@mitre/hdf-converters 2.6.26 → 2.6.29
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +21 -0
- package/lib/index.d.ts +2 -0
- package/lib/index.js +2 -0
- package/lib/index.js.map +1 -1
- package/lib/package.json +11 -6
- package/lib/src/base-converter.d.ts +1 -0
- package/lib/src/base-converter.js +17 -8
- package/lib/src/base-converter.js.map +1 -1
- package/lib/src/burpsuite-mapper.d.ts +5 -2
- package/lib/src/burpsuite-mapper.js +24 -23
- package/lib/src/burpsuite-mapper.js.map +1 -1
- package/lib/src/jfrog-xray-mapper.d.ts +5 -2
- package/lib/src/jfrog-xray-mapper.js +27 -27
- package/lib/src/jfrog-xray-mapper.js.map +1 -1
- package/lib/src/nessus-mapper.d.ts +7 -3
- package/lib/src/nessus-mapper.js +32 -25
- package/lib/src/nessus-mapper.js.map +1 -1
- package/lib/src/nikto-mapper.d.ts +5 -2
- package/lib/src/nikto-mapper.js +20 -14
- package/lib/src/nikto-mapper.js.map +1 -1
- package/lib/src/sarif-mapper.d.ts +5 -2
- package/lib/src/sarif-mapper.js +29 -16
- package/lib/src/sarif-mapper.js.map +1 -1
- package/lib/src/scoutsuite-mapper.d.ts +5 -2
- package/lib/src/scoutsuite-mapper.js +36 -23
- package/lib/src/scoutsuite-mapper.js.map +1 -1
- package/lib/src/twistlock-mapper.d.ts +2 -1
- package/lib/src/twistlock-mapper.js +25 -4
- package/lib/src/twistlock-mapper.js.map +1 -1
- package/lib/src/utils/fingerprinting.d.ts +24 -0
- package/lib/src/utils/fingerprinting.js +127 -0
- package/lib/src/utils/fingerprinting.js.map +1 -0
- package/lib/src/veracode-mapper.d.ts +9 -0
- package/lib/src/veracode-mapper.js +382 -0
- package/lib/src/veracode-mapper.js.map +1 -0
- package/lib/src/zap-mapper.d.ts +5 -2
- package/lib/src/zap-mapper.js +32 -21
- package/lib/src/zap-mapper.js.map +1 -1
- package/package.json +12 -7
package/README.md
CHANGED
|
@@ -4,6 +4,27 @@
|
|
|
4
4
|
|
|
5
5
|
HDF Converters supplies several methods to convert various types of security tool data to and from this HDF standard. HDF Converters can be used in a variety of tools, and is currently well integrated with Heimdall itself, and the [SAF CLI](https://github.com/mitre/saf).
|
|
6
6
|
|
|
7
|
+
## Supported Formats
|
|
8
|
+
1. [**asff-mapper**] - AWS Security Finding Format JSON file, Prowler-derived AWS Security Finding Format results from concatenated JSON blobs, and Trivy-derived AWS Security Finding Format results from concatenated JSON blobs
|
|
9
|
+
2. [**aws-config-mapper**] - AWS Config
|
|
10
|
+
3. [**burpsuite-mapper**] - BurpSuite Pro XML file
|
|
11
|
+
4. [**dbprotect-mapper**] - DBProtect report in "Check Results Details" XML format
|
|
12
|
+
5. [**fortify-mapper**] - Fortify results FVDL file
|
|
13
|
+
6. [**ionchannel-mapper**] - SBOM data from Ion Channel
|
|
14
|
+
7. [**jfrog-xray-mapper**] - JFrog Xray results JSON file
|
|
15
|
+
8. [**nessus-mapper**] - Nessus XML results file
|
|
16
|
+
9. [**netsparker-mapper**] - Netsparker XML results file
|
|
17
|
+
10. [**nikto-mapper**] - Nikto results JSON file
|
|
18
|
+
11. [**prisma-mapper**] - Prisma Cloud Scan Report CSV file
|
|
19
|
+
12. [**sarif-mapper**] - SARIF JSON file
|
|
20
|
+
13. [**scoutsuite-mapper**] - ScoutSuite results from a Javascript object
|
|
21
|
+
14. [**snyk-mapper**] - Snyk results JSON file
|
|
22
|
+
15. [**sonarqube-mapper**] - SonarQube vulnerabilities for the specified project name and optional branch or pull/merge request ID name from an API
|
|
23
|
+
16. [**splunk-mapper**] - Splunk instance
|
|
24
|
+
17. [**twistlock-mapper**] - Twistlock CLI output file
|
|
25
|
+
18. [**xccdf-results-mapper**] - SCAP client XCCDF-Results XML report
|
|
26
|
+
19. [**zap-mapper**] - OWASP ZAP results JSON
|
|
27
|
+
|
|
7
28
|
### NOTICE
|
|
8
29
|
|
|
9
30
|
© 2022 The MITRE Corporation.
|
package/lib/index.d.ts
CHANGED
|
@@ -26,5 +26,7 @@ export * from './src/sonarqube-mapper';
|
|
|
26
26
|
export * from './src/splunk-mapper';
|
|
27
27
|
export * from './src/twistlock-mapper';
|
|
28
28
|
export * from './src/utils/attestations';
|
|
29
|
+
export * from './src/utils/fingerprinting';
|
|
30
|
+
export * from './src/veracode-mapper';
|
|
29
31
|
export * from './src/xccdf-results-mapper';
|
|
30
32
|
export * from './src/zap-mapper';
|
package/lib/index.js
CHANGED
|
@@ -56,6 +56,8 @@ __exportStar(require("./src/sonarqube-mapper"), exports);
|
|
|
56
56
|
__exportStar(require("./src/splunk-mapper"), exports);
|
|
57
57
|
__exportStar(require("./src/twistlock-mapper"), exports);
|
|
58
58
|
__exportStar(require("./src/utils/attestations"), exports);
|
|
59
|
+
__exportStar(require("./src/utils/fingerprinting"), exports);
|
|
60
|
+
__exportStar(require("./src/veracode-mapper"), exports);
|
|
59
61
|
__exportStar(require("./src/xccdf-results-mapper"), exports);
|
|
60
62
|
__exportStar(require("./src/zap-mapper"), exports);
|
|
61
63
|
//# sourceMappingURL=index.js.map
|
package/lib/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,6DAA0D;AAAlD,0GAAA,WAAW,OAAA;AACnB,0DAAwC;AACxC,yDAAuC;AACvC,qFAAmE;AACnE,yFAAuE;AACvE,uFAAqE;AACrE,yDAAuC;AACvC,uDAAqC;AACrC,0DAAwC;AACxC,0DAAwC;AACxC,4FAA4E;AAC5E,wFAAwE;AACxE,wFAAwE;AACxE,0GAA0F;AAC1F,4FAA4E;AAC5E,4FAA4E;AAC5E,sGAAsF;AACtF,sDAAoC;AACpC,0DAAwC;AACxC,qDAAmC;AACnC,sDAAoC;AACpC,qDAAmC;AACnC,0DAAwC;AACxC,oDAAkC;AAClC,yDAAuC;AACvC,sDAAoC;AACpC,yDAAuC;AACvC,2DAAyC;AACzC,6DAA2C;AAC3C,mDAAiC"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,6DAA0D;AAAlD,0GAAA,WAAW,OAAA;AACnB,0DAAwC;AACxC,yDAAuC;AACvC,qFAAmE;AACnE,yFAAuE;AACvE,uFAAqE;AACrE,yDAAuC;AACvC,uDAAqC;AACrC,0DAAwC;AACxC,0DAAwC;AACxC,4FAA4E;AAC5E,wFAAwE;AACxE,wFAAwE;AACxE,0GAA0F;AAC1F,4FAA4E;AAC5E,4FAA4E;AAC5E,sGAAsF;AACtF,sDAAoC;AACpC,0DAAwC;AACxC,qDAAmC;AACnC,sDAAoC;AACpC,qDAAmC;AACnC,0DAAwC;AACxC,oDAAkC;AAClC,yDAAuC;AACvC,sDAAoC;AACpC,yDAAuC;AACvC,2DAAyC;AACzC,6DAA2C;AAC3C,wDAAsC;AACtC,6DAA2C;AAC3C,mDAAiC"}
|
package/lib/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@mitre/hdf-converters",
|
|
3
|
-
"version": "2.6.
|
|
3
|
+
"version": "2.6.29",
|
|
4
4
|
"license": "Apache-2.0",
|
|
5
5
|
"description": "Converter util library used to transform various scan results into HDF format",
|
|
6
6
|
"files": [
|
|
@@ -11,9 +11,13 @@
|
|
|
11
11
|
"main": "lib/index.js"
|
|
12
12
|
},
|
|
13
13
|
"scripts": {
|
|
14
|
-
"prepack": "yarn build &&
|
|
15
|
-
"postpack": "
|
|
16
|
-
"
|
|
14
|
+
"prepack": "yarn build && node prepack.js",
|
|
15
|
+
"postpack": "run-script-os",
|
|
16
|
+
"postpack:darwin:linux": "mv package.json.orig package.json",
|
|
17
|
+
"postpack:win32": "move package.json.orig package.json",
|
|
18
|
+
"build": "run-script-os",
|
|
19
|
+
"build:darwin:linux": "tsc -p ./tsconfig.build.json && cp -R ./data ./lib",
|
|
20
|
+
"build:win32": "tsc -p ./tsconfig.build.json && xcopy data lib",
|
|
17
21
|
"lint": "eslint \"**/*.ts\" --fix",
|
|
18
22
|
"lint:ci": "eslint \"**/*.ts\" --max-warnings 0",
|
|
19
23
|
"test": "jest",
|
|
@@ -34,12 +38,13 @@
|
|
|
34
38
|
"fast-xml-parser": "^3.21.1",
|
|
35
39
|
"html-entities": "^2.3.2",
|
|
36
40
|
"htmlparser2": "^7.1.2",
|
|
37
|
-
"inspecjs": "^2.6.
|
|
41
|
+
"inspecjs": "^2.6.28",
|
|
38
42
|
"lodash": "^4.17.21",
|
|
39
43
|
"moment": "^2.29.1",
|
|
40
44
|
"ms": "^2.1.3",
|
|
41
45
|
"mustache": "^4.2.0",
|
|
42
46
|
"papaparse": "^5.3.1",
|
|
47
|
+
"run-script-os": "^1.1.6",
|
|
43
48
|
"winston": "^3.6.0",
|
|
44
49
|
"xlsx": "^0.18.5",
|
|
45
50
|
"xml2js": "^0.4.23",
|
|
@@ -54,7 +59,7 @@
|
|
|
54
59
|
"quicktype": "^15.0.260",
|
|
55
60
|
"ts-jest": "^27.0.3",
|
|
56
61
|
"ts-node": "^10.0.0",
|
|
57
|
-
"typedoc": "^0.
|
|
62
|
+
"typedoc": "^0.23.2"
|
|
58
63
|
},
|
|
59
64
|
"jest": {
|
|
60
65
|
"rootDir": ".",
|
|
@@ -4,6 +4,7 @@ export interface ILookupPath {
|
|
|
4
4
|
path?: string | string[];
|
|
5
5
|
transformer?: (value: any) => unknown;
|
|
6
6
|
arrayTransformer?: (value: unknown[], file: any) => unknown[];
|
|
7
|
+
pathTransform?: (value: unknown, file: any) => unknown;
|
|
7
8
|
key?: string;
|
|
8
9
|
}
|
|
9
10
|
export declare type ObjectEntryValue<T> = {
|
|
@@ -149,10 +149,16 @@ class BaseConverter {
|
|
|
149
149
|
transformer = lodash_1.default.get(v, 'transformer');
|
|
150
150
|
v = lodash_1.default.omit(v, 'transformer');
|
|
151
151
|
}
|
|
152
|
+
const haspathTransform = lodash_1.default.has(v, 'pathTransform') && lodash_1.default.isFunction(lodash_1.default.get(v, 'pathTransform'));
|
|
153
|
+
let pathTransform = (val) => val;
|
|
154
|
+
if (haspathTransform) {
|
|
155
|
+
pathTransform = lodash_1.default.get(v, 'pathTransform');
|
|
156
|
+
v = lodash_1.default.omit(v, 'pathTransform');
|
|
157
|
+
}
|
|
152
158
|
const hasPath = lodash_1.default.isObject(v) && lodash_1.default.has(v, 'path');
|
|
153
159
|
let pathV = v;
|
|
154
160
|
if (hasPath) {
|
|
155
|
-
pathV = this.handlePath(file, lodash_1.default.get(v, 'path'));
|
|
161
|
+
pathV = pathTransform(this.handlePath(file, lodash_1.default.get(v, 'path')), file);
|
|
156
162
|
v = lodash_1.default.omit(v, 'path');
|
|
157
163
|
}
|
|
158
164
|
if (lodash_1.default.isString(pathV) ||
|
|
@@ -180,7 +186,7 @@ class BaseConverter {
|
|
|
180
186
|
: this.convertInternal(file, v);
|
|
181
187
|
}
|
|
182
188
|
handleArray(file, v) {
|
|
183
|
-
var _a, _b, _c;
|
|
189
|
+
var _a, _b, _c, _d;
|
|
184
190
|
if (v.length === 0) {
|
|
185
191
|
return [];
|
|
186
192
|
}
|
|
@@ -215,15 +221,20 @@ class BaseConverter {
|
|
|
215
221
|
const key = lookupPath.key;
|
|
216
222
|
const arrayTransformer = (_b = lookupPath.arrayTransformer) === null || _b === void 0 ? void 0 : _b.bind(this);
|
|
217
223
|
const transformer = (_c = lookupPath.transformer) === null || _c === void 0 ? void 0 : _c.bind(this);
|
|
224
|
+
const pathTransform = (_d = lookupPath.pathTransform) === null || _d === void 0 ? void 0 : _d.bind(this);
|
|
218
225
|
if (this.hasPath(file, path)) {
|
|
219
|
-
|
|
226
|
+
let pathVal = this.handlePath(file, path);
|
|
227
|
+
if (pathTransform !== undefined) {
|
|
228
|
+
pathVal = pathTransform(pathVal, file);
|
|
229
|
+
}
|
|
220
230
|
if (Array.isArray(pathVal)) {
|
|
221
231
|
v = pathVal.map((element) => {
|
|
222
232
|
return lodash_1.default.omit(this.convertInternal(element, lookupPath), [
|
|
223
233
|
'path',
|
|
224
234
|
'transformer',
|
|
225
235
|
'arrayTransformer',
|
|
226
|
-
'key'
|
|
236
|
+
'key',
|
|
237
|
+
'pathTransform'
|
|
227
238
|
]);
|
|
228
239
|
});
|
|
229
240
|
if (arrayTransformer !== undefined) {
|
|
@@ -244,11 +255,9 @@ class BaseConverter {
|
|
|
244
255
|
}
|
|
245
256
|
else {
|
|
246
257
|
if (transformer !== undefined) {
|
|
247
|
-
|
|
248
|
-
}
|
|
249
|
-
else {
|
|
250
|
-
resultingData.push(this.handlePath(file, path));
|
|
258
|
+
pathVal = transformer(pathVal);
|
|
251
259
|
}
|
|
260
|
+
resultingData.push(pathVal);
|
|
252
261
|
}
|
|
253
262
|
}
|
|
254
263
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"base-converter.js","sourceRoot":"","sources":["../../src/base-converter.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,mCAAkC;AAClC,sEAAqC;AACrC,wDAA0C;AAE1C,oDAAuB;AACvB,0DAA6B;
|
|
1
|
+
{"version":3,"file":"base-converter.js","sourceRoot":"","sources":["../../src/base-converter.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,mCAAkC;AAClC,sEAAqC;AACrC,wDAA0C;AAE1C,oDAAuB;AACvB,0DAA6B;AAgC7B,SAAgB,YAAY,CAAC,IAAY,EAAE,SAAS,GAAG,QAAQ;IAC7D,MAAM,IAAI,GAAG,IAAA,mBAAU,EAAC,SAAS,CAAC,CAAC;IACnC,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;AACzC,CAAC;AAHD,oCAGC;AAED,SAAgB,SAAS,CAAC,KAAc;IACtC,MAAM,QAAQ,GAAa,EAAE,CAAC;IAC9B,MAAM,QAAQ,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC;QACrC,MAAM,CAAC,IAAY;YACjB,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACtB,CAAC;KACF,CAAC,CAAC;IACH,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE;QAC7B,QAAQ,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;QACtB,QAAQ,CAAC,GAAG,EAAE,CAAC;KAChB;IACD,OAAO,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;AAC3B,CAAC;AAZD,8BAYC;AAED,SAAgB,QAAQ,CAAC,GAAW;IAClC,MAAM,OAAO,GAAG;QACd,mBAAmB,EAAE,EAAE;QACvB,YAAY,EAAE,MAAM;QACpB,gBAAgB,EAAE,KAAK;KACxB,CAAC;IACF,OAAO,yBAAM,CAAC,KAAK,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;AACpC,CAAC;AAPD,4BAOC;AAED,SAAgB,QAAQ,CAAC,GAAW;IAClC,MAAM,MAAM,GAAG,mBAAI,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,EAAE,EAAE,EAAC,MAAM,EAAE,IAAI,EAAC,CAAC,CAAC;IAEtD,IAAI,MAAM,CAAC,MAAM,CAAC,MAAM,EAAE;QACxB,MAAM,MAAM,CAAC,MAAM,CAAC;KACrB;IAED,OAAO,MAAM,CAAC,IAAI,CAAC;AACrB,CAAC;AARD,4BAQC;AAED,SAAgB,aAAa,CAC3B,OAA4B;IAE5B,OAAO,CAAC,QAAiB,EAAU,EAAE;QACnC,IAAI,OAAO,QAAQ,KAAK,QAAQ,IAAI,OAAO,QAAQ,KAAK,QAAQ,EAAE;YAChE,OAAO,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC,WAAW,EAAE,CAAC,IAAI,CAAC,CAAC;SAC5D;aAAM;YACL,OAAO,CAAC,CAAC;SACV;IACH,CAAC,CAAC;AACJ,CAAC;AAVD,sCAUC;AAGD,SAAS,kBAAkB,CACzB,KAAe,EACf,GAAW,EACX,eAAwB;IAExB,MAAM,IAAI,GAAG,IAAI,GAAG,EAAkB,CAAC;IACvC,MAAM,QAAQ,GAAQ,EAAE,CAAC;IACzB,IAAI,OAAO,GAAG,CAAC,CAAC;IAChB,KAAK,CAAC,OAAO,CAAC,CAAC,IAAO,EAAE,EAAE;QACxB,MAAM,aAAa,GAAG,gBAAC,CAAC,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;QACvC,IAAI,OAAO,aAAa,KAAK,QAAQ,EAAE;YACrC,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC;YAC3C,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,aAAa,CAAC,EAAE;gBAC5B,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACpB,IAAI,CAAC,GAAG,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC;gBACjC,OAAO,EAAE,CAAC;aACX;iBAAM;gBACL,MAAM,SAAS,GAAG,gBAAC,CAAC,GAAG,CACrB,QAAQ,CAAC,KAAK,CAAC,EACf,SAAS,CACkB,CAAC;gBAC9B,MAAM,YAAY,GAAG,SAAS,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE,CAC7C,gBAAC,CAAC,GAAG,CAAC,OAAO,EAAE,WAAW,CAAC,CAC5B,CAAC;gBACF,IAAI,eAAe,EAAE;oBACnB,IACE,YAAY,CAAC,OAAO,CAClB,gBAAC,CAAC,GAAG,CAAC,IAAI,EAAE,sBAAsB,CAAW,CAC9C,KAAK,CAAC,CAAC,EACR;wBACA,gBAAC,CAAC,GAAG,CACH,QAAQ,CAAC,KAAK,CAAC,EACf,SAAS,EACT,SAAS,CAAC,MAAM,CACd,gBAAC,CAAC,GAAG,CAAC,IAAI,EAAE,SAAS,CAA6B,CACnD,CACF,CAAC;qBACH;iBACF;qBAAM;oBACL,gBAAC,CAAC,GAAG,CACH,QAAQ,CAAC,KAAK,CAAC,EACf,SAAS,EACT,SAAS,CAAC,MAAM,CAAC,gBAAC,CAAC,GAAG,CAAC,IAAI,EAAE,SAAS,CAA6B,CAAC,CACrE,CAAC;iBACH;aACF;SACF;IACH,CAAC,CAAC,CAAC;IACH,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,MAAa,aAAa;IAKxB,YAAY,IAA6B,EAAE,eAAe,GAAG,KAAK;QAChE,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,eAAe,GAAG,eAAe,CAAC;IACzC,CAAC;IACD,WAAW,CACT,QAA0D;QAE1D,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;IAC3B,CAAC;IACD,KAAK;QACH,IAAI,IAAI,CAAC,QAAQ,KAAK,SAAS,EAAE;YAC/B,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;SAC9C;aAAM;YACL,MAAM,CAAC,GAAG,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC;YACzD,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;gBAC7B,OAAO,CAAC,MAAM,GAAG,YAAY,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC;YACzD,CAAC,CAAC,CAAC;YACH,OAAO,CAAC,CAAC;SACV;IACH,CAAC;IAED,SAAS,CACP,GAAM,EACN,EAAiC;QAEjC,OAAO,MAAM,CAAC,WAAW,CACvB,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAC1B,CAAC;IAC1B,CAAC;IACD,eAAe,CACb,IAA6B,EAC7B,MAAS;QAET,MAAM,iBAAiB,GACrB,gBAAC,CAAC,QAAQ,CAAC,MAAM,CAAC;YAClB,gBAAC,CAAC,GAAG,CAAC,MAAM,EAAE,cAAc,CAAC;YAC7B,gBAAC,CAAC,SAAS,CAAC,gBAAC,CAAC,GAAG,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC;YAC1C,gBAAC,CAAC,GAAG,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC;QAChC,IAAI,iBAAiB,EAAE;YACrB,OAAO,gBAAC,CAAC,IAAI,CAAC,MAAgB,EAAE,cAAc,CAG7C,CAAC;SACH;QAED,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,CAAC,CAAsB,EAAE,EAAE,CAC/D,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC,CACvB,CAAC;QACF,OAAO,MAAsC,CAAC;IAChD,CAAC;IAED,QAAQ,CACN,IAA6B,EAC7B,CAAe;QAEf,MAAM,cAAc,GAClB,gBAAC,CAAC,GAAG,CAAC,CAAC,EAAE,aAAa,CAAC,IAAI,gBAAC,CAAC,UAAU,CAAC,gBAAC,CAAC,GAAG,CAAC,CAAC,EAAE,aAAa,CAAC,CAAC,CAAC;QACnE,IAAI,WAAW,GAAG,CAAC,GAAY,EAAE,EAAE,CAAC,GAAG,CAAC;QACxC,IAAI,cAAc,EAAE;YAClB,WAAW,GAAG,gBAAC,CAAC,GAAG,CAAC,CAAC,EAAE,aAAa,CAAC,CAAC;YACtC,CAAC,GAAG,gBAAC,CAAC,IAAI,CAAC,CAAW,EAAE,aAAa,CAAM,CAAC;SAC7C;QAED,MAAM,gBAAgB,GACpB,gBAAC,CAAC,GAAG,CAAC,CAAC,EAAE,eAAe,CAAC,IAAI,gBAAC,CAAC,UAAU,CAAC,gBAAC,CAAC,GAAG,CAAC,CAAC,EAAE,eAAe,CAAC,CAAC,CAAC;QAEvE,IAAI,aAAa,GAGF,CAAC,GAAY,EAAE,EAAE,CAAC,GAAG,CAAC;QACrC,IAAI,gBAAgB,EAAE;YACpB,aAAa,GAAG,gBAAC,CAAC,GAAG,CAAC,CAAC,EAAE,eAAe,CAAC,CAAC;YAC1C,CAAC,GAAG,gBAAC,CAAC,IAAI,CAAC,CAAW,EAAE,eAAe,CAAM,CAAC;SAC/C;QAED,MAAM,OAAO,GAAG,gBAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,gBAAC,CAAC,GAAG,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;QAClD,IAAI,KAAK,GAAG,CAAC,CAAC;QACd,IAAI,OAAO,EAAE;YACX,KAAK,GAAG,aAAa,CACnB,IAAI,CAAC,UAAU,CAAC,IAAI,EAAE,gBAAC,CAAC,GAAG,CAAC,CAAC,EAAE,MAAM,CAAsB,CAAY,EACvE,IAAI,CACL,CAAC;YACF,CAAC,GAAG,gBAAC,CAAC,IAAI,CAAC,CAAW,EAAE,MAAM,CAAM,CAAC;SACtC;QAED,IACE,gBAAC,CAAC,QAAQ,CAAC,KAAK,CAAC;YACjB,gBAAC,CAAC,QAAQ,CAAC,KAAK,CAAC;YACjB,gBAAC,CAAC,SAAS,CAAC,KAAK,CAAC;YAClB,gBAAC,CAAC,MAAM,CAAC,KAAK,CAAC,EACf;YACA,OAAO,WAAW,CAAC,KAAK,CAAM,CAAC;SAChC;QAED,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE;YACxB,OAAO,cAAc;gBACnB,CAAC,CAAE,WAAW,CAAC,KAAK,CAAS;gBAC7B,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;SACnC;QAED,IAAI,gBAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,IAAI,cAAc,EAAE;YAC1C,OAAO;gBACL,GAAG,IAAI,CAAC,eAAe,CAAC,IAAI,EAAE,CAAC,CAAC;gBAChC,GAAI,WAAW,CAAC,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAE,IAAgB,CAAY;aAChC,CAAC;SACnC;QAED,IAAI,cAAc,EAAE;YAClB,OAAO,WAAW,CAAC,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAE,IAAgB,CAGtB,CAAC;SAClC;QAED,OAAO,OAAO;YACZ,CAAC,CAAC,KAAK;YACP,CAAC,CAAE,IAAI,CAAC,eAAe,CAAC,IAAI,EAAE,CAAC,CAGI,CAAC;IACxC,CAAC;IAED,WAAW,CACT,IAA6B,EAC7B,CAAyB;;QAEzB,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE;YAClB,OAAO,EAAE,CAAC;SACX;QACD,MAAM,aAAa,GAAa,EAAE,CAAC;QACnC,KAAK,MAAM,UAAU,IAAI,CAAC,EAAE;YAC1B,IAAI,UAAU,CAAC,IAAI,KAAK,SAAS,EAAE;gBACjC,MAAM,gBAAgB,GAAG,MAAA,UAAU,CAAC,gBAAgB,0CAAE,IAAI,CAAC,IAAI,CAAC,CAAC;gBACjE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE;oBACpB,OAAO,gBAAC,CAAC,QAAQ,CAAC,OAAO,CAAC;wBACxB,CAAC,CAAE,gBAAC,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC,kBAAkB,CAAC,CAAqB;wBAC5D,CAAC,CAAC,OAAO,CAAC;gBACd,CAAC,CAAC,CAAC;gBACH,IAAI,MAAM,GAAa,EAAE,CAAC;gBAC1B,CAAC,CAAC,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;oBACpB,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,OAAO,CAAM,CAAC,CAAC;gBACjD,CAAC,CAAC,CAAC;gBACH,IAAI,gBAAgB,KAAK,SAAS,EAAE;oBAClC,IAAI,KAAK,CAAC,OAAO,CAAC,gBAAgB,CAAC,EAAE;wBACnC,MAAM,GAAG,gBAAgB,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC,CAAC,EAAE;4BACtD,CAAC;4BACD,IAAI,CAAC,IAAI;yBACV,CAAC,CAAC;qBACJ;yBAAM;wBACL,MAAM,GAAG,gBAAgB,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,MAAM,EAAE,IAAI,CAAC,IAAI,CAAC,CAAQ,CAAC;qBACnE;iBACF;gBACD,aAAa,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,CAAC;aAC/B;iBAAM;gBACL,MAAM,IAAI,GAAG,UAAU,CAAC,IAAI,CAAC;gBAC7B,MAAM,GAAG,GAAG,UAAU,CAAC,GAAG,CAAC;gBAC3B,MAAM,gBAAgB,GAAG,MAAA,UAAU,CAAC,gBAAgB,0CAAE,IAAI,CAAC,IAAI,CAAC,CAAC;gBACjE,MAAM,WAAW,GAAG,MAAA,UAAU,CAAC,WAAW,0CAAE,IAAI,CAAC,IAAI,CAAC,CAAC;gBACvD,MAAM,aAAa,GAAG,MAAA,UAAU,CAAC,aAAa,0CAAE,IAAI,CAAC,IAAI,CAAC,CAAC;gBAC3D,IAAI,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,IAAI,CAAC,EAAE;oBAC5B,IAAI,OAAO,GAAG,IAAI,CAAC,UAAU,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;oBAC1C,IAAI,aAAa,KAAK,SAAS,EAAE;wBAC/B,OAAO,GAAG,aAAa,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;qBACxC;oBACD,IAAI,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE;wBAC1B,CAAC,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,OAAgC,EAAE,EAAE;4BACnD,OAAO,gBAAC,CAAC,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,UAAU,CAAC,EAAE;gCACvD,MAAM;gCACN,aAAa;gCACb,kBAAkB;gCAClB,KAAK;gCACL,eAAe;6BAChB,CAAiB,CAAC;wBACrB,CAAC,CAAC,CAAC;wBACH,IAAI,gBAAgB,KAAK,SAAS,EAAE;4BAClC,IAAI,KAAK,CAAC,OAAO,CAAC,gBAAgB,CAAC,EAAE;gCACnC,CAAC,GAAG,gBAAgB,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC,CAAC,EAAE;oCACjD,CAAC;oCACD,IAAI,CAAC,IAAI;iCACV,CAAC,CAAC;6BACJ;iCAAM;gCACL,CAAC,GAAG,gBAAgB,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC,EAAE,IAAI,CAAC,IAAI,CAAC,CAAQ,CAAC;6BACzD;yBACF;wBACD,IAAI,GAAG,KAAK,SAAS,EAAE;4BACrB,CAAC,GAAG,kBAAkB,CAAC,CAAC,EAAE,GAAG,EAAE,IAAI,CAAC,eAAe,CAAC,CAAC;yBACtD;wBACD,aAAa,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;qBAC1B;yBAAM;wBACL,IAAI,WAAW,KAAK,SAAS,EAAE;4BAC7B,OAAO,GAAG,WAAW,CAAC,OAAO,CAAC,CAAC;yBAChC;wBACD,aAAa,CAAC,IAAI,CAAC,OAAY,CAAC,CAAC;qBAClC;iBACF;aACF;SACF;QAED,MAAM,aAAa,GAAQ,EAAE,CAAC;QAC9B,aAAa,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,EAAE;YAC/B,IACE,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,YAAY,EAAE,EAAE,CAAC,gBAAC,CAAC,OAAO,CAAC,MAAM,EAAE,YAAY,CAAC,CAAC,EACtE;gBACA,aAAa,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;aAC5B;QACH,CAAC,CAAC,CAAC;QACH,OAAO,aAAa,CAAC;IACvB,CAAC;IAED,UAAU,CAAC,IAA6B,EAAE,IAAuB;QAC/D,IAAI,SAAS,GAAG,IAAI,CAAC;QAErB,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE;YAC5B,SAAS,GAAG,CAAC,IAAI,CAAC,CAAC;SACpB;QAED,MAAM,KAAK,GAAG,gBAAC,CAAC,SAAS,CAAC,SAAS,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAEnE,IAAI,KAAK,KAAK,CAAC,CAAC,EAAE;YAEhB,OAAO,EAAE,CAAC;SACX;aAAM,IAAI,SAAS,CAAC,KAAK,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE;YAC5C,OAAO,gBAAC,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,SAAS,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;SAC1D;aAAM;YACL,OAAO,gBAAC,CAAC,GAAG,CAAC,IAAI,EAAE,SAAS,CAAC,KAAK,CAAC,CAAC,IAAI,EAAE,CAAC;SAC5C;IACH,CAAC;IACD,OAAO,CAAC,IAA6B,EAAE,IAAuB;QAC5D,IAAI,SAAS,CAAC;QACd,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE;YAC5B,SAAS,GAAG,CAAC,IAAI,CAAC,CAAC;SACpB;aAAM;YACL,SAAS,GAAG,IAAI,CAAC;SAClB;QAED,OAAO,gBAAC,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC,EAAE,EAAE;YAC7B,IAAI,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE;gBACtB,OAAO,gBAAC,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;aACrC;iBAAM;gBACL,OAAO,gBAAC,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;aACvB;QACH,CAAC,CAAC,CAAC;IACL,CAAC;CACF;AAxPD,sCAwPC"}
|
|
@@ -1,6 +1,9 @@
|
|
|
1
1
|
import { ExecJSON } from 'inspecjs';
|
|
2
2
|
import { BaseConverter, ILookupPath, MappedTransform } from './base-converter';
|
|
3
3
|
export declare class BurpSuiteMapper extends BaseConverter {
|
|
4
|
-
|
|
5
|
-
|
|
4
|
+
withRaw: boolean;
|
|
5
|
+
mappings: MappedTransform<ExecJSON.Execution & {
|
|
6
|
+
passthrough: unknown;
|
|
7
|
+
}, ILookupPath>;
|
|
8
|
+
constructor(burpsXml: string, withRaw?: boolean);
|
|
6
9
|
}
|
|
@@ -61,44 +61,29 @@ function nistTag(input) {
|
|
|
61
61
|
return CWE_NIST_MAPPING.nistFilter(cwe, global_1.DEFAULT_STATIC_CODE_ANALYSIS_NIST_TAGS);
|
|
62
62
|
}
|
|
63
63
|
class BurpSuiteMapper extends base_converter_1.BaseConverter {
|
|
64
|
-
constructor(burpsXml) {
|
|
64
|
+
constructor(burpsXml, withRaw = false) {
|
|
65
65
|
super((0, base_converter_1.parseXml)(burpsXml));
|
|
66
66
|
this.mappings = {
|
|
67
67
|
platform: {
|
|
68
68
|
name: 'Heimdall Tools',
|
|
69
|
-
release: package_json_1.version
|
|
70
|
-
target_id: ''
|
|
69
|
+
release: package_json_1.version
|
|
71
70
|
},
|
|
72
71
|
version: package_json_1.version,
|
|
73
|
-
statistics: {
|
|
74
|
-
duration: null
|
|
75
|
-
},
|
|
72
|
+
statistics: {},
|
|
76
73
|
profiles: [
|
|
77
74
|
{
|
|
78
75
|
name: NAME,
|
|
79
76
|
version: { path: 'issues.burpVersion' },
|
|
80
77
|
title: NAME,
|
|
81
|
-
maintainer: null,
|
|
82
78
|
summary: NAME,
|
|
83
|
-
license: null,
|
|
84
|
-
copyright: null,
|
|
85
|
-
copyright_email: null,
|
|
86
79
|
supports: [],
|
|
87
80
|
attributes: [],
|
|
88
|
-
depends: [],
|
|
89
81
|
groups: [],
|
|
90
82
|
status: 'loaded',
|
|
91
83
|
controls: [
|
|
92
84
|
{
|
|
93
85
|
path: 'issues.issue',
|
|
94
86
|
key: 'id',
|
|
95
|
-
id: { path: 'type', transformer: idToString },
|
|
96
|
-
title: { path: 'name' },
|
|
97
|
-
desc: { path: 'issueBackground', transformer: base_converter_1.parseHtml },
|
|
98
|
-
impact: {
|
|
99
|
-
path: 'severity',
|
|
100
|
-
transformer: (0, base_converter_1.impactMapping)(IMPACT_MAPPING)
|
|
101
|
-
},
|
|
102
87
|
tags: {
|
|
103
88
|
nist: {
|
|
104
89
|
path: 'vulnerabilityClassifications',
|
|
@@ -110,6 +95,11 @@ class BurpSuiteMapper extends base_converter_1.BaseConverter {
|
|
|
110
95
|
},
|
|
111
96
|
confidence: { path: 'confidence' }
|
|
112
97
|
},
|
|
98
|
+
refs: [],
|
|
99
|
+
source_location: {},
|
|
100
|
+
title: { path: 'name' },
|
|
101
|
+
id: { path: 'type', transformer: idToString },
|
|
102
|
+
desc: { path: 'issueBackground', transformer: base_converter_1.parseHtml },
|
|
113
103
|
descriptions: [
|
|
114
104
|
{
|
|
115
105
|
data: { path: 'issueBackground', transformer: base_converter_1.parseHtml },
|
|
@@ -120,14 +110,17 @@ class BurpSuiteMapper extends base_converter_1.BaseConverter {
|
|
|
120
110
|
label: 'fix'
|
|
121
111
|
}
|
|
122
112
|
],
|
|
123
|
-
|
|
124
|
-
|
|
125
|
-
|
|
113
|
+
impact: {
|
|
114
|
+
path: 'severity',
|
|
115
|
+
transformer: (0, base_converter_1.impactMapping)(IMPACT_MAPPING)
|
|
116
|
+
},
|
|
117
|
+
code: {
|
|
118
|
+
transformer: (vulnerability) => JSON.stringify(vulnerability, null, 2)
|
|
119
|
+
},
|
|
126
120
|
results: [
|
|
127
121
|
{
|
|
128
122
|
status: inspecjs_1.ExecJSON.ControlResultStatus.Failed,
|
|
129
123
|
code_desc: { transformer: formatCodeDesc },
|
|
130
|
-
run_time: 0,
|
|
131
124
|
start_time: { path: '$.issues.exportTime' }
|
|
132
125
|
}
|
|
133
126
|
]
|
|
@@ -135,8 +128,16 @@ class BurpSuiteMapper extends base_converter_1.BaseConverter {
|
|
|
135
128
|
],
|
|
136
129
|
sha256: ''
|
|
137
130
|
}
|
|
138
|
-
]
|
|
131
|
+
],
|
|
132
|
+
passthrough: {
|
|
133
|
+
transformer: (data) => {
|
|
134
|
+
return {
|
|
135
|
+
...(this.withRaw && { raw: data })
|
|
136
|
+
};
|
|
137
|
+
}
|
|
138
|
+
}
|
|
139
139
|
};
|
|
140
|
+
this.withRaw = withRaw;
|
|
140
141
|
}
|
|
141
142
|
}
|
|
142
143
|
exports.BurpSuiteMapper = BurpSuiteMapper;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"burpsuite-mapper.js","sourceRoot":"","sources":["../../src/burpsuite-mapper.ts"],"names":[],"mappings":";;;;;;AAAA,uCAAkC;AAClC,oDAAuB;AACvB,kDAAgE;AAChE,qDAO0B;AAC1B,8DAAyD;AACzD,2CAAsE;AAGtE,MAAM,cAAc,GAAwB,IAAI,GAAG,CAAC;IAClD,CAAC,MAAM,EAAE,GAAG,CAAC;IACb,CAAC,QAAQ,EAAE,GAAG,CAAC;IACf,CAAC,KAAK,EAAE,GAAG,CAAC;IACZ,CAAC,aAAa,EAAE,GAAG,CAAC;CACrB,CAAC,CAAC;AACH,MAAM,IAAI,GAAG,oBAAoB,CAAC;AAClC,MAAM,gBAAgB,GAAG,IAAI,+BAAc,EAAE,CAAC;AAG9C,SAAS,cAAc,CAAC,KAAc;IACpC,MAAM,IAAI,GAAG,EAAE,CAAC;IAChB,IAAI,gBAAC,CAAC,GAAG,CAAC,KAAK,EAAE,SAAS,CAAC,IAAI,gBAAC,CAAC,GAAG,CAAC,KAAK,EAAE,WAAW,CAAC,EAAE;QACxD,IAAI,CAAC,IAAI,CACP,aAAa,gBAAC,CAAC,GAAG,CAAC,KAAK,EAAE,SAAS,CAAC,UAAU,gBAAC,CAAC,GAAG,CAAC,KAAK,EAAE,WAAW,CAAC,EAAE,CAC1E,CAAC;KACH;SAAM;QACL,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;KAChC;IACD,IAAI,gBAAC,CAAC,GAAG,CAAC,KAAK,EAAE,UAAU,CAAC,EAAE;QAC5B,IAAI,CAAC,IAAI,CAAC,aAAa,IAAA,0BAAS,EAAC,gBAAC,CAAC,GAAG,CAAC,KAAK,EAAE,UAAU,CAAC,CAAC,EAAE,CAAC,CAAC;KAC/D;SAAM;QACL,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;KACzB;IACD,IAAI,gBAAC,CAAC,GAAG,CAAC,KAAK,EAAE,aAAa,CAAC,EAAE;QAC/B,IAAI,CAAC,IAAI,CAAC,gBAAgB,IAAA,0BAAS,EAAC,gBAAC,CAAC,GAAG,CAAC,KAAK,EAAE,aAAa,CAAC,CAAC,EAAE,CAAC,CAAC;KACrE;IACD,IAAI,gBAAC,CAAC,GAAG,CAAC,KAAK,EAAE,YAAY,CAAC,EAAE;QAC9B,IAAI,CAAC,IAAI,CAAC,eAAe,IAAA,0BAAS,EAAC,gBAAC,CAAC,GAAG,CAAC,KAAK,EAAE,YAAY,CAAC,CAAC,EAAE,CAAC,CAAC;KACnE;SAAM;QACL,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;KAC3B;IACD,OAAO,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC;AAChC,CAAC;AACD,SAAS,UAAU,CAAC,EAAW;IAC7B,IAAI,OAAO,EAAE,KAAK,QAAQ,IAAI,OAAO,EAAE,KAAK,QAAQ,EAAE;QACpD,OAAO,EAAE,CAAC,QAAQ,EAAE,CAAC;KACtB;SAAM;QACL,OAAO,EAAE,CAAC;KACX;AACH,CAAC;AACD,SAAS,WAAW,CAAC,KAAa;IAChC,OAAO,IAAA,0BAAS,EAAC,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS,EAAE,CAAC;AACnD,CAAC;AACD,SAAS,OAAO,CAAC,KAAa;IAC5B,IAAI,GAAG,GAAG,WAAW,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IAC3C,GAAG,CAAC,KAAK,EAAE,CAAC;IACZ,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACtC,OAAO,gBAAgB,CAAC,UAAU,CAChC,GAAG,EACH,+CAAsC,CACvC,CAAC;AACJ,CAAC;AAED,MAAa,eAAgB,SAAQ,8BAAa;
|
|
1
|
+
{"version":3,"file":"burpsuite-mapper.js","sourceRoot":"","sources":["../../src/burpsuite-mapper.ts"],"names":[],"mappings":";;;;;;AAAA,uCAAkC;AAClC,oDAAuB;AACvB,kDAAgE;AAChE,qDAO0B;AAC1B,8DAAyD;AACzD,2CAAsE;AAGtE,MAAM,cAAc,GAAwB,IAAI,GAAG,CAAC;IAClD,CAAC,MAAM,EAAE,GAAG,CAAC;IACb,CAAC,QAAQ,EAAE,GAAG,CAAC;IACf,CAAC,KAAK,EAAE,GAAG,CAAC;IACZ,CAAC,aAAa,EAAE,GAAG,CAAC;CACrB,CAAC,CAAC;AACH,MAAM,IAAI,GAAG,oBAAoB,CAAC;AAClC,MAAM,gBAAgB,GAAG,IAAI,+BAAc,EAAE,CAAC;AAG9C,SAAS,cAAc,CAAC,KAAc;IACpC,MAAM,IAAI,GAAG,EAAE,CAAC;IAChB,IAAI,gBAAC,CAAC,GAAG,CAAC,KAAK,EAAE,SAAS,CAAC,IAAI,gBAAC,CAAC,GAAG,CAAC,KAAK,EAAE,WAAW,CAAC,EAAE;QACxD,IAAI,CAAC,IAAI,CACP,aAAa,gBAAC,CAAC,GAAG,CAAC,KAAK,EAAE,SAAS,CAAC,UAAU,gBAAC,CAAC,GAAG,CAAC,KAAK,EAAE,WAAW,CAAC,EAAE,CAC1E,CAAC;KACH;SAAM;QACL,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;KAChC;IACD,IAAI,gBAAC,CAAC,GAAG,CAAC,KAAK,EAAE,UAAU,CAAC,EAAE;QAC5B,IAAI,CAAC,IAAI,CAAC,aAAa,IAAA,0BAAS,EAAC,gBAAC,CAAC,GAAG,CAAC,KAAK,EAAE,UAAU,CAAC,CAAC,EAAE,CAAC,CAAC;KAC/D;SAAM;QACL,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;KACzB;IACD,IAAI,gBAAC,CAAC,GAAG,CAAC,KAAK,EAAE,aAAa,CAAC,EAAE;QAC/B,IAAI,CAAC,IAAI,CAAC,gBAAgB,IAAA,0BAAS,EAAC,gBAAC,CAAC,GAAG,CAAC,KAAK,EAAE,aAAa,CAAC,CAAC,EAAE,CAAC,CAAC;KACrE;IACD,IAAI,gBAAC,CAAC,GAAG,CAAC,KAAK,EAAE,YAAY,CAAC,EAAE;QAC9B,IAAI,CAAC,IAAI,CAAC,eAAe,IAAA,0BAAS,EAAC,gBAAC,CAAC,GAAG,CAAC,KAAK,EAAE,YAAY,CAAC,CAAC,EAAE,CAAC,CAAC;KACnE;SAAM;QACL,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;KAC3B;IACD,OAAO,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC;AAChC,CAAC;AACD,SAAS,UAAU,CAAC,EAAW;IAC7B,IAAI,OAAO,EAAE,KAAK,QAAQ,IAAI,OAAO,EAAE,KAAK,QAAQ,EAAE;QACpD,OAAO,EAAE,CAAC,QAAQ,EAAE,CAAC;KACtB;SAAM;QACL,OAAO,EAAE,CAAC;KACX;AACH,CAAC;AACD,SAAS,WAAW,CAAC,KAAa;IAChC,OAAO,IAAA,0BAAS,EAAC,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS,EAAE,CAAC;AACnD,CAAC;AACD,SAAS,OAAO,CAAC,KAAa;IAC5B,IAAI,GAAG,GAAG,WAAW,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IAC3C,GAAG,CAAC,KAAK,EAAE,CAAC;IACZ,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACtC,OAAO,gBAAgB,CAAC,UAAU,CAChC,GAAG,EACH,+CAAsC,CACvC,CAAC;AACJ,CAAC;AAED,MAAa,eAAgB,SAAQ,8BAAa;IAiFhD,YAAY,QAAgB,EAAE,OAAO,GAAG,KAAK;QAC3C,KAAK,CAAC,IAAA,yBAAQ,EAAC,QAAQ,CAAC,CAAC,CAAC;QA/E5B,aAAQ,GAGJ;YACF,QAAQ,EAAE;gBACR,IAAI,EAAE,gBAAgB;gBACtB,OAAO,EAAE,sBAAoB;aAC9B;YACD,OAAO,EAAE,sBAAoB;YAC7B,UAAU,EAAE,EAAE;YACd,QAAQ,EAAE;gBACR;oBACE,IAAI,EAAE,IAAI;oBACV,OAAO,EAAE,EAAC,IAAI,EAAE,oBAAoB,EAAC;oBACrC,KAAK,EAAE,IAAI;oBACX,OAAO,EAAE,IAAI;oBACb,QAAQ,EAAE,EAAE;oBACZ,UAAU,EAAE,EAAE;oBACd,MAAM,EAAE,EAAE;oBACV,MAAM,EAAE,QAAQ;oBAChB,QAAQ,EAAE;wBACR;4BACE,IAAI,EAAE,cAAc;4BACpB,GAAG,EAAE,IAAI;4BACT,IAAI,EAAE;gCACJ,IAAI,EAAE;oCACJ,IAAI,EAAE,8BAA8B;oCACpC,WAAW,EAAE,OAAO;iCACrB;gCACD,KAAK,EAAE;oCACL,IAAI,EAAE,8BAA8B;oCACpC,WAAW,EAAE,WAAW;iCACzB;gCACD,UAAU,EAAE,EAAC,IAAI,EAAE,YAAY,EAAC;6BACjC;4BACD,IAAI,EAAE,EAAE;4BACR,eAAe,EAAE,EAAE;4BACnB,KAAK,EAAE,EAAC,IAAI,EAAE,MAAM,EAAC;4BACrB,EAAE,EAAE,EAAC,IAAI,EAAE,MAAM,EAAE,WAAW,EAAE,UAAU,EAAC;4BAC3C,IAAI,EAAE,EAAC,IAAI,EAAE,iBAAiB,EAAE,WAAW,EAAE,0BAAS,EAAC;4BACvD,YAAY,EAAE;gCACZ;oCACE,IAAI,EAAE,EAAC,IAAI,EAAE,iBAAiB,EAAE,WAAW,EAAE,0BAAS,EAAC;oCACvD,KAAK,EAAE,OAAO;iCACf;gCACD;oCACE,IAAI,EAAE,EAAC,IAAI,EAAE,uBAAuB,EAAE,WAAW,EAAE,0BAAS,EAAC;oCAC7D,KAAK,EAAE,KAAK;iCACb;6BACF;4BACD,MAAM,EAAE;gCACN,IAAI,EAAE,UAAU;gCAChB,WAAW,EAAE,IAAA,8BAAa,EAAC,cAAc,CAAC;6BAC3C;4BACD,IAAI,EAAE;gCACJ,WAAW,EAAE,CAAC,aAAsC,EAAU,EAAE,CAC9D,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC;6BACzC;4BACD,OAAO,EAAE;gCACP;oCACE,MAAM,EAAE,mBAAQ,CAAC,mBAAmB,CAAC,MAAM;oCAC3C,SAAS,EAAE,EAAC,WAAW,EAAE,cAAc,EAAC;oCACxC,UAAU,EAAE,EAAC,IAAI,EAAE,qBAAqB,EAAC;iCAC1C;6BACF;yBACF;qBACF;oBACD,MAAM,EAAE,EAAE;iBACX;aACF;YACD,WAAW,EAAE;gBACX,WAAW,EAAE,CAAC,IAA6B,EAA2B,EAAE;oBACtE,OAAO;wBACL,GAAG,CAAC,IAAI,CAAC,OAAO,IAAI,EAAC,GAAG,EAAE,IAAI,EAAC,CAAC;qBACjC,CAAC;gBACJ,CAAC;aACF;SACF,CAAC;QAGA,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IACzB,CAAC;CACF;AArFD,0CAqFC"}
|
|
@@ -1,6 +1,9 @@
|
|
|
1
1
|
import { ExecJSON } from 'inspecjs';
|
|
2
2
|
import { BaseConverter, ILookupPath, MappedTransform } from './base-converter';
|
|
3
3
|
export declare class JfrogXrayMapper extends BaseConverter {
|
|
4
|
-
|
|
5
|
-
|
|
4
|
+
withRaw: boolean;
|
|
5
|
+
mappings: MappedTransform<ExecJSON.Execution & {
|
|
6
|
+
passthrough: unknown;
|
|
7
|
+
}, ILookupPath>;
|
|
8
|
+
constructor(xrayJson: string, withRaw?: boolean);
|
|
6
9
|
}
|
|
@@ -73,47 +73,34 @@ function formatCodeDesc(vulnerability) {
|
|
|
73
73
|
}
|
|
74
74
|
return codeDescArray.join('\n').replace(re, ', ');
|
|
75
75
|
}
|
|
76
|
-
function
|
|
77
|
-
const
|
|
76
|
+
function nistTag(identifier) {
|
|
77
|
+
const identifiers = [];
|
|
78
78
|
if (Array.isArray(identifier)) {
|
|
79
79
|
identifier.forEach((element) => {
|
|
80
80
|
if (element.split('CWE-')[1]) {
|
|
81
|
-
|
|
81
|
+
identifiers.push(element.split('CWE-')[1]);
|
|
82
82
|
}
|
|
83
83
|
});
|
|
84
84
|
}
|
|
85
|
-
return output;
|
|
86
|
-
}
|
|
87
|
-
function nistTag(identifier) {
|
|
88
|
-
const identifiers = parseIdentifier(identifier);
|
|
89
85
|
return CWE_NIST_MAPPING.nistFilter(identifiers, global_1.DEFAULT_STATIC_CODE_ANALYSIS_NIST_TAGS);
|
|
90
86
|
}
|
|
91
87
|
class JfrogXrayMapper extends base_converter_1.BaseConverter {
|
|
92
|
-
constructor(xrayJson) {
|
|
88
|
+
constructor(xrayJson, withRaw = false) {
|
|
93
89
|
super(JSON.parse(xrayJson), true);
|
|
94
90
|
this.mappings = {
|
|
95
91
|
platform: {
|
|
96
92
|
name: 'Heimdall Tools',
|
|
97
|
-
release: package_json_1.version
|
|
98
|
-
target_id: ''
|
|
93
|
+
release: package_json_1.version
|
|
99
94
|
},
|
|
100
95
|
version: package_json_1.version,
|
|
101
|
-
statistics: {
|
|
102
|
-
duration: null
|
|
103
|
-
},
|
|
96
|
+
statistics: {},
|
|
104
97
|
profiles: [
|
|
105
98
|
{
|
|
106
99
|
name: 'JFrog Xray Scan',
|
|
107
|
-
version: '',
|
|
108
100
|
title: 'JFrog Xray Scan',
|
|
109
|
-
maintainer: null,
|
|
110
101
|
summary: 'Continuous Security and Universal Artifact Analysis',
|
|
111
|
-
license: null,
|
|
112
|
-
copyright: null,
|
|
113
|
-
copyright_email: null,
|
|
114
102
|
supports: [],
|
|
115
103
|
attributes: [],
|
|
116
|
-
depends: [],
|
|
117
104
|
groups: [],
|
|
118
105
|
status: 'loaded',
|
|
119
106
|
controls: [
|
|
@@ -125,12 +112,8 @@ class JfrogXrayMapper extends base_converter_1.BaseConverter {
|
|
|
125
112
|
path: 'component_versions.more_details.cves[0].cwe',
|
|
126
113
|
transformer: nistTag
|
|
127
114
|
},
|
|
128
|
-
cweid: {
|
|
129
|
-
path: 'component_versions.more_details.cves[0].cwe',
|
|
130
|
-
transformer: parseIdentifier
|
|
131
|
-
}
|
|
115
|
+
cweid: { path: 'component_versions.more_details.cves[0].cwe' }
|
|
132
116
|
},
|
|
133
|
-
descriptions: [],
|
|
134
117
|
refs: [],
|
|
135
118
|
source_location: {},
|
|
136
119
|
id: { transformer: hashId },
|
|
@@ -143,12 +126,15 @@ class JfrogXrayMapper extends base_converter_1.BaseConverter {
|
|
|
143
126
|
path: 'severity',
|
|
144
127
|
transformer: (0, base_converter_1.impactMapping)(IMPACT_MAPPING)
|
|
145
128
|
},
|
|
146
|
-
code:
|
|
129
|
+
code: {
|
|
130
|
+
transformer: (vulnerability) => {
|
|
131
|
+
return JSON.stringify(vulnerability, null, 2);
|
|
132
|
+
}
|
|
133
|
+
},
|
|
147
134
|
results: [
|
|
148
135
|
{
|
|
149
136
|
status: inspecjs_1.ExecJSON.ControlResultStatus.Failed,
|
|
150
137
|
code_desc: { transformer: formatCodeDesc },
|
|
151
|
-
run_time: 0,
|
|
152
138
|
start_time: ''
|
|
153
139
|
}
|
|
154
140
|
]
|
|
@@ -156,8 +142,22 @@ class JfrogXrayMapper extends base_converter_1.BaseConverter {
|
|
|
156
142
|
],
|
|
157
143
|
sha256: ''
|
|
158
144
|
}
|
|
159
|
-
]
|
|
145
|
+
],
|
|
146
|
+
passthrough: {
|
|
147
|
+
transformer: (data) => {
|
|
148
|
+
return {
|
|
149
|
+
auxiliary_data: [
|
|
150
|
+
{
|
|
151
|
+
name: 'JFrog Xray',
|
|
152
|
+
data: lodash_1.default.pick(data, ['total_count'])
|
|
153
|
+
}
|
|
154
|
+
],
|
|
155
|
+
...(this.withRaw && { raw: data })
|
|
156
|
+
};
|
|
157
|
+
}
|
|
158
|
+
}
|
|
160
159
|
};
|
|
160
|
+
this.withRaw = withRaw;
|
|
161
161
|
}
|
|
162
162
|
}
|
|
163
163
|
exports.JfrogXrayMapper = JfrogXrayMapper;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jfrog-xray-mapper.js","sourceRoot":"","sources":["../../src/jfrog-xray-mapper.ts"],"names":[],"mappings":";;;;;;AAAA,uCAAkC;AAClC,oDAAuB;AACvB,kDAAgE;AAChE,qDAM0B;AAC1B,8DAAyD;AACzD,2CAAsE;AAGtE,MAAM,cAAc,GAAwB,IAAI,GAAG,CAAC;IAClD,CAAC,MAAM,EAAE,GAAG,CAAC;IACb,CAAC,QAAQ,EAAE,GAAG,CAAC;IACf,CAAC,KAAK,EAAE,GAAG,CAAC;CACb,CAAC,CAAC;AAEH,MAAM,gBAAgB,GAAG,IAAI,+BAAc,EAAE,CAAC;AAG9C,SAAS,MAAM,CAAC,aAAsB;IACpC,IAAI,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,IAAI,CAAC,KAAK,EAAE,EAAE;QACrC,OAAO,IAAA,6BAAY,EAAC,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,SAAS,CAAC,CAAC,QAAQ,EAAE,EAAE,KAAK,CAAC,CAAC;KACxE;SAAM;QACL,OAAO,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,IAAI,CAAW,CAAC;KAC7C;AACH,CAAC;AACD,SAAS,UAAU,CAAC,aAAsB;IACxC,MAAM,IAAI,GAAG,EAAE,CAAC;IAChB,IAAI,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,aAAa,CAAC,EAAE;QACvC,IAAI,CAAC,IAAI,CAAC,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,aAAa,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC;KAC3D;IACD,IAAI,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,MAAM,CAAC,EAAE;QAChC,MAAM,GAAG,GAAG,MAAM,CAAC;QACnB,MAAM,GAAG,GAAG,KAAK,CAAC;QAClB,IAAI,CAAC,IAAI,CACP,SAAS,IAAI,CAAC,SAAS,CAAC,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,MAAM,CAAC,CAAC;aAClD,OAAO,CAAC,GAAG,EAAE,KAAK,CAAC;aACnB,OAAO,CAAC,GAAG,EAAE,IAAI,CAAC,EAAE,CACxB,CAAC;KACH;IACD,OAAO,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;AAC3B,CAAC;AACD,SAAS,cAAc,CAAC,aAAsB;IAC5C,MAAM,aAAa,GAAa,EAAE,CAAC;IACnC,MAAM,EAAE,GAAG,KAAK,CAAC;IACjB,IAAI,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,gBAAgB,CAAC,EAAE;QAC1C,aAAa,CAAC,IAAI,CAChB,oBAAoB,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,gBAAgB,CAAC,EAAE,CAC7D,CAAC;KACH;SAAM;QACL,aAAa,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;KACzC;IACD,IAAI,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,wCAAwC,CAAC,EAAE;QAClE,aAAa,CAAC,IAAI,CAChB,yBAAyB,IAAI,CAAC,SAAS,CACrC,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,wCAAwC,CAAC,CAC/D,EAAE,CACJ,CAAC;KACH;SAAM;QACL,aAAa,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC;KAC9C;IACD,IAAI,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,mCAAmC,CAAC,EAAE;QAC7D,aAAa,CAAC,IAAI,CAChB,oBAAoB,IAAI,CAAC,SAAS,CAChC,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,mCAAmC,CAAC,CAC1D,EAAE,CACJ,CAAC;KACH;SAAM;QACL,aAAa,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;KACzC;IACD,IAAI,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,YAAY,CAAC,EAAE;QACtC,aAAa,CAAC,IAAI,CAAC,gBAAgB,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,YAAY,CAAC,EAAE,CAAC,CAAC;KAC1E;SAAM;QACL,aAAa,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;KACrC;IACD,IAAI,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,UAAU,CAAC,EAAE;QACpC,aAAa,CAAC,IAAI,CAAC,cAAc,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,UAAU,CAAC,EAAE,CAAC,CAAC;KACtE;SAAM;QACL,aAAa,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;KACnC;IACD,OAAO,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,OAAO,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC;AACpD,CAAC;AACD,SAAS,
|
|
1
|
+
{"version":3,"file":"jfrog-xray-mapper.js","sourceRoot":"","sources":["../../src/jfrog-xray-mapper.ts"],"names":[],"mappings":";;;;;;AAAA,uCAAkC;AAClC,oDAAuB;AACvB,kDAAgE;AAChE,qDAM0B;AAC1B,8DAAyD;AACzD,2CAAsE;AAGtE,MAAM,cAAc,GAAwB,IAAI,GAAG,CAAC;IAClD,CAAC,MAAM,EAAE,GAAG,CAAC;IACb,CAAC,QAAQ,EAAE,GAAG,CAAC;IACf,CAAC,KAAK,EAAE,GAAG,CAAC;CACb,CAAC,CAAC;AAEH,MAAM,gBAAgB,GAAG,IAAI,+BAAc,EAAE,CAAC;AAG9C,SAAS,MAAM,CAAC,aAAsB;IACpC,IAAI,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,IAAI,CAAC,KAAK,EAAE,EAAE;QACrC,OAAO,IAAA,6BAAY,EAAC,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,SAAS,CAAC,CAAC,QAAQ,EAAE,EAAE,KAAK,CAAC,CAAC;KACxE;SAAM;QACL,OAAO,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,IAAI,CAAW,CAAC;KAC7C;AACH,CAAC;AACD,SAAS,UAAU,CAAC,aAAsB;IACxC,MAAM,IAAI,GAAG,EAAE,CAAC;IAChB,IAAI,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,aAAa,CAAC,EAAE;QACvC,IAAI,CAAC,IAAI,CAAC,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,aAAa,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC;KAC3D;IACD,IAAI,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,MAAM,CAAC,EAAE;QAChC,MAAM,GAAG,GAAG,MAAM,CAAC;QACnB,MAAM,GAAG,GAAG,KAAK,CAAC;QAClB,IAAI,CAAC,IAAI,CACP,SAAS,IAAI,CAAC,SAAS,CAAC,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,MAAM,CAAC,CAAC;aAClD,OAAO,CAAC,GAAG,EAAE,KAAK,CAAC;aACnB,OAAO,CAAC,GAAG,EAAE,IAAI,CAAC,EAAE,CACxB,CAAC;KACH;IACD,OAAO,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;AAC3B,CAAC;AACD,SAAS,cAAc,CAAC,aAAsB;IAC5C,MAAM,aAAa,GAAa,EAAE,CAAC;IACnC,MAAM,EAAE,GAAG,KAAK,CAAC;IACjB,IAAI,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,gBAAgB,CAAC,EAAE;QAC1C,aAAa,CAAC,IAAI,CAChB,oBAAoB,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,gBAAgB,CAAC,EAAE,CAC7D,CAAC;KACH;SAAM;QACL,aAAa,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;KACzC;IACD,IAAI,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,wCAAwC,CAAC,EAAE;QAClE,aAAa,CAAC,IAAI,CAChB,yBAAyB,IAAI,CAAC,SAAS,CACrC,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,wCAAwC,CAAC,CAC/D,EAAE,CACJ,CAAC;KACH;SAAM;QACL,aAAa,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC;KAC9C;IACD,IAAI,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,mCAAmC,CAAC,EAAE;QAC7D,aAAa,CAAC,IAAI,CAChB,oBAAoB,IAAI,CAAC,SAAS,CAChC,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,mCAAmC,CAAC,CAC1D,EAAE,CACJ,CAAC;KACH;SAAM;QACL,aAAa,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;KACzC;IACD,IAAI,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,YAAY,CAAC,EAAE;QACtC,aAAa,CAAC,IAAI,CAAC,gBAAgB,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,YAAY,CAAC,EAAE,CAAC,CAAC;KAC1E;SAAM;QACL,aAAa,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;KACrC;IACD,IAAI,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,UAAU,CAAC,EAAE;QACpC,aAAa,CAAC,IAAI,CAAC,cAAc,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,UAAU,CAAC,EAAE,CAAC,CAAC;KACtE;SAAM;QACL,aAAa,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;KACnC;IACD,OAAO,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,OAAO,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC;AACpD,CAAC;AACD,SAAS,OAAO,CAAC,UAAmC;IAClD,MAAM,WAAW,GAAa,EAAE,CAAC;IACjC,IAAI,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE;QAC7B,UAAU,CAAC,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;YAC7B,IAAI,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE;gBAC5B,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;aAC5C;QACH,CAAC,CAAC,CAAC;KACJ;IACD,OAAO,gBAAgB,CAAC,UAAU,CAChC,WAAW,EACX,+CAAsC,CACvC,CAAC;AACJ,CAAC;AAGD,MAAa,eAAgB,SAAQ,8BAAa;IA4EhD,YAAY,QAAgB,EAAE,OAAO,GAAG,KAAK;QAC3C,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,EAAE,IAAI,CAAC,CAAC;QA1EpC,aAAQ,GAGJ;YACF,QAAQ,EAAE;gBACR,IAAI,EAAE,gBAAgB;gBACtB,OAAO,EAAE,sBAAoB;aAC9B;YACD,OAAO,EAAE,sBAAoB;YAC7B,UAAU,EAAE,EAAE;YACd,QAAQ,EAAE;gBACR;oBACE,IAAI,EAAE,iBAAiB;oBACvB,KAAK,EAAE,iBAAiB;oBACxB,OAAO,EAAE,qDAAqD;oBAC9D,QAAQ,EAAE,EAAE;oBACZ,UAAU,EAAE,EAAE;oBACd,MAAM,EAAE,EAAE;oBACV,MAAM,EAAE,QAAQ;oBAChB,QAAQ,EAAE;wBACR;4BACE,IAAI,EAAE,MAAM;4BACZ,GAAG,EAAE,IAAI;4BACT,IAAI,EAAE;gCACJ,IAAI,EAAE;oCACJ,IAAI,EAAE,6CAA6C;oCACnD,WAAW,EAAE,OAAO;iCACrB;gCACD,KAAK,EAAE,EAAC,IAAI,EAAE,6CAA6C,EAAC;6BAC7D;4BACD,IAAI,EAAE,EAAE;4BACR,eAAe,EAAE,EAAE;4BACnB,EAAE,EAAE,EAAC,WAAW,EAAE,MAAM,EAAC;4BACzB,KAAK,EAAE,EAAC,IAAI,EAAE,SAAS,EAAC;4BACxB,IAAI,EAAE;gCACJ,IAAI,EAAE,iCAAiC;gCACvC,WAAW,EAAE,UAAU;6BACxB;4BACD,MAAM,EAAE;gCACN,IAAI,EAAE,UAAU;gCAChB,WAAW,EAAE,IAAA,8BAAa,EAAC,cAAc,CAAC;6BAC3C;4BACD,IAAI,EAAE;gCACJ,WAAW,EAAE,CAAC,aAAsC,EAAU,EAAE;oCAC9D,OAAO,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;gCAChD,CAAC;6BACF;4BACD,OAAO,EAAE;gCACP;oCACE,MAAM,EAAE,mBAAQ,CAAC,mBAAmB,CAAC,MAAM;oCAC3C,SAAS,EAAE,EAAC,WAAW,EAAE,cAAc,EAAC;oCACxC,UAAU,EAAE,EAAE;iCACf;6BACF;yBACF;qBACF;oBACD,MAAM,EAAE,EAAE;iBACX;aACF;YACD,WAAW,EAAE;gBACX,WAAW,EAAE,CAAC,IAA6B,EAA2B,EAAE;oBACtE,OAAO;wBACL,cAAc,EAAE;4BACd;gCACE,IAAI,EAAE,YAAY;gCAClB,IAAI,EAAE,gBAAC,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,aAAa,CAAC,CAAC;6BACpC;yBACF;wBACD,GAAG,CAAC,IAAI,CAAC,OAAO,IAAI,EAAC,GAAG,EAAE,IAAI,EAAC,CAAC;qBACjC,CAAC;gBACJ,CAAC;aACF;SACF,CAAC;QAGA,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IACzB,CAAC;CACF;AAhFD,0CAgFC"}
|
|
@@ -3,10 +3,14 @@ import { BaseConverter, ILookupPath, MappedTransform } from './base-converter';
|
|
|
3
3
|
export declare class NessusResults {
|
|
4
4
|
data: Record<string, unknown>;
|
|
5
5
|
customMapping?: MappedTransform<ExecJSON.Execution, ILookupPath>;
|
|
6
|
-
|
|
6
|
+
withRaw: boolean;
|
|
7
|
+
constructor(nessusXml: string, withRaw?: boolean);
|
|
7
8
|
toHdf(): ExecJSON.Execution[] | ExecJSON.Execution;
|
|
8
9
|
}
|
|
9
10
|
export declare class NessusMapper extends BaseConverter {
|
|
10
|
-
|
|
11
|
-
|
|
11
|
+
withRaw: boolean;
|
|
12
|
+
mappings: MappedTransform<ExecJSON.Execution & {
|
|
13
|
+
passthrough: unknown;
|
|
14
|
+
}, ILookupPath>;
|
|
15
|
+
constructor(nessusJson: Record<string, unknown>, withRaw?: boolean);
|
|
12
16
|
}
|