ruby-nessus2 2.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: dfbb0cc4b36dc02060dca5a459faeaad1b20b56c164877ddd0acd58cd94388f8
+  data.tar.gz: f90aedfb65787d0581ec50b8a028bb6bd92a429a63dace56456b43a2a6609538
+SHA512:
+  metadata.gz: 340eb02d96eebc0cf51c8938df59d78502396651fa38162452361bb953880dfb4152abea5cc1b31fb3f6d8a0f2603dc5d24f8f13eb67634c9167287d45d5a85a
+  data.tar.gz: 4e374de44ad59e08518df095709f8399d8cb0283c660fd0b1113ba6cccf37fa9f805dfae08ba67ebf4b611071c2ffae0f8556f9bd79a1d5b38b16178a1af8709

data/.drone.yml

@@ -0,0 +1,51 @@
+clone:
+  git:
+    image: plugins/git
+    branch: master
+    depth: 32767
+
+workspace:
+  base: /build
+  path: src/github.com/mephux/ruby-nessus
+
+pipeline:
+  normal:
+    image: mephux/docker-golang
+    environment:
+      - GO15VENDOREXPERIMENT=1
+    commands:
+      - export GEM_HOME=$HOME/.gem
+      - export GEM_PATH=$HOME/.gem
+      - export PATH=$PATH:$GEM_PATH/bin
+      - apk add --update rpm ruby-dev gcc make > /dev/null 2>&1
+      - gem install bundler --no-rdoc --no-ri --no-document
+      - bundle install --jobs=3 --retry=3
+      - bundle exec rubocop -F --fail-level C -f s
+      - bundle exec rspec spec
+    when:
+      event: [push]
+  dist:
+    image: mephux/docker-golang
+    environment:
+      - GO15VENDOREXPERIMENT=1
+    commands:
+      - export GEM_HOME=$HOME/.gem
+      - export GEM_PATH=$HOME/.gem
+      - export PATH=$PATH:$GEM_PATH/bin
+      - apk add --update rpm ruby-dev gcc make > /dev/null 2>&1
+      - gem install bundler --no-rdoc --no-ri --no-document
+      - bundle install --jobs=3 --retry=3
+      - bundle exec rubocop -F --fail-level C -f s
+      - bundle exec rspec spec
+      - gem build ruby-nessus.gemspec
+      - gem push ruby-nessus.gem --key=$$rubygems
+    when:
+      event: [tag]
+publish:
+  github_release:
+    api_key: $$GITHUB
+    files: dist/*xz
+    file_exists: fail
+    # draft: true
+    when:
+      event: tag

data/.gitignore

@@ -0,0 +1,5 @@
+doc/
+pkg/
+.
+.idea
+coverage

data/.rspec

@@ -0,0 +1 @@
+--colour --format documentation

data/.rubocop.yml

@@ -0,0 +1,4 @@
+inherit_from: .rubocop_todo.yml
+
+AllCops:
+  TargetRubyVersion: 2.3

data/.rubocop_todo.yml

@@ -0,0 +1,124 @@
+# This configuration was generated by
+# `rubocop --auto-gen-config`
+# on 2017-12-21 10:52:38 +0100 using RuboCop version 0.52.0.
+# The point is for the user to remove these configuration records
+# one by one as the offenses are removed from the code base.
+# Note that changes in the inspected code, or installation of new
+# versions of RuboCop, may require this file to be generated again.
+
+# Offense count: 1
+Lint/DuplicateMethods:
+  Exclude:
+    - 'lib/ruby-nessus/version1/port.rb'
+
+# Offense count: 7
+Metrics/AbcSize:
+  Max: 70
+
+# Offense count: 11
+# Configuration parameters: CountComments, ExcludedMethods.
+Metrics/BlockLength:
+  Max: 79
+
+# Offense count: 5
+# Configuration parameters: CountComments.
+Metrics/ClassLength:
+  Max: 187
+
+# Offense count: 2
+Metrics/CyclomaticComplexity:
+  Max: 12
+
+# Offense count: 10
+# Configuration parameters: CountComments.
+Metrics/MethodLength:
+  Max: 49
+
+# Offense count: 2
+Metrics/PerceivedComplexity:
+  Max: 9
+
+# Offense count: 1
+Naming/AccessorMethodName:
+  Exclude:
+    - 'lib/ruby-nessus/version1/host.rb'
+
+# Offense count: 2
+# Configuration parameters: ExpectMatchingDefinition, Regex, IgnoreExecutableScripts, AllowedAcronyms.
+# AllowedAcronyms: CLI, DSL, ACL, API, ASCII, CPU, CSS, DNS, EOF, GUID, HTML, HTTP, HTTPS, ID, IP, JSON, LHS, QPS, RAM, RHS, RPC, SLA, SMTP, SQL, SSH, TCP, TLS, TTL, UDP, UI, UID, UUID, URI, URL, UTF8, VM, XML, XMPP, XSRF, XSS
+Naming/FileName:
+  Exclude:
+    - 'lib/ruby-nessus.rb'
+    - 'lib/ruby-nessus/ruby-nessus.rb'
+
+# Offense count: 5
+Style/DateTime:
+  Exclude:
+    - 'lib/ruby-nessus/version1/host.rb'
+    - 'lib/ruby-nessus/version1/scan.rb'
+
+# Offense count: 12
+Style/Documentation:
+  Exclude:
+    - 'spec/**/*'
+    - 'test/**/*'
+    - 'lib/ruby-nessus/cli.rb'
+    - 'lib/ruby-nessus/log.rb'
+    - 'lib/ruby-nessus/parse.rb'
+    - 'lib/ruby-nessus/ruby-nessus.rb'
+    - 'lib/ruby-nessus/version1/event.rb'
+    - 'lib/ruby-nessus/version1/host.rb'
+    - 'lib/ruby-nessus/version1/port.rb'
+    - 'lib/ruby-nessus/version1/scan.rb'
+    - 'lib/ruby-nessus/version2/event.rb'
+    - 'lib/ruby-nessus/version2/host.rb'
+    - 'lib/ruby-nessus/version2/port.rb'
+    - 'lib/ruby-nessus/version2/scan.rb'
+
+# Offense count: 14
+# Configuration parameters: .
+# SupportedStyles: annotated, template, unannotated
+Style/FormatStringToken:
+  EnforcedStyle: unannotated
+
+# Offense count: 10
+# Configuration parameters: MinBodyLength.
+Style/GuardClause:
+  Exclude:
+    - 'lib/ruby-nessus/version1/port.rb'
+    - 'lib/ruby-nessus/version1/scan.rb'
+    - 'lib/ruby-nessus/version2/host.rb'
+    - 'lib/ruby-nessus/version2/scan.rb'
+
+# Offense count: 3
+# Cop supports --auto-correct.
+# Configuration parameters: AutoCorrect, EnforcedStyle.
+# SupportedStyles: predicate, comparison
+Style/NumericPredicate:
+  Exclude:
+    - 'spec/**/*'
+    - 'lib/ruby-nessus/version2/event.rb'
+    - 'lib/ruby-nessus/version2/host.rb'
+    - 'lib/ruby-nessus/version2/scan.rb'
+
+# Offense count: 1
+# Cop supports --auto-correct.
+# Configuration parameters: EnforcedStyle, AllowInnerSlashes.
+# SupportedStyles: slashes, percent_r, mixed
+Style/RegexpLiteral:
+  Exclude:
+    - 'lib/ruby-nessus/version1/port.rb'
+
+# Offense count: 1
+# Cop supports --auto-correct.
+# Configuration parameters: EnforcedStyle.
+# SupportedStyles: implicit, explicit
+Style/RescueStandardError:
+  Exclude:
+    - 'lib/ruby-nessus/cli.rb'
+
+# Offense count: 75
+# Configuration parameters: AllowHeredoc, AllowURI, URISchemes, IgnoreCopDirectives, IgnoredPatterns.
+# URISchemes: http, https
+Metrics/LineLength:
+  Max: 185

data/.travis.yml

@@ -0,0 +1,13 @@
+language: ruby
+sudo: false
+cache: bundler
+rvm:
+  - 2.3.4
+  - 2.4.1
+
+script:
+  - bundle exec rubocop -F --fail-level C -f s
+  - bundle exec rspec spec
+
+notifications:
+  email: false

data/.yardopts

@@ -0,0 +1 @@
+--markup markdown --title "ruby-nessus Documentation" --protected

data/Gemfile

@@ -0,0 +1,6 @@
+# frozen_string_literal: true
+
+source 'https://rubygems.org'
+gemspec
+
+gem 'coveralls', require: false

data/Gemfile.lock

@@ -0,0 +1,75 @@
+PATH
+  remote: .
+  specs:
+    ruby-nessus (2.0.beta)
+      nokogiri (~> 1.4)
+      rainbow (>= 2.0)
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    ast (2.3.0)
+    coveralls (0.8.21)
+      json (>= 1.8, < 3)
+      simplecov (~> 0.14.1)
+      term-ansicolor (~> 1.3)
+      thor (~> 0.19.4)
+      tins (~> 1.6)
+    diff-lcs (1.3)
+    docile (1.1.5)
+    json (2.1.0)
+    mini_portile2 (2.3.0)
+    nokogiri (1.8.1)
+      mini_portile2 (~> 2.3.0)
+    parallel (1.12.1)
+    parser (2.4.0.2)
+      ast (~> 2.3)
+    powerpack (0.1.1)
+    rainbow (3.0.0)
+    rspec (3.7.0)
+      rspec-core (~> 3.7.0)
+      rspec-expectations (~> 3.7.0)
+      rspec-mocks (~> 3.7.0)
+    rspec-core (3.7.0)
+      rspec-support (~> 3.7.0)
+    rspec-expectations (3.7.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.7.0)
+    rspec-mocks (3.7.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.7.0)
+    rspec-support (3.7.0)
+    rubocop (0.52.0)
+      parallel (~> 1.10)
+      parser (>= 2.4.0.2, < 3.0)
+      powerpack (~> 0.1)
+      rainbow (>= 2.2.2, < 4.0)
+      ruby-progressbar (~> 1.7)
+      unicode-display_width (~> 1.0, >= 1.0.1)
+    ruby-progressbar (1.9.0)
+    rubygems-tasks (0.2.4)
+    simplecov (0.14.1)
+      docile (~> 1.1.0)
+      json (>= 1.8, < 3)
+      simplecov-html (~> 0.10.0)
+    simplecov-html (0.10.2)
+    term-ansicolor (1.6.0)
+      tins (~> 1.0)
+    thor (0.19.4)
+    tins (1.16.3)
+    unicode-display_width (1.3.0)
+    yard (0.9.12)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  coveralls
+  rspec (~> 3.7)
+  rubocop (~> 0.51)
+  ruby-nessus!
+  rubygems-tasks (~> 0.1)
+  yard (~> 0.9.11)
+
+BUNDLED WITH
+   1.16.0

data/LICENSE.txt

@@ -0,0 +1,20 @@
+Copyright (c) 2013 Dustin Willis Webber
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,181 @@
+[![Build Status](http://komanda.io:8080/api/badges/mephux/ruby-nessus/status.svg)](http://komanda.io:8080/mephux/ruby-nessus)
+
+# Ruby-Nessus
+
+[![Build Status](https://travis-ci.org/Cyberwatch/ruby-nessus.svg?branch=master)](https://travis-ci.org/Cyberwatch/ruby-nessus)
+[![Coverage Status](https://coveralls.io/repos/github/Cyberwatch/ruby-nessus/badge.svg?branch=master)](https://coveralls.io/github/Cyberwatch/ruby-nessus?branch=master)
+
+## Description
+
+Ruby-Nessus is a ruby interface for the popular Nessus vulnerability scanner. Ruby-Nessus aims to deliver an easy yet powerful interface for interacting and manipulating Nessus scan results and configurations. Ruby-Nessus currently supports both version 1.0 and 2.0 of the .nessus file format. Please remember to submit bugs and request features if needed.
+
+More Information:
+* Documentation: http://rdoc.info/projects/mephux/ruby-nessus
+
+## Install
+
+  ```sudo gem install ruby-nessus```
+
+## Usage & Examples
+
+The below example illustrates how easy it really is to iterate over result data.
+```ruby  
+  require 'rubygems'
+  require 'ruby-nessus'
+
+  RubyNessus::Parse.new("example_v1.nessus", :version => 1) do |scan|
+  # OR: RubyNessus::Parse.new("example_v2.nessus") do |scan|   <-- Ruby-Nessus will figured out the correct Nessus file version.
+  
+    puts scan.title                     # The Nessus Report Title.
+    puts scan.host_count                # Host Count.
+    puts scan.unique_ports              # All Unique Ports Seen.
+
+    scan.hosts.each do |host|
+      next if host.event_count.zero?    # Next Host If Event Count Is Zero.
+      puts host.hostname                # The HostName For The Current Host.
+      puts host.event_count             # The Event Count For The Current Host.
+
+      host.events.each do |event|
+        next if event.severity.medium?  # Next Event Is The Event Severity Is Low. (supports high? medium? low?)
+        puts event.name if event.name   # The Event Name If Not Blank.
+        puts event.port                 # The Event Port. (supports .number, .protocol and .service)
+        puts event.severity             # The Event Severity (0->Informational, 1->low, 2->medium, 3->high, 4->critical)
+        puts event.plugin_id            # The Nessus Plugin ID.
+        puts event.data if event.data   # Raw Nessus Plugin Output Data.
+      end
+    end
+  end
+```
+
+You also have the ability to search for particular hostnames. In the near future I plan to add the ability to pass the hosts block a hash of options for more complex searches.
+```ruby
+  scan.find_by_hostname("127.0.0.1") do |host|
+
+    puts host.scan_start_time
+    puts host.scan_stop_time
+    puts host.scan_runtime
+
+    host.high_severity_events do |event|
+      puts event.severity
+      puts event.port
+      puts event.data if event.data
+    end
+
+  end
+```
+There are a bunch of convenient methods (maybe more then needed) added to make reporting a bit easier to produce quickly from a raw scan file. If you do not pass :version as an option it will default to the 2.0 .nessus schema.
+```ruby
+  RubyNessus::Parse.new("example_v2.nessus") do |scan|
+
+    puts scan.event_percentage_for('low', true) #=> 8%
+
+    puts scan.critical_severity_count       # Critical Severity Event Count
+    puts scan.high_severity_count           # High Severity Event Count
+    puts scan.medium_severity_count         # Medium Severity Event Count
+    puts scan.low_severity_count            # Low Severity Event Count
+    puts scan.open_ports_count              # Open Port Count
+
+    puts scan.total_event_count #=> 3411    # Total Event Count
+    puts scan.hosts.count #=> 12
+
+    
+    scan.host.each do |host|
+      puts host.hostname
+      puts host.event_percentage_for('low', true)
+      puts host.tcp_count #=> tcp, icmp, udp supported.
+    
+      host.events.each do |event|
+        next if event.informational?
+        
+        puts event.severity
+        puts event.synopsis
+        puts event.description
+        puts event.solution
+        puts event.output
+        puts event.risk
+        
+      end
+  
+    end
+
+  end
+```
+Ruby-Nessus also ships with a POC CLI application for the lib called 'recess':
+```  
+  Recess 0.1.1
+  usage: recess FILE [OPTIONS]
+      -f, --file FILE                  The .nessus file to parse.
+      -h, --help                       This help summary page.
+      -v, --version                    Recess Version.
+```
+Below is example output generated by recess:
+```  
+  $> recess examples/example_v2.nessus 
+  Recess - Ruby-Nessus CLI
+  Version: 0.1.1
+
+  -> SCAN Metadata: 
+
+  	Scan Title: Ruby-Nessus
+  	Policy Title: Ruby-Nessus
+
+  -> SCAN Statistics: 
+
+  	Host Count: 2
+  	Open Port Count: 51
+  	TCP Count: 38
+  	UDP Count: 11
+  	ICMP Count: 1
+
+  -> EVENT Statistics: 
+
+  	Informational Severity Count: 19
+  	Low Severity Count: 47
+  	Medium Severity Count: 3
+  	High Severity Count: 0
+  	Total Event Count: 50
+
+
+  	Low Event Percentage: 94
+  	Medium Event Percentage: 6
+  	High Event Percentage: 0
+
+  -> HOSTS: 
+
+  	Hostname: snorby.org
+  		- IP Address:: 173.45.230.150
+  		- Informational Count: 12
+  		- Low Count: 34
+  		- Medium Count: 1
+  		- High Count: 0
+
+  	Hostname: scanme.insecure.org
+  		- IP Address:: 64.13.134.52
+  		- Informational Count: 7
+  		- Low Count: 13
+  		- Medium Count: 2
+  		- High Count: 0
+```  
+## Requirements
+* Ruby >= 2.3
+* Nokogiri http://github.com/tenderlove/nokogiri
+
+## Todo
+* Add The Ability to parse the scan configuration and plugin options.
+* Building XML (.nessus) files configurations
+* Add Support For NBE File Formats.
+
+## Note on Patches & Pull Requests 
+* Fork the project.
+* Make your feature addition or bug fix.
+* Add tests for it. This is important so I don't break it in a
+  future version unintentionally.
+* Commit, do not mess with rakefile, version, or history.
+  (if you want to have your own version, that is fine but bump version in a commit by itself I can ignore when I pull)
+* Send me a pull request. Bonus points for topic branches.
+
+## Copyright
+
+Copyright (c) 2009 Dustin Willis Webber. See LICENSE for details.
+
+Copyright (c) 2017 Florian Wininger. See LICENSE for details.