ruby_burp 1.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/lib/ruby_burp.rb +51 -0
- data/lib/ruby_burp/rb_host.rb +8 -0
- data/lib/ruby_burp/rb_issue.rb +3 -0
- data/lib/ruby_burp/rb_reference.rb +21 -0
- data/lib/ruby_burp/rb_request.rb +40 -0
- data/lib/ruby_burp/rb_response.rb +38 -0
- data/lib/ruby_burp/rb_vulnerability_classification.rb +22 -0
- data/lib/ruby_burp/version.rb +3 -0
- metadata +52 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: 757c3b327d0a5d016a8ecae7766365cc0f4a32be
|
4
|
+
data.tar.gz: 8c8ffeaea906bb2235a552103155630f125217fe
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: 5bf68134ff68b1b9c1879732879b5cc5b6e660ba63489f6a8a4581e77b0e4f501c495c0e8b07e721c5a02023700c67b6f3e2bb1a7c0d8d6c2409950c766bd8cd
|
7
|
+
data.tar.gz: 0c75a43ca7525841fd050107cadc577a9b7204f4e11334d2fd8729ff029872ea0ad12adeac3b93f25ee1da90ec1da3a0a464f6e6cd02306efd0b913bf1d4d912
|
data/lib/ruby_burp.rb
ADDED
@@ -0,0 +1,51 @@
|
|
1
|
+
require 'nokogiri'
|
2
|
+
|
3
|
+
require File.join(File.dirname(__FILE__), 'ruby_burp', 'version')
|
4
|
+
require File.join(File.dirname(__FILE__), 'ruby_burp', 'rb_host')
|
5
|
+
require File.join(File.dirname(__FILE__), 'ruby_burp', 'rb_issue')
|
6
|
+
require File.join(File.dirname(__FILE__), 'ruby_burp', 'rb_request')
|
7
|
+
require File.join(File.dirname(__FILE__), 'ruby_burp', 'rb_response')
|
8
|
+
require File.join(File.dirname(__FILE__), 'ruby_burp', 'rb_reference')
|
9
|
+
require File.join(File.dirname(__FILE__), 'ruby_burp', 'rb_vulnerability_classification')
|
10
|
+
|
11
|
+
module RubyBurp
|
12
|
+
|
13
|
+
def self.parse(path)
|
14
|
+
issues = []
|
15
|
+
|
16
|
+
doc = Nokogiri::XML(File.open(path))
|
17
|
+
doc.xpath('//issues/issue').map do |xml_issue|
|
18
|
+
issue = RbIssue.new
|
19
|
+
[:serialNumber, :type, :name, :path, :location, :severity, :confidence, :issueBackground, :remediationBackground, :issueDetail].each do |field|
|
20
|
+
issue.send("#{rb_underscore(field.to_s)}=", xml_issue.css(field.to_s).text)
|
21
|
+
end
|
22
|
+
|
23
|
+
ip = xml_issue.css('host').attribute('ip').value
|
24
|
+
host = xml_issue.css('host').text
|
25
|
+
issue.host = RbHost.new(ip, host)
|
26
|
+
|
27
|
+
# p 'ref'
|
28
|
+
issue.references = RbReference.parse(xml_issue.css('references').text)
|
29
|
+
# p 'req'
|
30
|
+
issue.request = RbRequest.parse(xml_issue.to_s)
|
31
|
+
# p 'res'
|
32
|
+
issue.response = RbResponse.parse(xml_issue.to_s)
|
33
|
+
# p 'cla'
|
34
|
+
issue.vulnerability_classifications = RbVulnerabilityClassification.parse(xml_issue.css('vulnerability_classification').text)
|
35
|
+
|
36
|
+
issues.push issue
|
37
|
+
break
|
38
|
+
end
|
39
|
+
|
40
|
+
return issues
|
41
|
+
end
|
42
|
+
|
43
|
+
def self.rb_underscore(value)
|
44
|
+
value.gsub(/::/, '/').
|
45
|
+
gsub(/([A-Z]+)([A-Z][a-z])/,'\1_\2').
|
46
|
+
gsub(/([a-z\d])([A-Z])/,'\1_\2').
|
47
|
+
tr("-", "_").
|
48
|
+
downcase
|
49
|
+
end
|
50
|
+
|
51
|
+
end
|
@@ -0,0 +1,21 @@
|
|
1
|
+
class RbReference
|
2
|
+
attr_accessor :link, :name
|
3
|
+
|
4
|
+
def initialize(link, name)
|
5
|
+
self.link = link
|
6
|
+
self.name = name
|
7
|
+
end
|
8
|
+
|
9
|
+
class << self
|
10
|
+
def parse(html)
|
11
|
+
references = []
|
12
|
+
html_doc = Nokogiri::HTML(html)
|
13
|
+
html_doc.xpath('//ul/li').map do |link|
|
14
|
+
references.push(RbReference.new(link.css('a').attribute('href').value, link.css('a').text))
|
15
|
+
end
|
16
|
+
|
17
|
+
references
|
18
|
+
end
|
19
|
+
end
|
20
|
+
|
21
|
+
end
|
@@ -0,0 +1,40 @@
|
|
1
|
+
class RbRequest
|
2
|
+
attr_accessor :method, :base64, :text
|
3
|
+
|
4
|
+
def initialize(method, base64, text)
|
5
|
+
self.method = method
|
6
|
+
self.base64 = base64
|
7
|
+
self.text = text
|
8
|
+
end
|
9
|
+
|
10
|
+
class << self
|
11
|
+
def parse(xml)
|
12
|
+
requests = []
|
13
|
+
html_doc = Nokogiri::XML(xml)
|
14
|
+
|
15
|
+
req = html_doc.xpath('//requestresponse/request').first
|
16
|
+
|
17
|
+
begin
|
18
|
+
method = req.attribute('method').value
|
19
|
+
rescue
|
20
|
+
method = ''
|
21
|
+
end
|
22
|
+
|
23
|
+
begin
|
24
|
+
base64 = req.attribute('base64').value
|
25
|
+
rescue
|
26
|
+
base64 = ''
|
27
|
+
end
|
28
|
+
|
29
|
+
begin
|
30
|
+
req = req.text
|
31
|
+
rescue
|
32
|
+
req = ''
|
33
|
+
end
|
34
|
+
|
35
|
+
requests.push(RbRequest.new(method, base64, req))
|
36
|
+
|
37
|
+
requests
|
38
|
+
end
|
39
|
+
end
|
40
|
+
end
|
@@ -0,0 +1,38 @@
|
|
1
|
+
class RbResponse
|
2
|
+
attr_accessor :base64, :text, :redirected
|
3
|
+
|
4
|
+
def initialize(base64, text, redirected)
|
5
|
+
self.base64 = base64
|
6
|
+
self.text = text
|
7
|
+
self.redirected = redirected
|
8
|
+
end
|
9
|
+
|
10
|
+
class << self
|
11
|
+
def parse(xml)
|
12
|
+
responses = []
|
13
|
+
html_doc = Nokogiri::XML(xml)
|
14
|
+
res = html_doc.xpath('//requestresponse//response').first
|
15
|
+
begin
|
16
|
+
redirected = html_doc.xpath('//requestresponse//responseRedirected').first.text
|
17
|
+
rescue
|
18
|
+
redirected = ''
|
19
|
+
end
|
20
|
+
|
21
|
+
begin
|
22
|
+
base64 = res.attribute('base64').value
|
23
|
+
rescue
|
24
|
+
base64 = ''
|
25
|
+
end
|
26
|
+
|
27
|
+
begin
|
28
|
+
res = res.text
|
29
|
+
rescue
|
30
|
+
res = ''
|
31
|
+
end
|
32
|
+
|
33
|
+
responses.push(RbResponse.new(base64, res, redirected))
|
34
|
+
|
35
|
+
responses
|
36
|
+
end
|
37
|
+
end
|
38
|
+
end
|
@@ -0,0 +1,22 @@
|
|
1
|
+
class RbVulnerabilityClassification
|
2
|
+
attr_accessor :link, :name
|
3
|
+
|
4
|
+
def initialize(link, name)
|
5
|
+
self.link = link
|
6
|
+
self.name = name
|
7
|
+
end
|
8
|
+
|
9
|
+
class << self
|
10
|
+
def parse(html)
|
11
|
+
classifications = []
|
12
|
+
|
13
|
+
html_doc = Nokogiri::HTML(html)
|
14
|
+
html_doc.xpath('//ul/li').map do |link|
|
15
|
+
classifications.push(RbVulnerabilityClassification.new(link.css('a').attribute('href').value, link.css('a').text))
|
16
|
+
end
|
17
|
+
|
18
|
+
classifications
|
19
|
+
end
|
20
|
+
end
|
21
|
+
|
22
|
+
end
|
metadata
ADDED
@@ -0,0 +1,52 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: ruby_burp
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 1.0.0
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Adilson Chacon
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
date: 2018-11-16 00:00:00.000000000 Z
|
12
|
+
dependencies: []
|
13
|
+
description: Parses Burp Scanner XML file
|
14
|
+
email:
|
15
|
+
- adilsonchacon@gmail.com
|
16
|
+
executables: []
|
17
|
+
extensions: []
|
18
|
+
extra_rdoc_files: []
|
19
|
+
files:
|
20
|
+
- lib/ruby_burp.rb
|
21
|
+
- lib/ruby_burp/rb_host.rb
|
22
|
+
- lib/ruby_burp/rb_issue.rb
|
23
|
+
- lib/ruby_burp/rb_reference.rb
|
24
|
+
- lib/ruby_burp/rb_request.rb
|
25
|
+
- lib/ruby_burp/rb_response.rb
|
26
|
+
- lib/ruby_burp/rb_vulnerability_classification.rb
|
27
|
+
- lib/ruby_burp/version.rb
|
28
|
+
homepage: https://github.com/adilsonchacon/ruby_burp
|
29
|
+
licenses:
|
30
|
+
- MIT
|
31
|
+
metadata: {}
|
32
|
+
post_install_message:
|
33
|
+
rdoc_options: []
|
34
|
+
require_paths:
|
35
|
+
- lib
|
36
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - ">="
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: '0'
|
41
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
42
|
+
requirements:
|
43
|
+
- - ">="
|
44
|
+
- !ruby/object:Gem::Version
|
45
|
+
version: '0'
|
46
|
+
requirements: []
|
47
|
+
rubyforge_project:
|
48
|
+
rubygems_version: 2.4.3
|
49
|
+
signing_key:
|
50
|
+
specification_version: 4
|
51
|
+
summary: Ruby Burp Parser
|
52
|
+
test_files: []
|