flash Player plugins
|
42
|
+
- Serv-U plugins
|
43
|
+
- Adobe Air plugins
|
44
|
+
- OpenSSH plugins
|
45
|
+
- Wireshark plugins
|
46
|
+
- Oracle Database plugins
|
47
|
+
- Shockwave Player plugins
|
48
|
+
- Google Chrome plugins
|
49
|
+
- CoreFtp plugins
|
50
|
+
- FLEXNet plugins
|
51
|
+
- PHP plugins
|
52
|
+
- Apache plugins
|
53
|
+
- HP System Management Homepage
|
54
|
+
- OpenSSL Plugins
|
55
|
+
- Windows OS plugins
|
56
|
+
- RootCause processing, this adds a subjective root cause to every plugin that I have seen / had to time do.
|
57
|
+
- Renderers
|
58
|
+
- Added support for CSV output check out the host_findings_csv.rb template for an example of how to do it
|
59
|
+
- Templates
|
60
|
+
- Updated the default color scheme for graphs to look a little better
|
61
|
+
- Templates will now be searched for in the current directory.
|
62
|
+
- Templates will be searched for in the following places:
|
63
|
+
- The risu template directory in $GEM_HOME/gems/risu-1.7.0/lib/risu/templates/
|
64
|
+
- The current directory
|
65
|
+
- The user directory of ~/.risu/templates/
|
66
|
+
- Added host_findings_csv.rb template
|
67
|
+
- Added "Failed compliance audits" template [abenson]
|
68
|
+
- Added "Exploitablity Summary Report" template
|
69
|
+
- Added "Talking Points Report" template
|
70
|
+
- Added "Missing Root Cause Report" template
|
71
|
+
- Templates must now specify their renderer :renderer => "PDF" or :renderer => "CSV" in the template_info section. This
|
72
|
+
will break all templates until it is added.
|
73
|
+
- Template Helper
|
74
|
+
- Added a table method to generate a table in 1 line of code
|
75
|
+
- Added a new_page method to create a page break in the report
|
76
|
+
- Added other_os_graph_page, This generates a page for the PDF renderer with the
|
77
|
+
other_os_graph and other_os_graph_text followed by a new_page
|
78
|
+
- item_count_by_plugin_name
|
79
|
+
- item_count_by_plugin_id
|
80
|
+
- default_credentials_section
|
81
|
+
- default_credentials_appendix_section
|
82
|
+
- has_default_credentials?
|
83
|
+
- default_credential_plugins
|
84
|
+
- Added MalwareTemplateHelper, this is included by TemplateHelper. It provides:
|
85
|
+
- malware_section()
|
86
|
+
- malware_appendix_section()
|
87
|
+
- conficker_section()
|
88
|
+
- conficker_appendix_section()
|
89
|
+
- conficker_count()
|
90
|
+
- Added HostTemplateHelper, this is included by TemplateHelper. It provides:
|
91
|
+
- unsupported_os_appendix_section()
|
92
|
+
- unsupported_os()
|
93
|
+
- Added GraphTemplateHelper, this is included by TemplateHelper. It provides:
|
94
|
+
- other_os_graph_page()
|
95
|
+
- windows_os_graph_page()
|
96
|
+
- risks_by_severity_graph_page()
|
97
|
+
- risks_by_service_graph_page()
|
98
|
+
- root_cause_graph_page()
|
99
|
+
- Probably other things I forgot to track...
|
100
|
+
|
3
101
|
#1.6.3 (October 01, 2013)
|
4
102
|
- Rails 4.0 compatibility, backwards rails compatibility doesn't exist. You will need to update any plugins using old Rails APIs
|
5
103
|
- Support for Ruby less than 1.9.3 also doesn't exist
|
data/README.markdown
CHANGED
@@ -1,13 +1,17 @@
|
|
1
1
|
# risu
|
2
2
|
|
3
|
+
[![Gem Version](https://badge.fury.io/rb/risu.png)](http://badge.fury.io/rb/risu)
|
4
|
+
|
5
|
+
[![Build Status](https://travis-ci.org/arxopia/risu.png?branch=1.7.0)](https://travis-ci.org/arxopia/risu)
|
6
|
+
|
3
7
|
Risu is [Nessus](http://www.nessus.org) parser, that converts the generated reports into a [ActiveRecord](http://api.rubyonrails.org/classes/ActiveRecord/Base.html) database, this allows for easy report generation and vulnerability verification.
|
4
8
|
|
5
|
-
Version **1.
|
9
|
+
Version **1.7.0** is the current release.
|
6
10
|
|
7
11
|
## Requirements
|
8
12
|
|
9
13
|
### Ruby
|
10
|
-
Risu has been tested with ruby-1.9.3-p392
|
14
|
+
Risu has been tested with ruby-1.9.3-p392, ruby-2.0.0 and ruby-2.1.0. Please try to use one of these versions if possible. I recommend using RVM to setup your ruby environment you can get it [here](https://rvm.beginrescueend.com/).
|
11
15
|
|
12
16
|
### RubyGems
|
13
17
|
Risu relies heavily on [RubyGems](http://rubygems.org/) to install other dependencies I highly recommend using it. RubyGems is included by default in the 1.9.x versions of [Ruby](http://ruby-lang.org/).
|
@@ -75,7 +79,7 @@ Using the risu Console is just like using Rails. You can access all of the Activ
|
|
75
79
|
|_| |_|___/\__,_|
|
76
80
|
|
77
81
|
|
78
|
-
risu Console v1.
|
82
|
+
risu Console v1.7.0
|
79
83
|
>> Host.first
|
80
84
|
=> #<Risu::Models::Host id: 1, report_id: 1, name: "10.69.69.74", os: "Linux Kernel 2.6 on Debian 4.0 (etch)", mac: "XX:XX:XX:XX:XX:XX", start: "2011-04-20 16:29:37", end: "2011-04-20 16:32:14", ip: "10.69.69.74", fqdn: "redada.arxopia.net", netbios: "REDADA", local_checks_proto: nil, smb_login_used: nil, ssh_auth_meth: nil, ssh_login_used: nil, pci_dss_compliance: nil, notes: nil>
|
81
85
|
|
@@ -113,6 +117,9 @@ If you would like to contribute templates/bug fixes/etc to risu. The easiest way
|
|
113
117
|
# Issues
|
114
118
|
If you have any problems, bugs or feature requests please use the [github issue tracker](http://github.com/arxopia/risu/issues).
|
115
119
|
|
120
|
+
# Donations / tips
|
121
|
+
Feel free to donate or tip to BTC: 1Cfd5G6rJmSBrNcTHxEgE4uYgH7XZJPY7Z
|
122
|
+
|
116
123
|
# Contact
|
117
124
|
You can reach me at risu[at]arxopia[dot]com.
|
118
125
|
|
data/Rakefile
CHANGED
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2010-
|
1
|
+
# Copyright (c) 2010-2014 Arxopia LLC.
|
2
2
|
# All rights reserved.
|
3
3
|
#
|
4
4
|
# Redistribution and use in source and binary forms, with or without
|
@@ -44,7 +44,7 @@ end
|
|
44
44
|
|
45
45
|
task :release => [:tag_and_bag, :build] do
|
46
46
|
system "gem push #{Risu::APP_NAME}-#{Risu::VERSION}.gem"
|
47
|
-
puts "Just released #{Risu::APP_NAME} v#{Risu::VERSION}. #{Risu::APP_NAME} is an Nessus XML parser/database. More information at http://arxopia.com/projects/risu/"
|
47
|
+
puts "Just released #{Risu::APP_NAME} v#{Risu::VERSION}. #{Risu::APP_NAME} is an Nessus XML parser/database/report generator. More information at http://arxopia.com/projects/risu/"
|
48
48
|
end
|
49
49
|
|
50
50
|
task :clean do
|
data/bin/risu
CHANGED
@@ -1,6 +1,6 @@
|
|
1
1
|
#!/usr/bin/env ruby
|
2
2
|
|
3
|
-
# Copyright (c) 2010-
|
3
|
+
# Copyright (c) 2010-2014 Arxopia LLC.
|
4
4
|
# All rights reserved.
|
5
5
|
#
|
6
6
|
# Redistribution and use in source and binary forms, with or without
|
@@ -23,8 +23,8 @@
|
|
23
23
|
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
|
24
24
|
# OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
25
25
|
# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
26
|
-
#OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
27
|
-
#OF THE POSSIBILITY OF SUCH DAMAGE.
|
26
|
+
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
27
|
+
# OF THE POSSIBILITY OF SUCH DAMAGE.
|
28
28
|
|
29
29
|
$LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '/../lib'))
|
30
30
|
|
data/lib/risu.rb
CHANGED
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2010-
|
1
|
+
# Copyright (c) 2010-2014 Arxopia LLC.
|
2
2
|
# All rights reserved.
|
3
3
|
#
|
4
4
|
# Redistribution and use in source and binary forms, with or without
|
@@ -26,11 +26,15 @@
|
|
26
26
|
|
27
27
|
module Risu
|
28
28
|
APP_NAME = "risu"
|
29
|
-
VERSION = "1.
|
29
|
+
VERSION = "1.7.0"
|
30
30
|
GRAPH_WIDTH = 750
|
31
|
+
# red orange yellow green blue purple grey pink
|
32
|
+
GRAPH_COLORS = %w(#d2403f #ec9241 #fcc343 #50ad51 #397bbb #8E6B8E black #cccccc brown #e52d89)
|
33
|
+
GITHUB = "http://github.com/arxopia/risu"
|
31
34
|
EMAIL = "risu@arxopia.com"
|
32
35
|
CONFIG_FILE = "./risu.cfg"
|
33
36
|
USER_TEMPLATES_DIR = "~/.risu/templates/"
|
37
|
+
|
34
38
|
end
|
35
39
|
|
36
40
|
require 'rails'
|
data/lib/risu/base.rb
CHANGED
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c) 2010-
|
1
|
+
# Copyright (c) 2010-2014 Arxopia LLC.
|
2
2
|
# All rights reserved.
|
3
3
|
#
|
4
4
|
# Redistribution and use in source and binary forms, with or without
|
@@ -21,8 +21,8 @@
|
|
21
21
|
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
|
22
22
|
# OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
23
23
|
# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
24
|
-
#OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
-
#OF THE POSSIBILITY OF SUCH DAMAGE.
|
24
|
+
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
+
# OF THE POSSIBILITY OF SUCH DAMAGE.
|
26
26
|
|
27
27
|
module Risu
|
28
28
|
module Base
|
@@ -32,4 +32,11 @@ end
|
|
32
32
|
require 'risu/base/template_base'
|
33
33
|
require 'risu/base/template_manager'
|
34
34
|
require 'risu/base/templater'
|
35
|
+
require 'risu/base/host_template_helper'
|
36
|
+
require 'risu/base/malware_template_helper'
|
37
|
+
require 'risu/base/graph_template_helper'
|
38
|
+
require 'risu/base/shares_template_helper'
|
35
39
|
require 'risu/base/template_helper'
|
40
|
+
|
41
|
+
require 'risu/base/post_process_base'
|
42
|
+
require 'risu/base/post_process_manager'
|
@@ -0,0 +1,71 @@
|
|
1
|
+
# Copyright (c) 2012-2014 Arxopia LLC.
|
2
|
+
# All rights reserved.
|
3
|
+
#
|
4
|
+
# Redistribution and use in source and binary forms, with or without
|
5
|
+
# modification, are permitted provided that the following conditions are met:
|
6
|
+
#
|
7
|
+
# * Redistributions of source code must retain the above copyright
|
8
|
+
# notice, this list of conditions and the following disclaimer.
|
9
|
+
# * Redistributions in binary form must reproduce the above copyright
|
10
|
+
# notice, this list of conditions and the following disclaimer in the
|
11
|
+
# documentation and/or other materials provided with the distribution.
|
12
|
+
# * Neither the name of the Arxopia LLC nor the names of its contributors
|
13
|
+
# may be used to endorse or promote products derived from this software
|
14
|
+
# without specific prior written permission.
|
15
|
+
#
|
16
|
+
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
|
17
|
+
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
18
|
+
# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
19
|
+
# DISCLAIMED. IN NO EVENT SHALL ARXOPIA LLC BE LIABLE FOR ANY DIRECT, INDIRECT,
|
20
|
+
# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
21
|
+
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
|
22
|
+
# OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
23
|
+
# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
24
|
+
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
|
+
# OF THE POSSIBILITY OF SUCH DAMAGE.
|
26
|
+
|
27
|
+
module Risu
|
28
|
+
module Templates
|
29
|
+
module GraphTemplateHelper
|
30
|
+
|
31
|
+
#
|
32
|
+
def other_os_graph_page
|
33
|
+
if Host.other_os_graph_has_data?
|
34
|
+
new_page
|
35
|
+
@output.image Host.other_os_graph, :width => 500, :height => 375, :position => :center
|
36
|
+
text Host.other_os_graph_text
|
37
|
+
end
|
38
|
+
end
|
39
|
+
|
40
|
+
#
|
41
|
+
def windows_os_graph_page
|
42
|
+
if Host.windows_os_graph_has_data?
|
43
|
+
new_page
|
44
|
+
@output.image Host.windows_os_graph, :width => 500, :height => 375, :position => :center
|
45
|
+
text Host.windows_os_graph_text
|
46
|
+
end
|
47
|
+
end
|
48
|
+
|
49
|
+
#
|
50
|
+
def root_cause_graph_page
|
51
|
+
new_page
|
52
|
+
@output.image Plugin.root_cause_graph, :width => 500, :height => 375, :position => :center
|
53
|
+
text Plugin.root_cause_graph_text
|
54
|
+
end
|
55
|
+
|
56
|
+
#
|
57
|
+
def risks_by_service_graph_page
|
58
|
+
new_page
|
59
|
+
@output.image Item.risks_by_service_graph(10), :width => 500, :height => 375, :position => :center
|
60
|
+
text Item.risks_by_service_graph_text
|
61
|
+
end
|
62
|
+
|
63
|
+
#
|
64
|
+
def risks_by_severity_graph_page
|
65
|
+
new_page
|
66
|
+
@output.image Item.risks_by_severity_graph, :width => 500, :height => 375, :position => :center
|
67
|
+
text Item.risks_by_severity_graph_text, :inline_format => true
|
68
|
+
end
|
69
|
+
end
|
70
|
+
end
|
71
|
+
end
|