@mitre/hdf-converters 2.5.0 → 2.6.2

package/lib/data/converters/csv2json.d.ts

@@ -0,0 +1 @@
+export {};

package/lib/data/converters/csv2json.js

@@ -0,0 +1,36 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const csv2json_1 = __importDefault(require("csv2json"));
+const fs_1 = require("fs");
+const path_1 = __importDefault(require("path"));
+const files = [
+    'aws-config-mapping.csv',
+    'cwe-nist-mapping.csv',
+    'nessus-plugins-nist-mapping.csv',
+    'nikto-nist-mapping.csv',
+    'owasp-nist-mapping.csv',
+    'scoutsuite-nist-mapping.csv'
+];
+try {
+    const pathToFiles = process.argv[2];
+    try {
+        const pathToOutput = process.argv[3];
+        files.forEach((file) => {
+            (0, fs_1.createReadStream)(path_1.default.join(pathToFiles, file))
+                .pipe((0, csv2json_1.default)())
+                .pipe((0, fs_1.createWriteStream)(path_1.default.join(pathToOutput, file.replace('.csv', '.json'))));
+        });
+    }
+    catch {
+        console.error(`You must provide the path to an output folder.`);
+        process.exit(1);
+    }
+}
+catch {
+    console.error(`You must provide the path to a folder containing ${files.join(', ')}.`);
+    process.exit(1);
+}
+//# sourceMappingURL=csv2json.js.map

package/lib/data/converters/csv2json.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"csv2json.js","sourceRoot":"","sources":["../../../data/converters/csv2json.ts"],"names":[],"mappings":";;;;;AAAA,wDAAgC;AAChC,2BAAuD;AACvD,gDAAwB;AAExB,MAAM,KAAK,GAAG;IACZ,wBAAwB;IACxB,sBAAsB;IACtB,iCAAiC;IACjC,wBAAwB;IACxB,wBAAwB;IACxB,6BAA6B;CAC9B,CAAC;AAEF,IAAI;IACF,MAAM,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACpC,IAAI;QACF,MAAM,YAAY,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACrC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE;YACrB,IAAA,qBAAgB,EAAC,cAAI,CAAC,IAAI,CAAC,WAAW,EAAE,IAAI,CAAC,CAAC;iBAC3C,IAAI,CAAC,IAAA,kBAAQ,GAAE,CAAC;iBAChB,IAAI,CACH,IAAA,sBAAiB,EACf,cAAI,CAAC,IAAI,CAAC,YAAY,EAAE,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CACvD,CACF,CAAC;QACN,CAAC,CAAC,CAAC;KACJ;IAAC,MAAM;QACN,OAAO,CAAC,KAAK,CAAC,gDAAgD,CAAC,CAAC;QAChE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;KACjB;CACF;AAAC,MAAM;IACN,OAAO,CAAC,KAAK,CACX,oDAAoD,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CACxE,CAAC;IACF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;CACjB"}

package/lib/data/converters/csv2json.ts

@@ -0,0 +1,36 @@
+import csv2json from 'csv2json';
+import {createReadStream, createWriteStream} from 'fs';
+import path from 'path';
+
+const files = [
+  'aws-config-mapping.csv',
+  'cwe-nist-mapping.csv',
+  'nessus-plugins-nist-mapping.csv',
+  'nikto-nist-mapping.csv',
+  'owasp-nist-mapping.csv',
+  'scoutsuite-nist-mapping.csv'
+];
+
+try {
+  const pathToFiles = process.argv[2];
+  try {
+    const pathToOutput = process.argv[3];
+    files.forEach((file) => {
+      createReadStream(path.join(pathToFiles, file))
+        .pipe(csv2json())
+        .pipe(
+          createWriteStream(
+            path.join(pathToOutput, file.replace('.csv', '.json'))
+          )
+        );
+    });
+  } catch {
+    console.error(`You must provide the path to an output folder.`);
+    process.exit(1);
+  }
+} catch {
+  console.error(
+    `You must provide the path to a folder containing ${files.join(', ')}.`
+  );
+  process.exit(1);
+}

package/lib/data/converters/xml2json.d.ts

@@ -0,0 +1,14 @@
+export interface ICCIList {
+    cci_list: {
+        cci_items: {
+            cci_item: {
+                $: Record<string, string>;
+                references: {
+                    reference: {
+                        $: Record<string, string>;
+                    }[];
+                }[];
+            }[];
+        }[];
+    };
+}

package/lib/data/converters/xml2json.js

@@ -0,0 +1,42 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const fs_1 = __importDefault(require("fs"));
+const lodash_1 = __importDefault(require("lodash"));
+const xml2js_1 = __importDefault(require("xml2js"));
+const parser = new xml2js_1.default.Parser();
+const pathToInfile = process.argv[2];
+const pathToOutfile = process.argv[3];
+if (!pathToInfile || !pathToOutfile) {
+    console.error(`You must provide the path to botn an input and ouput file.`);
+}
+else {
+    fs_1.default.readFile(pathToInfile, function (readFileError, data) {
+        if (readFileError) {
+            console.error(`Failed to read ${pathToInfile}: ${readFileError}`);
+        }
+        else {
+            parser.parseString(data, (parseFileError, converted) => {
+                if (parseFileError) {
+                    console.error(`Failed to parse ${pathToInfile}: ${parseFileError}`);
+                }
+                else {
+                    const result = {};
+                    converted.cci_list.cci_items[0].cci_item.forEach((cciItem) => {
+                        const newestReference = lodash_1.default.maxBy(cciItem.references[0].reference, '$.version');
+                        if (newestReference) {
+                            result[cciItem.$.id] = newestReference.$.index;
+                        }
+                        else {
+                            console.error(`No NIST Controls found for ${cciItem.$.id}`);
+                        }
+                    });
+                    fs_1.default.writeFileSync(pathToOutfile, JSON.stringify(result));
+                }
+            });
+        }
+    });
+}
+//# sourceMappingURL=xml2json.js.map

package/lib/data/converters/xml2json.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"xml2json.js","sourceRoot":"","sources":["../../../data/converters/xml2json.ts"],"names":[],"mappings":";;;;;AAAA,4CAAoB;AACpB,oDAAuB;AACvB,oDAA4B;AAE5B,MAAM,MAAM,GAAG,IAAI,gBAAM,CAAC,MAAM,EAAE,CAAC;AACnC,MAAM,YAAY,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AACrC,MAAM,aAAa,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAkBtC,IAAI,CAAC,YAAY,IAAI,CAAC,aAAa,EAAE;IACnC,OAAO,CAAC,KAAK,CAAC,4DAA4D,CAAC,CAAC;CAC7E;KAAM;IACL,YAAE,CAAC,QAAQ,CAAC,YAAY,EAAE,UAAU,aAAa,EAAE,IAAI;QACrD,IAAI,aAAa,EAAE;YACjB,OAAO,CAAC,KAAK,CAAC,kBAAkB,YAAY,KAAK,aAAa,EAAE,CAAC,CAAC;SACnE;aAAM;YAEL,MAAM,CAAC,WAAW,CAAC,IAAI,EAAE,CAAC,cAAmB,EAAE,SAAmB,EAAE,EAAE;gBACpE,IAAI,cAAc,EAAE;oBAClB,OAAO,CAAC,KAAK,CAAC,mBAAmB,YAAY,KAAK,cAAc,EAAE,CAAC,CAAC;iBACrE;qBAAM;oBAEL,MAAM,MAAM,GAA2B,EAAE,CAAC;oBAE1C,SAAS,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;wBAE3D,MAAM,eAAe,GAAG,gBAAC,CAAC,KAAK,CAC7B,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,SAAS,EAC/B,WAAW,CACZ,CAAC;wBACF,IAAI,eAAe,EAAE;4BACnB,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,eAAe,CAAC,CAAC,CAAC,KAAK,CAAC;yBAChD;6BAAM;4BACL,OAAO,CAAC,KAAK,CAAC,8BAA8B,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;yBAC7D;oBACH,CAAC,CAAC,CAAC;oBACH,YAAE,CAAC,aAAa,CAAC,aAAa,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC;iBACzD;YACH,CAAC,CAAC,CAAC;SACJ;IACH,CAAC,CAAC,CAAC;CACJ"}

package/lib/data/converters/xml2json.ts

@@ -0,0 +1,57 @@
+import fs from 'fs';
+import _ from 'lodash';
+import xml2js from 'xml2js';
+
+const parser = new xml2js.Parser();
+const pathToInfile = process.argv[2];
+const pathToOutfile = process.argv[3];
+
+// XML Structure after conversion
+export interface ICCIList {
+  cci_list: {
+    cci_items: {
+      cci_item: {
+        $: Record<string, string>;
+        references: {
+          reference: {
+            $: Record<string, string>;
+          }[];
+        }[];
+      }[];
+    }[];
+  };
+}
+
+if (!pathToInfile || !pathToOutfile) {
+  console.error(`You must provide the path to botn an input and ouput file.`);
+} else {
+  fs.readFile(pathToInfile, function (readFileError, data) {
+    if (readFileError) {
+      console.error(`Failed to read ${pathToInfile}: ${readFileError}`);
+    } else {
+      // Parse XML to JS Object
+      parser.parseString(data, (parseFileError: any, converted: ICCIList) => {
+        if (parseFileError) {
+          console.error(`Failed to parse ${pathToInfile}: ${parseFileError}`);
+        } else {
+          // Stores our CCI->NIST mapping
+          const result: Record<string, string> = {};
+          // For all cci items
+          converted.cci_list.cci_items[0].cci_item.forEach((cciItem) => {
+            // Get the latest reference
+            const newestReference = _.maxBy(
+              cciItem.references[0].reference,
+              '$.version'
+            );
+            if (newestReference) {
+              result[cciItem.$.id] = newestReference.$.index;
+            } else {
+              console.error(`No NIST Controls found for ${cciItem.$.id}`);
+            }
+          });
+          fs.writeFileSync(pathToOutfile, JSON.stringify(result));
+        }
+      });
+    }
+  });
+}