ruby_burp 1.0.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (10) hide show
  1. checksums.yaml +7 -0
  2. data/lib/ruby_burp.rb +51 -0
  3. data/lib/ruby_burp/rb_host.rb +8 -0
  4. data/lib/ruby_burp/rb_issue.rb +3 -0
  5. data/lib/ruby_burp/rb_reference.rb +21 -0
  6. data/lib/ruby_burp/rb_request.rb +40 -0
  7. data/lib/ruby_burp/rb_response.rb +38 -0
  8. data/lib/ruby_burp/rb_vulnerability_classification.rb +22 -0
  9. data/lib/ruby_burp/version.rb +3 -0
  10. metadata +52 -0
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: 757c3b327d0a5d016a8ecae7766365cc0f4a32be
4
+ data.tar.gz: 8c8ffeaea906bb2235a552103155630f125217fe
5
+ SHA512:
6
+ metadata.gz: 5bf68134ff68b1b9c1879732879b5cc5b6e660ba63489f6a8a4581e77b0e4f501c495c0e8b07e721c5a02023700c67b6f3e2bb1a7c0d8d6c2409950c766bd8cd
7
+ data.tar.gz: 0c75a43ca7525841fd050107cadc577a9b7204f4e11334d2fd8729ff029872ea0ad12adeac3b93f25ee1da90ec1da3a0a464f6e6cd02306efd0b913bf1d4d912
data/lib/ruby_burp.rb ADDED
@@ -0,0 +1,51 @@
1
+ require 'nokogiri'
2
+
3
+ require File.join(File.dirname(__FILE__), 'ruby_burp', 'version')
4
+ require File.join(File.dirname(__FILE__), 'ruby_burp', 'rb_host')
5
+ require File.join(File.dirname(__FILE__), 'ruby_burp', 'rb_issue')
6
+ require File.join(File.dirname(__FILE__), 'ruby_burp', 'rb_request')
7
+ require File.join(File.dirname(__FILE__), 'ruby_burp', 'rb_response')
8
+ require File.join(File.dirname(__FILE__), 'ruby_burp', 'rb_reference')
9
+ require File.join(File.dirname(__FILE__), 'ruby_burp', 'rb_vulnerability_classification')
10
+
11
+ module RubyBurp
12
+
13
+ def self.parse(path)
14
+ issues = []
15
+
16
+ doc = Nokogiri::XML(File.open(path))
17
+ doc.xpath('//issues/issue').map do |xml_issue|
18
+ issue = RbIssue.new
19
+ [:serialNumber, :type, :name, :path, :location, :severity, :confidence, :issueBackground, :remediationBackground, :issueDetail].each do |field|
20
+ issue.send("#{rb_underscore(field.to_s)}=", xml_issue.css(field.to_s).text)
21
+ end
22
+
23
+ ip = xml_issue.css('host').attribute('ip').value
24
+ host = xml_issue.css('host').text
25
+ issue.host = RbHost.new(ip, host)
26
+
27
+ # p 'ref'
28
+ issue.references = RbReference.parse(xml_issue.css('references').text)
29
+ # p 'req'
30
+ issue.request = RbRequest.parse(xml_issue.to_s)
31
+ # p 'res'
32
+ issue.response = RbResponse.parse(xml_issue.to_s)
33
+ # p 'cla'
34
+ issue.vulnerability_classifications = RbVulnerabilityClassification.parse(xml_issue.css('vulnerability_classification').text)
35
+
36
+ issues.push issue
37
+ break
38
+ end
39
+
40
+ return issues
41
+ end
42
+
43
+ def self.rb_underscore(value)
44
+ value.gsub(/::/, '/').
45
+ gsub(/([A-Z]+)([A-Z][a-z])/,'\1_\2').
46
+ gsub(/([a-z\d])([A-Z])/,'\1_\2').
47
+ tr("-", "_").
48
+ downcase
49
+ end
50
+
51
+ end
data/lib/ruby_burp/rb_host.rb ADDED
@@ -0,0 +1,8 @@
1
+ class RbHost
2
+ attr_accessor :ip, :host
3
+
4
+ def initialize(ip, host)
5
+ self.ip = ip
6
+ self.host = host
7
+ end
8
+ end
data/lib/ruby_burp/rb_issue.rb ADDED
@@ -0,0 +1,3 @@
1
+ class RbIssue
2
+ attr_accessor :serial_number, :type, :name, :host, :path, :location, :severity, :confidence, :issue_background, :remediation_background, :references, :vulnerability_classifications, :issue_detail, :request, :response
3
+ end
data/lib/ruby_burp/rb_reference.rb ADDED
@@ -0,0 +1,21 @@
1
+ class RbReference
2
+ attr_accessor :link, :name
3
+
4
+ def initialize(link, name)
5
+ self.link = link
6
+ self.name = name
7
+ end
8
+
9
+ class << self
10
+ def parse(html)
11
+ references = []
12
+ html_doc = Nokogiri::HTML(html)
13
+ html_doc.xpath('//ul/li').map do |link|
14
+ references.push(RbReference.new(link.css('a').attribute('href').value, link.css('a').text))
15
+ end
16
+
17
+ references
18
+ end
19
+ end
20
+
21
+ end
data/lib/ruby_burp/rb_request.rb ADDED
@@ -0,0 +1,40 @@
1
+ class RbRequest
2
+ attr_accessor :method, :base64, :text
3
+
4
+ def initialize(method, base64, text)
5
+ self.method = method
6
+ self.base64 = base64
7
+ self.text = text
8
+ end
9
+
10
+ class << self
11
+ def parse(xml)
12
+ requests = []
13
+ html_doc = Nokogiri::XML(xml)
14
+
15
+ req = html_doc.xpath('//requestresponse/request').first
16
+
17
+ begin
18
+ method = req.attribute('method').value
19
+ rescue
20
+ method = ''
21
+ end
22
+
23
+ begin
24
+ base64 = req.attribute('base64').value
25
+ rescue
26
+ base64 = ''
27
+ end
28
+
29
+ begin
30
+ req = req.text
31
+ rescue
32
+ req = ''
33
+ end
34
+
35
+ requests.push(RbRequest.new(method, base64, req))
36
+
37
+ requests
38
+ end
39
+ end
40
+ end
data/lib/ruby_burp/rb_response.rb ADDED
@@ -0,0 +1,38 @@
1
+ class RbResponse
2
+ attr_accessor :base64, :text, :redirected
3
+
4
+ def initialize(base64, text, redirected)
5
+ self.base64 = base64
6
+ self.text = text
7
+ self.redirected = redirected
8
+ end
9
+
10
+ class << self
11
+ def parse(xml)
12
+ responses = []
13
+ html_doc = Nokogiri::XML(xml)
14
+ res = html_doc.xpath('//requestresponse//response').first
15
+ begin
16
+ redirected = html_doc.xpath('//requestresponse//responseRedirected').first.text
17
+ rescue
18
+ redirected = ''
19
+ end
20
+
21
+ begin
22
+ base64 = res.attribute('base64').value
23
+ rescue
24
+ base64 = ''
25
+ end
26
+
27
+ begin
28
+ res = res.text
29
+ rescue
30
+ res = ''
31
+ end
32
+
33
+ responses.push(RbResponse.new(base64, res, redirected))
34
+
35
+ responses
36
+ end
37
+ end
38
+ end
data/lib/ruby_burp/rb_vulnerability_classification.rb ADDED
@@ -0,0 +1,22 @@
1
+ class RbVulnerabilityClassification
2
+ attr_accessor :link, :name
3
+
4
+ def initialize(link, name)
5
+ self.link = link
6
+ self.name = name
7
+ end
8
+
9
+ class << self
10
+ def parse(html)
11
+ classifications = []
12
+
13
+ html_doc = Nokogiri::HTML(html)
14
+ html_doc.xpath('//ul/li').map do |link|
15
+ classifications.push(RbVulnerabilityClassification.new(link.css('a').attribute('href').value, link.css('a').text))
16
+ end
17
+
18
+ classifications
19
+ end
20
+ end
21
+
22
+ end
data/lib/ruby_burp/version.rb ADDED
@@ -0,0 +1,3 @@
1
+ module RubyBurp
2
+ VERSION = '1.0.0'
3
+ end
metadata ADDED
@@ -0,0 +1,52 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: ruby_burp
3
+ version: !ruby/object:Gem::Version
4
+ version: 1.0.0
5
+ platform: ruby
6
+ authors:
7
+ - Adilson Chacon
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2018-11-16 00:00:00.000000000 Z
12
+ dependencies: []
13
+ description: Parses Burp Scanner XML file
14
+ email:
15
+ - adilsonchacon@gmail.com
16
+ executables: []
17
+ extensions: []
18
+ extra_rdoc_files: []
19
+ files:
20
+ - lib/ruby_burp.rb
21
+ - lib/ruby_burp/rb_host.rb
22
+ - lib/ruby_burp/rb_issue.rb
23
+ - lib/ruby_burp/rb_reference.rb
24
+ - lib/ruby_burp/rb_request.rb
25
+ - lib/ruby_burp/rb_response.rb
26
+ - lib/ruby_burp/rb_vulnerability_classification.rb
27
+ - lib/ruby_burp/version.rb
28
+ homepage: https://github.com/adilsonchacon/ruby_burp
29
+ licenses:
30
+ - MIT
31
+ metadata: {}
32
+ post_install_message:
33
+ rdoc_options: []
34
+ require_paths:
35
+ - lib
36
+ required_ruby_version: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - ">="
39
+ - !ruby/object:Gem::Version
40
+ version: '0'
41
+ required_rubygems_version: !ruby/object:Gem::Requirement
42
+ requirements:
43
+ - - ">="
44
+ - !ruby/object:Gem::Version
45
+ version: '0'
46
+ requirements: []
47
+ rubyforge_project:
48
+ rubygems_version: 2.4.3
49
+ signing_key:
50
+ specification_version: 4
51
+ summary: Ruby Burp Parser
52
+ test_files: []