risu 1.7.5 → 1.7.6
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +16 -10
- data/Gemfile.lock +125 -102
- data/LICENSE +2 -1
- data/NEWS.markdown +23 -2
- data/README.markdown +35 -22
- data/Rakefile +4 -4
- data/bin/risu +1 -1
- data/lib/risu.rb +12 -7
- data/lib/risu/base.rb +1 -1
- data/lib/risu/base/post_process_base.rb +2 -3
- data/lib/risu/base/post_process_manager.rb +2 -2
- data/lib/risu/base/schema.rb +3 -3
- data/lib/risu/base/shares_template_helper.rb +37 -3
- data/lib/risu/base/template_base.rb +2 -2
- data/lib/risu/base/template_helper.rb +4 -4
- data/lib/risu/base/template_manager.rb +2 -2
- data/lib/risu/base/templater.rb +1 -1
- data/lib/risu/cli.rb +1 -1
- data/lib/risu/cli/application.rb +7 -6
- data/lib/risu/cli/banner.rb +1 -1
- data/lib/risu/exceptions.rb +1 -1
- data/lib/risu/exceptions/invaliddocument.rb +1 -1
- data/lib/risu/graphs.rb +32 -0
- data/lib/risu/graphs/top_vuln_graph.rb +59 -0
- data/lib/risu/graphs/windows_os_graph.rb +134 -0
- data/lib/risu/models.rb +1 -1
- data/lib/risu/models/attachment.rb +1 -1
- data/lib/risu/models/familyselection.rb +1 -1
- data/lib/risu/models/host.rb +100 -44
- data/lib/risu/models/hostproperty.rb +1 -1
- data/lib/risu/models/individualpluginselection.rb +1 -1
- data/lib/risu/models/item.rb +43 -15
- data/lib/risu/models/patch.rb +1 -1
- data/lib/risu/models/plugin.rb +2 -2
- data/lib/risu/models/pluginspreference.rb +1 -1
- data/lib/risu/models/policy.rb +1 -1
- data/lib/risu/models/reference.rb +4 -3
- data/lib/risu/models/report.rb +2 -2
- data/lib/risu/models/serverpreference.rb +1 -1
- data/lib/risu/models/servicedescription.rb +1 -1
- data/lib/risu/models/version.rb +1 -1
- data/lib/risu/parsers.rb +1 -1
- data/lib/risu/parsers/nessus/nessus_document.rb +7 -1
- data/lib/risu/parsers/nessus/nessus_sax_listener.rb +6 -4
- data/lib/risu/parsers/nessus/postprocess.rb +2 -2
- data/lib/risu/parsers/nessus/postprocess/adobe_acrobat.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/adobe_air.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/adobe_reader.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/apache.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/apache_tomcat.rb +53 -0
- data/lib/risu/parsers/nessus/postprocess/apple_quicktime.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/blackberry_enterprise_server.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/ca_brightstor_arcserve.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/core_ftp.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/db2.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/downgrade_plugins.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/filezilla.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/firefox.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/flash_player.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/flexnet.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/foxit_reader.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/google_chrome.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/hp_system_mgt_homepage.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/java.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/openssh.rb +3 -1
- data/lib/risu/parsers/nessus/postprocess/openssl.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/oracle_database.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/php.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/post_process.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/risk_score.rb +2 -2
- data/lib/risu/parsers/nessus/postprocess/root_cause.rb +12 -7
- data/lib/risu/parsers/nessus/postprocess/servu.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/shockwave.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/sigplus_pro.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/symantec_pcanywhere.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/vlc.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/vmware_esxi.rb +3 -1
- data/lib/risu/parsers/nessus/postprocess/vmware_player.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/vmware_vcenter.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/vmware_vsphere_client.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/windows.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/winscp.rb +1 -1
- data/lib/risu/parsers/nessus/postprocess/wireshark.rb +1 -1
- data/lib/risu/parsers/nexpose/nexpose_document.rb +1 -1
- data/lib/risu/parsers/nexpose/simple_nexpose.rb +3 -3
- data/lib/risu/renderers.rb +1 -1
- data/lib/risu/renderers/csvrenderer.rb +4 -4
- data/lib/risu/renderers/nilrenderer.rb +4 -4
- data/lib/risu/renderers/pdfrenderer.rb +5 -5
- data/lib/risu/template_helpers.rb +32 -0
- data/lib/risu/templates/assets.rb +1 -1
- data/lib/risu/templates/cover_sheet.rb +1 -1
- data/lib/risu/templates/exec_summary.rb +1 -1
- data/lib/risu/templates/executive_summary_detailed.rb +1 -1
- data/lib/risu/templates/exploitablity_summary.rb +1 -1
- data/lib/risu/templates/finding_statistics.rb +1 -1
- data/lib/risu/templates/findings_host.rb +1 -1
- data/lib/risu/templates/findings_summary.rb +1 -1
- data/lib/risu/templates/findings_summary_with_pluginid.rb +1 -1
- data/lib/risu/templates/graphs.rb +1 -1
- data/lib/risu/templates/host_findings_csv.rb +1 -1
- data/lib/risu/templates/host_summary.rb +1 -1
- data/lib/risu/templates/malicious_process_detection.rb +1 -1
- data/lib/risu/templates/missing_root_causes.rb +1 -1
- data/lib/risu/templates/ms_patch_summary.rb +1 -1
- data/lib/risu/templates/ms_update_summary.rb +1 -1
- data/lib/risu/templates/ms_wsus_findings.rb +1 -1
- data/lib/risu/templates/notable.rb +1 -1
- data/lib/risu/templates/notable_detailed.rb +1 -1
- data/lib/risu/templates/pci_compliance.rb +1 -1
- data/lib/risu/templates/stig_findings_summary.rb +2 -2
- data/lib/risu/templates/talking_points.rb +5 -5
- data/lib/risu/templates/technical_findings.rb +1 -1
- data/lib/risu/templates/template.rb +1 -1
- data/lib/risu/templates/top_25.rb +1 -1
- data/lib/risu/version.rb +33 -0
- data/risu.gemspec +21 -20
- metadata +161 -67
- data/Gemfile.ci +0 -12
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: afeb7452a6387818f031b7eb9be509fb7b8b1f91
|
4
|
+
data.tar.gz: d0c0482d6673456aaa3eb7ffd32f928df5ba4d03
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: c009a3228e6fb7a9b84b256610fcd61381c223520e8f9ff9a3412c577fd4690f0adceeea0dfde312d3f78519c5337ce8560af3b5100cb79eeabd0f9533cf043e
|
7
|
+
data.tar.gz: abf5109f7c5ebc5f1931c1cebaa4290ae740140364ca0d9503f3901ab09f04a38b69179fdb1031663bb489ac393b3b470c76fd21567bb47ba84f9923eef6cac5
|
data/Gemfile
CHANGED
@@ -1,12 +1,18 @@
|
|
1
1
|
source "https://rubygems.org"
|
2
|
+
gemspec
|
2
3
|
|
3
|
-
|
4
|
-
gem
|
5
|
-
gem
|
6
|
-
gem
|
7
|
-
gem
|
8
|
-
|
9
|
-
gem
|
10
|
-
gem "
|
11
|
-
gem
|
12
|
-
gem
|
4
|
+
#
|
5
|
+
# gem 'simplecov', '~> 0.11.0'
|
6
|
+
# gem 'yard', '~> 0.8.0'
|
7
|
+
# gem 'minitest', '~> 5.0'
|
8
|
+
# gem 'test-unit'
|
9
|
+
#
|
10
|
+
# gem 'rails', "~> 4.2.5"
|
11
|
+
# gem 'libxml-ruby', "~> 2.8.0"
|
12
|
+
# gem 'prawn', "~> 2.0.2"
|
13
|
+
# gem 'prawn-table', "~> 0.2.2"
|
14
|
+
# gem 'gruff', "~> 0.6.0"
|
15
|
+
# gem 'mysql2', "~> 0.4.1"
|
16
|
+
# gem 'rmagick', "~> 2.15.4"
|
17
|
+
# gem 'sqlite3', "~> 1.3.11"
|
18
|
+
# gem 'nokogiri', "~> 1.6.7"
|
data/Gemfile.lock
CHANGED
@@ -1,118 +1,141 @@
|
|
1
|
+
PATH
|
2
|
+
remote: .
|
3
|
+
specs:
|
4
|
+
risu (1.7.6)
|
5
|
+
gruff (~> 0.6, >= 0.6.0)
|
6
|
+
libxml-ruby (~> 2.8, >= 2.8.0)
|
7
|
+
mysql2 (~> 0.4, >= 0.4.2)
|
8
|
+
nokogiri (~> 1.6, >= 1.6.7)
|
9
|
+
prawn (~> 2.0, >= 2.0.2)
|
10
|
+
prawn-table (~> 0.2, >= 0.2.2)
|
11
|
+
rails (~> 4.2, >= 4.2.5)
|
12
|
+
rmagick (~> 2.15, >= 2.15.4)
|
13
|
+
sqlite3 (~> 1.3, >= 1.3.11)
|
14
|
+
|
1
15
|
GEM
|
2
|
-
remote: https://rubygems.org/
|
3
16
|
specs:
|
4
|
-
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
17
|
+
actionmailer (4.2.5)
|
18
|
+
actionpack (= 4.2.5)
|
19
|
+
actionview (= 4.2.5)
|
20
|
+
activejob (= 4.2.5)
|
21
|
+
mail (~> 2.5, >= 2.5.4)
|
22
|
+
rails-dom-testing (~> 1.0, >= 1.0.5)
|
23
|
+
actionpack (4.2.5)
|
24
|
+
actionview (= 4.2.5)
|
25
|
+
activesupport (= 4.2.5)
|
26
|
+
rack (~> 1.6)
|
13
27
|
rack-test (~> 0.6.2)
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
28
|
+
rails-dom-testing (~> 1.0, >= 1.0.5)
|
29
|
+
rails-html-sanitizer (~> 1.0, >= 1.0.2)
|
30
|
+
actionview (4.2.5)
|
31
|
+
activesupport (= 4.2.5)
|
32
|
+
builder (~> 3.1)
|
33
|
+
erubis (~> 2.7.0)
|
34
|
+
rails-dom-testing (~> 1.0, >= 1.0.5)
|
35
|
+
rails-html-sanitizer (~> 1.0, >= 1.0.2)
|
36
|
+
activejob (4.2.5)
|
37
|
+
activesupport (= 4.2.5)
|
38
|
+
globalid (>= 0.3.0)
|
39
|
+
activemodel (4.2.5)
|
40
|
+
activesupport (= 4.2.5)
|
41
|
+
builder (~> 3.1)
|
42
|
+
activerecord (4.2.5)
|
43
|
+
activemodel (= 4.2.5)
|
44
|
+
activesupport (= 4.2.5)
|
45
|
+
arel (~> 6.0)
|
46
|
+
activesupport (4.2.5)
|
47
|
+
i18n (~> 0.7)
|
48
|
+
json (~> 1.7, >= 1.7.7)
|
49
|
+
minitest (~> 5.1)
|
50
|
+
thread_safe (~> 0.3, >= 0.3.4)
|
51
|
+
tzinfo (~> 1.1)
|
52
|
+
arel (6.0.3)
|
53
|
+
builder (3.2.2)
|
54
|
+
docile (1.1.5)
|
34
55
|
erubis (2.7.0)
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
i18n (0.
|
40
|
-
|
41
|
-
|
42
|
-
|
43
|
-
|
44
|
-
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
-
|
51
|
-
|
52
|
-
|
53
|
-
|
54
|
-
|
55
|
-
|
56
|
-
ttfunk
|
57
|
-
|
58
|
-
|
59
|
-
|
60
|
-
|
61
|
-
ttfunk (~> 1.0.3)
|
62
|
-
rack (1.5.2)
|
63
|
-
rack-test (0.6.2)
|
56
|
+
globalid (0.3.6)
|
57
|
+
activesupport (>= 4.1.0)
|
58
|
+
gruff (0.6.0)
|
59
|
+
rmagick (>= 2.13.4)
|
60
|
+
i18n (0.7.0)
|
61
|
+
json (1.8.3)
|
62
|
+
libxml-ruby (2.8.0)
|
63
|
+
loofah (2.0.3)
|
64
|
+
nokogiri (>= 1.5.9)
|
65
|
+
mail (2.6.3)
|
66
|
+
mime-types (>= 1.16, < 3)
|
67
|
+
mime-types (2.99)
|
68
|
+
mini_portile2 (2.0.0)
|
69
|
+
minitest (5.8.3)
|
70
|
+
mysql2 (0.4.2)
|
71
|
+
nokogiri (1.6.7)
|
72
|
+
mini_portile2 (~> 2.0.0.rc2)
|
73
|
+
pdf-core (0.6.0)
|
74
|
+
power_assert (0.2.6)
|
75
|
+
prawn (2.0.2)
|
76
|
+
pdf-core (~> 0.6.0)
|
77
|
+
ttfunk (~> 1.4.0)
|
78
|
+
prawn-table (0.2.2)
|
79
|
+
prawn (>= 1.3.0, < 3.0.0)
|
80
|
+
rack (1.6.4)
|
81
|
+
rack-test (0.6.3)
|
64
82
|
rack (>= 1.0)
|
65
|
-
rails (4.
|
66
|
-
actionmailer (= 4.
|
67
|
-
actionpack (= 4.
|
68
|
-
|
69
|
-
|
83
|
+
rails (4.2.5)
|
84
|
+
actionmailer (= 4.2.5)
|
85
|
+
actionpack (= 4.2.5)
|
86
|
+
actionview (= 4.2.5)
|
87
|
+
activejob (= 4.2.5)
|
88
|
+
activemodel (= 4.2.5)
|
89
|
+
activerecord (= 4.2.5)
|
90
|
+
activesupport (= 4.2.5)
|
70
91
|
bundler (>= 1.3.0, < 2.0)
|
71
|
-
railties (= 4.
|
72
|
-
sprockets-rails
|
73
|
-
|
74
|
-
|
75
|
-
|
92
|
+
railties (= 4.2.5)
|
93
|
+
sprockets-rails
|
94
|
+
rails-deprecated_sanitizer (1.0.3)
|
95
|
+
activesupport (>= 4.2.0.alpha)
|
96
|
+
rails-dom-testing (1.0.7)
|
97
|
+
activesupport (>= 4.2.0.beta, < 5.0)
|
98
|
+
nokogiri (~> 1.6.0)
|
99
|
+
rails-deprecated_sanitizer (>= 1.0.1)
|
100
|
+
rails-html-sanitizer (1.0.2)
|
101
|
+
loofah (~> 2.0)
|
102
|
+
railties (4.2.5)
|
103
|
+
actionpack (= 4.2.5)
|
104
|
+
activesupport (= 4.2.5)
|
76
105
|
rake (>= 0.8.7)
|
77
106
|
thor (>= 0.18.1, < 2.0)
|
78
|
-
rake (10.
|
79
|
-
rmagick (2.
|
80
|
-
|
81
|
-
simplecov (0.8.2)
|
107
|
+
rake (10.4.2)
|
108
|
+
rmagick (2.15.4)
|
109
|
+
simplecov (0.11.1)
|
82
110
|
docile (~> 1.1.0)
|
83
|
-
|
84
|
-
simplecov-html (~> 0.
|
85
|
-
simplecov-html (0.
|
86
|
-
sprockets (
|
87
|
-
|
88
|
-
|
89
|
-
rack (~> 1.0)
|
90
|
-
tilt (~> 1.1, != 1.3.0)
|
91
|
-
sprockets-rails (2.0.1)
|
111
|
+
json (~> 1.8)
|
112
|
+
simplecov-html (~> 0.10.0)
|
113
|
+
simplecov-html (0.10.0)
|
114
|
+
sprockets (3.4.1)
|
115
|
+
rack (> 1, < 3)
|
116
|
+
sprockets-rails (2.3.3)
|
92
117
|
actionpack (>= 3.0)
|
93
118
|
activesupport (>= 3.0)
|
94
|
-
sprockets (
|
95
|
-
sqlite3 (1.3.
|
96
|
-
|
97
|
-
|
98
|
-
|
99
|
-
|
100
|
-
|
101
|
-
|
102
|
-
|
103
|
-
|
104
|
-
tzinfo (0.3.38)
|
119
|
+
sprockets (>= 2.8, < 4.0)
|
120
|
+
sqlite3 (1.3.11)
|
121
|
+
test-unit (3.1.5)
|
122
|
+
power_assert
|
123
|
+
thor (0.19.1)
|
124
|
+
thread_safe (0.3.5)
|
125
|
+
ttfunk (1.4.0)
|
126
|
+
tzinfo (1.2.2)
|
127
|
+
thread_safe (~> 0.1)
|
128
|
+
yard (0.8.7.6)
|
105
129
|
|
106
130
|
PLATFORMS
|
107
131
|
ruby
|
108
132
|
|
109
133
|
DEPENDENCIES
|
110
|
-
|
111
|
-
|
112
|
-
|
113
|
-
|
114
|
-
|
115
|
-
|
116
|
-
|
117
|
-
|
118
|
-
sqlite3
|
134
|
+
minitest (~> 5.0, >= 5.8.3)
|
135
|
+
risu!
|
136
|
+
simplecov (~> 0.11, >= 0.11.1)
|
137
|
+
test-unit (~> 3.1, >= 3.1.5)
|
138
|
+
yard (~> 0.8, >= 0.8.0)
|
139
|
+
|
140
|
+
BUNDLED WITH
|
141
|
+
1.10.6
|
data/LICENSE
CHANGED
@@ -1,4 +1,4 @@
|
|
1
|
-
Copyright (c) 2010-
|
1
|
+
Copyright (c) 2010-2016 Arxopia LLC.
|
2
2
|
All rights reserved.
|
3
3
|
|
4
4
|
Redistribution and use in source and binary forms, with or without
|
@@ -23,3 +23,4 @@ OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
|
23
23
|
LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
24
24
|
OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
25
25
|
OF THE POSSIBILITY OF SUCH DAMAGE.
|
26
|
+
|
data/NEWS.markdown
CHANGED
@@ -1,6 +1,27 @@
|
|
1
1
|
# News
|
2
2
|
|
3
|
-
# 1.7.
|
3
|
+
# 1.7.6 (December 02, 2015)
|
4
|
+
- **NOTICE** Upon next major release, "1.8.0" ruby-2.2.1+ will only be supported. This is due to rails5 dropping support for all previous versions. Risu 1.8.0 will be release shortly after rails5 with this change.
|
5
|
+
- **API CHANGES** Several APIs have been marked deprecated they will be moved in 1.8.0. Stubs will be left behind with warnings until 1.9.0. These changes are mostly to clean up the Models. Right now the models are very fat and interdependent on things they shouldn't. Some of the notable changes will be:
|
6
|
+
- Graphs will be moved to Risu::Graphs
|
7
|
+
- TemplateHelpers will be moved to Risu::TemplateHelpers
|
8
|
+
- When new tags are encountered they are reported after each file now, as a uniqued list. This removes the spam of new tags.
|
9
|
+
- Updated the dependent gems to the latest versions and removed exact version pinning.
|
10
|
+
- rails 4.2.5
|
11
|
+
- libxml-ruby 2.8.0
|
12
|
+
- prawn 2.0.2
|
13
|
+
- gruff 0.6.0
|
14
|
+
- mysql2 0.4.2
|
15
|
+
- rmagick 2.15.4
|
16
|
+
- sqlite3 1.3.11
|
17
|
+
- nokogiri 1.6.7
|
18
|
+
- Massive updates to unit tests
|
19
|
+
- Post Processing
|
20
|
+
- Updated OpenSSH plugin list
|
21
|
+
- Updated VMware ESXi plugin list
|
22
|
+
- Tons of minor tweaks and other changes
|
23
|
+
|
24
|
+
# 1.7.5 (November 6, 2015)
|
4
25
|
- Added initial test for HostProperties
|
5
26
|
- Added fixture for HostProperties testing
|
6
27
|
- Added VMware vCenter Post Processing
|
@@ -82,7 +103,7 @@
|
|
82
103
|
- windows_os_graph_has_data()
|
83
104
|
- HostProperty Model
|
84
105
|
- Added pcidss:insecure_http_methods tag
|
85
|
-
- Added cpe-
|
106
|
+
- Added cpe-XXXX, where XXXX is a digit of the number of CPE found for that host.
|
86
107
|
- Added LastUnauthenticatedResults tag
|
87
108
|
- Added LastAuthenticatedResults tag
|
88
109
|
- Added Credentialed_Scan tag
|
data/README.markdown
CHANGED
@@ -1,17 +1,18 @@
|
|
1
|
-
# risu
|
1
|
+
# risu [![Gem Version](https://badge.fury.io/rb/risu.png)](http://badge.fury.io/rb/risu) [![Build Status](https://travis-ci.org/arxopia/risu.png?branch=master)](https://travis-ci.org/arxopia/risu) [![Code Climate](https://codeclimate.com/github/arxopia/risu/badges/gpa.svg)](https://codeclimate.com/github/arxopia/risu) [![Inline docs](http://inch-ci.org/github/arxopia/risu.png)](http://inch-ci.org/github/arxopia/risu) [![Join the chat at https://gitter.im/arxopia/risu](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/arxopia/risu?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
|
2
2
|
|
3
|
-
[
|
3
|
+
Risu is [Nessus](http://www.nessus.org) parser, that converts Nessus .nessus xml files into a [ActiveRecord](http://api.rubyonrails.org/classes/ActiveRecord/Base.html) database, this allows for easy report generation and vulnerability verification.
|
4
4
|
|
5
|
-
[
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
5
|
+
* [Requirements](#requirements)
|
6
|
+
* [Installation](#installation)
|
7
|
+
* [Usage](#usage)
|
8
|
+
* [Contributing](#contributing)
|
9
|
+
* [Issues](#issues)
|
10
|
+
* [Contact](#contact)
|
10
11
|
|
11
12
|
## Requirements
|
12
13
|
|
13
14
|
### Ruby
|
14
|
-
Risu has been tested with ruby-
|
15
|
+
Risu has been tested with ruby-2.0.0, ruby-2.1.0 and ruby-2.2.3. Please try to use one of these versions if possible. I recommend using RVM to setup your ruby environment you can get it [here](https://rvm.beginrescueend.com/).
|
15
16
|
|
16
17
|
### RubyGems
|
17
18
|
Risu relies heavily on [RubyGems](http://rubygems.org/) to install other dependencies I highly recommend using it. RubyGems is included by default in the 1.9.x versions of [Ruby](http://ruby-lang.org/).
|
@@ -29,19 +30,31 @@ Risu relies heavily on [RubyGems](http://rubygems.org/) to install other depende
|
|
29
30
|
## Installation
|
30
31
|
Installation is really easy just gem install!
|
31
32
|
|
32
|
-
|
33
|
+
% gem install risu
|
33
34
|
|
34
|
-
|
35
|
+
### Runtime Requirements
|
35
36
|
|
36
37
|
These are all available through [RubyGems](http://rubygems.org/). The should be installed automatically when you install risu, If not this command will install them all:
|
37
38
|
|
38
39
|
% gem install rmagick gruff prawn yard mysql2 libxml-ruby rails sqlite3 logger yaml nokogiri
|
39
40
|
|
40
|
-
**You my need sudo/root access depending on your system setup
|
41
|
+
**You my need sudo/root access depending on your system setup, Please see detailed install guides for your system!**
|
42
|
+
|
43
|
+
### Developmental Requirements
|
44
|
+
|
45
|
+
These are all available through [RubyGems](http://rubygems.org/). These are required to run the tests, generate the documentation and test coverage. This command will install them all:
|
46
|
+
|
47
|
+
% gem install simplecov yard minitest test-unit
|
48
|
+
|
49
|
+
**You my need sudo/root access depending on your system setup, Please see detailed install guides for your system!**
|
41
50
|
|
42
51
|
Any database that ActiveRecord supports should work. Risu has been tested with [MySQL](http://www.mysql.com/) and [SQLite3](http://sqlite.org/).
|
43
52
|
|
44
|
-
##
|
53
|
+
## Usage
|
54
|
+
|
55
|
+
The following is some of the basic usage for risu. You must setup the database before you can start parsing in reports. All parsed reports share the same database, so all reports are combined as one inside of a database. I suggest a new database per required assessment.
|
56
|
+
|
57
|
+
### Database Setup
|
45
58
|
|
46
59
|
% risu --create-config
|
47
60
|
% $EDITOR risu.cfg
|
@@ -51,22 +64,22 @@ Any database that ActiveRecord supports should work. Risu has been tested with [
|
|
51
64
|
2. Edit the risu.cfg file, filling in the variables as needed.
|
52
65
|
3. Migrate the database schema.
|
53
66
|
|
54
|
-
|
67
|
+
### Parsing Nessus Output
|
55
68
|
|
56
69
|
% risu report1.nessus [report2.nessus ...]
|
57
70
|
|
58
71
|
1. Parse the files by passing their names on the command line.
|
59
72
|
|
60
73
|
|
61
|
-
|
62
|
-
The data can be viewed with
|
74
|
+
## Viewing Data
|
75
|
+
The data can be viewed with any query browser available for your database of choice.
|
63
76
|
|
64
|
-
|
77
|
+
### Generating Reports
|
65
78
|
To generate a report please execute the following after the the data is parsed into the database.
|
66
79
|
|
67
80
|
% risu -t <TEMPLATE_NAME> -o "REPORT_NAME.pdf"
|
68
81
|
|
69
|
-
|
82
|
+
### Risu Console
|
70
83
|
|
71
84
|
Using the risu Console is just like using Rails. You can access all of the ActiveRecord models directly and pull specific data from each model. Like SQL only easier!
|
72
85
|
|
@@ -76,7 +89,7 @@ Using the risu Console is just like using Rails. You can access all of the Activ
|
|
76
89
|
_ __(_)___ _ _
|
77
90
|
| '__| / __| | | |
|
78
91
|
| | | \__ \ |_| |
|
79
|
-
|_| |_|___/\__,_|
|
92
|
+
|_| |_|___/\__,_|_
|
80
93
|
|
81
94
|
|
82
95
|
risu Console v1.7.2
|
@@ -112,15 +125,15 @@ Several templates are included:
|
|
112
125
|
The templates are written in ruby using [prawn](http://prawn.majesticseacreature.com/), they are fairly easy to make. I will add any templates as requested. See the 'template' example for creating your own template.
|
113
126
|
|
114
127
|
# Contributing
|
115
|
-
If you would like to contribute templates/bug fixes/etc to risu. The easiest way is to fork the project on [github](http://github.com/arxopia/risu) and make the changes in your fork and the submit a pull request to the project.
|
128
|
+
If you would like to contribute templates/bug fixes/etc to risu. The easiest way is to fork the project on [github](http://github.com/arxopia/risu) and make the changes in your fork and the submit a pull request to the project on the dev branch. Please include unit tests for anything non trivial.
|
116
129
|
|
117
130
|
# Issues
|
118
131
|
If you have any problems, bugs or feature requests please use the [github issue tracker](http://github.com/arxopia/risu/issues).
|
119
132
|
|
120
|
-
# Donations / tips
|
121
|
-
Feel free to donate or tip to BTC: 1Cfd5G6rJmSBrNcTHxEgE4uYgH7XZJPY7Z
|
122
|
-
|
123
133
|
# Contact
|
124
134
|
You can reach me at risu[at]arxopia[dot]com.
|
125
135
|
|
126
136
|
You can also contact me on IRC as hammackj on irc.freenode.net, #risu
|
137
|
+
|
138
|
+
# Donations / tips
|
139
|
+
Feel free to donate or tip to BTC: 1Cfd5G6rJmSBrNcTHxEgE4uYgH7XZJPY7Z
|