praetorian-cli 2.2.11__py3-none-any.whl → 2.2.13__py3-none-any.whl

praetorian_cli/handlers/add.py

@@ -1,4 +1,5 @@
 import datetime
+import json
 import os.path
 
 import click
@@ -163,7 +164,8 @@ def risk(sdk, name, asset, status, comment, capability):
 @click.option('-c', '--capability', 'capabilities', multiple=True,
               help='Capabilities to run (can be specified multiple times)')
 @click.option('-g', '--config', help='JSON configuration string')
-def job(sdk, key, capabilities, config):
+@click.option('-s', '--credential', 'credentials', help='Credential ID to use with the job', multiple=True)
+def job(sdk, key, capabilities, config, credentials):
     """ Schedule scan jobs for an asset or an attribute
 
     This command schedules the relevant discovery and vulnerability scans for
@@ -176,8 +178,9 @@ def job(sdk, key, capabilities, config):
         - praetorian chariot add job --key "#asset#example.com#1.2.3.4" -c subdomain -c portscan
         - praetorian chariot add job --key "#attribute#ssh#22#asset#api.www.example.com#1.2.3.4"
         - praetorian chariot add job --key "#asset#example.com#1.2.3.4" --config '{"run-type":"login"}'
+        - praetorian chariot add job --key "#asset#example.com#1.2.3.4" --config '{"run-type":"login"} --credential "E4644F37-6985-40B4-8D07-5311516D98F1"'
     """
-    sdk.jobs.add(key, capabilities, config)
+    sdk.jobs.add(key, capabilities, config, credentials)
 
 
 @add.command()
@@ -333,13 +336,52 @@ def key(sdk, name, expires):
 @click.option('-p', '--parent', required=False, help='Optional key of the parent WebApplication')
 def webpage(sdk, url, parent):
     """ Add a Webpage
-    
+
     Add a web page to the Chariot database. Webpages can optionally be associated
     with a parent WebApplication or exist independently.
-    
+
     \b
     Example usages:
         - praetorian chariot add webpage --url https://app.example.com/login
         - praetorian chariot add webpage --url https://app.example.com/admin --parent "#webapplication#https://app.example.com"
     """
     sdk.webpage.add(url, parent)
+
+
+@add.command()
+@cli_handler
+@click.option('-r', '--resource-key', required=True, help='The resource key for the credential (e.g., account key)')
+@click.option('-c', '--category', required=True,
+              type=click.Choice(['integration', 'cloud', 'env-integration']),
+              help='The category of the credential')
+@click.option('-t', '--type', 'cred_type', required=True,
+              help='The type of credential (aws, gcp, azure, static, ssh_key, json, active-directory, default)')
+@click.option('-l', '--label', required=True, help='A human-readable label for the credential')
+@click.option('-p', '--param', 'parameters', multiple=True,
+              help='Parameter in format key=value (can be specified multiple times)')
+def credential(sdk, resource_key, category, cred_type, label, parameters):
+    """ Add a credential
+
+    This command adds a credential to the credential broker. Credentials can be used
+    for authentication with various cloud providers, integrations, and environment services.
+
+    \b
+    Example usages:
+        - praetorian chariot add credential --resource-key "C.0c6cf7104f516b08-OGMPG" --category env-integration --type active-directory --label "Robb Stark" --param username=robb.stark --param password=sexywolfy --param domain=north.sevenkingdoms.local
+        - praetorian chariot add credential -r "C.example-key" -c cloud -t aws --label "AWS Production" -p region=us-east-1 -p role_arn=arn:aws:iam::123456789012:role/MyRole
+        - praetorian chariot add credential -r "C.example-key" -c integration -t static --label "API Token" -p token=abc123xyz
+    """
+    # Parse parameters from key=value format
+    params = {}
+    for param in parameters:
+        if '=' not in param:
+            error(f"Parameter '{param}' is not in the format key=value")
+            return
+        key, value = param.split('=', 1)
+        params[key] = value
+
+    try:
+        result = sdk.credentials.add(resource_key, category, cred_type, label, params)
+        click.echo(json.dumps(result, indent=2))
+    except Exception as e:
+        error(f'Unable to add credential. Error: {e}')

praetorian_cli/sdk/entities/credentials.py

@@ -9,6 +9,32 @@ class Credentials:
     def __init__(self, api):
         self.api = api
 
+    def add(self, resource_key, category, type, label, parameters):
+        """
+        Add a new credential to the credential broker.
+
+        :param resource_key: The resource key for the credential (e.g., account key)
+        :type resource_key: str
+        :param category: The category of the credential ('integration', 'cloud', 'env-integration')
+        :type category: str
+        :param type: The type of credential ('aws', 'gcp', 'azure', 'static', 'ssh_key', 'json', 'active-directory', 'default')
+        :type type: str
+        :param label: A human-readable label for the credential
+        :type label: str
+        :param parameters: Additional parameters for the credential (e.g., username, password, domain)
+        :type parameters: dict
+        :return: The response from the broker API
+        :rtype: dict
+        """
+        request = {
+            'Operation': 'add',
+            'ResourceKey': resource_key,
+            'Category': category,
+            'Type': type,
+            'Parameters': parameters | {'label': label}
+        }
+        return self.api.post('broker', request)
+
     def list(self, offset=None, pages=100000):
         """
         List credentials available to the current principal.

praetorian_cli/sdk/entities/jobs.py

@@ -8,7 +8,7 @@ class Jobs:
     def __init__(self, api):
         self.api = api
 
-    def add(self, target_key, capabilities=[], config=None):
+    def add(self, target_key, capabilities=[], config=None, credentials=[]):
         """
         Add a job to execute capabilities against an asset or attribute.
 
@@ -62,19 +62,22 @@ class Jobs:
             - crawler: Web application crawler
             - whois: Domain registration information lookup
         """
-        params = dict(key=target_key)
+        body = dict(key=target_key)
         if capabilities:
-            params = params | dict(capabilities=capabilities)
+            body = body | dict(capabilities=capabilities)
 
         if config:
             try:
-                params = params | dict(config=json.loads(config))
+                body = body | dict(config=json.loads(config))
             except json.JSONDecodeError as e:
                 raise Exception(f"Invalid JSON in configuration string: {e}")
             except Exception as e:
                 raise Exception(f"Error processing configuration string: {e}")
 
-        return self.api.force_add('job', params)
+        if credentials:
+            body = body | dict(credential_ids=credentials)
+
+        return self.api.force_add('job', body)
 
     def get(self, key):
         """

praetorian_cli/sdk/entities/risks.py

@@ -1,5 +1,5 @@
 from praetorian_cli.sdk.model.globals import Kind
-from praetorian_cli.sdk.model.query import Relationship, Node, Query, risk_of_key, ASSET_NODE, ATTRIBUTE_NODE, Filter
+from praetorian_cli.sdk.model.query import Relationship, Node, Query, risk_of_key, ASSET_NODE, PORT_NODE, Filter, WEBPAGE_NODE
 
 
 class Risks:
@@ -132,7 +132,7 @@ class Risks:
         Get all assets affected by a risk.
 
         This method finds assets that are directly linked to the risk via HAS_VULNERABILITY
-        relationships, as well as assets indirectly linked via attributes that have the risk.
+        relationships, as well as assets indirectly linked via ports that have the risk.
 
         :param key: The key of the risk to get affected assets for
         :type key: str
@@ -144,11 +144,18 @@ class Risks:
         query = Query(Node(ASSET_NODE, relationships=[to_this]))
         assets, _ = self.api.search.by_query(query)
 
-        # assets indirectly linked to the risk via an attribute
-        attributes = Node(ATTRIBUTE_NODE, relationships=[to_this])
-        to_attributes = Relationship(Relationship.Label.HAS_ATTRIBUTE, target=attributes)
-        query = Query(Node(ASSET_NODE, relationships=[to_attributes]))
+        # assets indirectly linked to the risk via a port
+        ports = Node(PORT_NODE, relationships=[to_this])
+        to_ports = Relationship(Relationship.Label.HAS_PORT, target=ports)
+        query = Query(Node(ASSET_NODE, relationships=[to_ports]))
         indirect_assets, _ = self.api.search.by_query(query)
 
+        # webpages linked to the risk
+        webpages = Node(WEBPAGE_NODE, relationships=[to_this])
+        to_webpages = Relationship(Relationship.Label.HAS_WEBPAGE, target=webpages)
+        query = Query(Node(ASSET_NODE, relationships=[to_webpages]))
+        web_assets, _ = self.api.search.by_query(query)
+
         assets.extend(indirect_assets)
+        assets.extend(web_assets)
         return assets

praetorian_cli/sdk/entities/webpage.py

@@ -126,7 +126,7 @@ class Webpage:
             urlFilter = Filter(field=Filter.Field.KEY, operator=Filter.Operator.CONTAINS, value=filter)
             filters.append(urlFilter)
         node = Node(labels=[Node.Label.WEBPAGE], filters=filters, relationships=relationships)
-        query = Query(node=node, page=offset, limit=pages)
+        query = Query(node=node, page=offset)
         return self.api.search.by_query(query, pages)
 
     def delete(self, key):

praetorian_cli/sdk/model/globals.py

@@ -110,6 +110,7 @@ class Kind(Enum):
     OTHERS = 'others'
     WEBAPPLICATION = 'webapplication'
     WEBPAGE = 'webpage'
+    PORT = 'port'
 
 EXACT_FLAG = {'exact': 'true'}
 DESCENDING_FLAG = {'desc': 'true'}

praetorian_cli/sdk/model/query.py

@@ -68,6 +68,7 @@ class Relationship:
         DISCOVERED = 'DISCOVERED'
         HAS_ATTRIBUTE = 'HAS_ATTRIBUTE'
         HAS_WEBPAGE = 'HAS_WEBPAGE'
+        HAS_PORT = 'HAS_PORT'
 
     def __init__(self, label: Label, source: 'Node' = None, target: 'Node' = None, optional: bool = False, length: int = 0):
         self.label = label
@@ -97,6 +98,7 @@ class Node:
         ADDOMAIN = 'ADDomain'
         ATTRIBUTE = 'Attribute'
         RISK = 'Risk'
+        PORT = 'Port'
         PRESEED = 'Preseed'
         SEED = 'Seed'
         TTL = 'TTL'
@@ -152,11 +154,15 @@ class Query:
 ASSET_NODE = [Node.Label.ASSET]
 RISK_NODE = [Node.Label.RISK]
 ATTRIBUTE_NODE = [Node.Label.ATTRIBUTE]
+PORT_NODE = [Node.Label.PORT]
+WEBAPPLICATION_NODE = [Node.Label.WEBAPPLICATION]
+WEBPAGE_NODE = [Node.Label.WEBPAGE]
 
 KIND_TO_LABEL = {
     Kind.ASSET.value: Node.Label.ASSET,
     Kind.RISK.value: Node.Label.RISK,
     Kind.ATTRIBUTE.value: Node.Label.ATTRIBUTE,
+    Kind.PORT.value: Node.Label.PORT,
     Kind.SEED.value: Node.Label.SEED,
     Kind.PRESEED.value: Node.Label.PRESEED,
     Kind.REPOSITORY.value: Node.Label.REPOSITORY,

praetorian_cli/sdk/test/test_z_cli.py

@@ -102,7 +102,7 @@ class TestZCli:
         self.verify(f'update risk "{o.risk_key}" -s {Risk.OPEN_LOW.value}')
         self.verify(f'get risk "{o.risk_key}"', [o.risk_key, f'"status": "{Risk.OPEN_LOW.value}"'])
 
-        self.verify(f'delete risk "{o.risk_key}"')
+        self.verify(f'delete risk "{o.risk_key}" -s {Risk.DELETED_OTHER_LOW.value}')
         self.verify(f'get risk "{o.risk_key}"', [
                     o.risk_key, f'"status": "{Risk.DELETED_OTHER_LOW.value}"',
                     f'"to": "{Risk.DELETED_OTHER_LOW.value}"'])

{praetorian_cli-2.2.11.dist-info → praetorian_cli-2.2.13.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: praetorian-cli
-Version: 2.2.11
+Version: 2.2.13
 Summary: For interacting with the Chariot API
 Home-page: https://github.com/praetorian-inc/praetorian-cli
 Author: Praetorian

{praetorian_cli-2.2.11.dist-info → praetorian_cli-2.2.13.dist-info}/RECORD

@@ -1,7 +1,7 @@
 praetorian_cli/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 praetorian_cli/main.py,sha256=AVrOCQgioLDKm-Y8-b3lLLdLtaO1WwOAzUfs0obe5Nw,1451
 praetorian_cli/handlers/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-praetorian_cli/handlers/add.py,sha256=gJoV4WqQbbWL-O84jXZK7HF0kiFNp9RkpDWPpN6CXAg,13854
+praetorian_cli/handlers/add.py,sha256=q0lJlGroHx0dA6w7V35CHZoi8tqHdj8lv5wqqRu0ZIA,16266
 praetorian_cli/handlers/aegis.py,sha256=1259bNmoUOVhcs7GqI8TyTyCI_ZvKzEPvfUVvAHcTzU,3936
 praetorian_cli/handlers/agent.py,sha256=52_BcZF10VOuiwkySQpjeh07JdUKaMURo-RLVOINK1w,3165
 praetorian_cli/handlers/chariot.py,sha256=HClwYdsgFKlLY68RhV65W1Y4g-JgbBDdI4PdP4s8MgI,611
@@ -36,14 +36,14 @@ praetorian_cli/sdk/entities/assets.py,sha256=z8ErleQQ-BdnYkwPWOp2EQ8eJI4YB8qi45X
 praetorian_cli/sdk/entities/attributes.py,sha256=AyWsYyjUFNbHTCN7j-OYA7YD1Y0z_LmnlcME5y74je8,3573
 praetorian_cli/sdk/entities/capabilities.py,sha256=WeNlPrhVgLQPbpqYvS4nHmIX697ITpoZkJeLYxG5bmY,2808
 praetorian_cli/sdk/entities/configurations.py,sha256=y32_QYSS6MgGDyz0tEuJgG6jWCI4Vyzwyf0m4SVtVNw,4249
-praetorian_cli/sdk/entities/credentials.py,sha256=ndOqUJwk4FxO8vu85k9v34QmyoGTQeebhcJQd0NEcNU,5140
+praetorian_cli/sdk/entities/credentials.py,sha256=tl9NHUGygFkcTFiMzJwO-jjV_HOQH1WAiXBeWwP9Yxc,6247
 praetorian_cli/sdk/entities/definitions.py,sha256=rpuNLM3DZxMr5YINYDD6ePWG1TEI1biZ4IqnjpDAEh0,3125
 praetorian_cli/sdk/entities/files.py,sha256=Gw9Yt_Cm2xR-Vu8vjaekMHbGldhe930WJjjeaJrBLxg,5822
 praetorian_cli/sdk/entities/integrations.py,sha256=NVaW_dWbnMkMIs-EYr2W7QAeamPVwLhmM2ppdMJmsK0,3176
-praetorian_cli/sdk/entities/jobs.py,sha256=JBkNgFzQEtV0XJSuKtAzCHOYa9rcVxgTkp-tAuS6CP0,8181
+praetorian_cli/sdk/entities/jobs.py,sha256=k4QFw4qR5MdVyMAYstfnRIWr_ZH4q1PwDyUEGC-qBSM,8269
 praetorian_cli/sdk/entities/keys.py,sha256=PgoGa3xyLMzWrIIQ8zgi7bfZiUFFumPtMDo64GjhdjE,6089
 praetorian_cli/sdk/entities/preseeds.py,sha256=SeSY4K6diJMQzsjCBxYK3N9Lz0fUz3B_LMBOAAcBSLg,8890
-praetorian_cli/sdk/entities/risks.py,sha256=THNcPoCAGIqNhnH_AZvrQN7tdiOtF6n5V1tgeSomBpw,6317
+praetorian_cli/sdk/entities/risks.py,sha256=7WcAGiehoGuLlugIujxQC2FcA1ndOh7s_ooEGERpWM4,6630
 praetorian_cli/sdk/entities/scanners.py,sha256=QCr5QlBy4jfBh8HRvZt9CoZTgNqLNnKNrI4sdfJf0jE,423
 praetorian_cli/sdk/entities/schema.py,sha256=CPVws1CdRHyOAI7oT9A20WGOCZozTFqZnfo5ox3v0HQ,807
 praetorian_cli/sdk/entities/search.py,sha256=9vTy9HZY2BTlqf5Zwpdl8HCRIfSEvWDRij2_-rAp2Ng,16938
@@ -51,11 +51,11 @@ praetorian_cli/sdk/entities/seeds.py,sha256=eYDFtfgzIX_o9c5wuPiz9I2xDfTz7k9PZPzL
 praetorian_cli/sdk/entities/settings.py,sha256=F-pRCA6UvbdtnjHOLpEG2lN9ws8dcnBNcep-DFlXeTY,2750
 praetorian_cli/sdk/entities/statistics.py,sha256=gtX-NN7r_RsNjDjlQ-zspmzG_0bzBqBFarCuM4NO-EA,7085
 praetorian_cli/sdk/entities/webhook.py,sha256=7Bqt20GlJFbZTlmQwYTuUadsUQvydym6S4kGn9zYa50,6220
-praetorian_cli/sdk/entities/webpage.py,sha256=FBS3HzuUJnQR9Blm_cBCd9efYAdc2wA2tUFY-cpLj4k,6787
+praetorian_cli/sdk/entities/webpage.py,sha256=YVwWd_xAYqJb_ZjmKdp8kJ0Q1S9EbUyEttCHes6DhOQ,6774
 praetorian_cli/sdk/model/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 praetorian_cli/sdk/model/aegis.py,sha256=KNeynkCJtaR5bIhv3-VNirjxq4i-6JhCZGTb5rmxkQ4,5344
-praetorian_cli/sdk/model/globals.py,sha256=8nQjs4KD3BR0CWAyE4YAgSCwse4Mtj4wADIGx1avf8M,2990
-praetorian_cli/sdk/model/query.py,sha256=MUzFaJ7FGvKgxm6_P-fLfCG9L3-qKPoOB5mJ59WwKNc,6526
+praetorian_cli/sdk/model/globals.py,sha256=OGZSPnOsIS9ZZvb-74uL-JyyUB_NBRZRiEN7YWnqZO8,3008
+praetorian_cli/sdk/model/query.py,sha256=NVuuoW8y7b1SNHbJJV2KSV2Sl5NH39XoDW0oMMzFENI,6732
 praetorian_cli/sdk/model/utils.py,sha256=G8cU7K2uG0-J0GanjcCrzDuUtKzDOucFWF6hGtfOsTM,781
 praetorian_cli/sdk/test/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 praetorian_cli/sdk/test/pytest.ini,sha256=uM552lJOoxWRplXtonIeo2v7M2kHZmJKis7OgnvoLxg,213
@@ -79,7 +79,7 @@ praetorian_cli/sdk/test/test_seed.py,sha256=WfnEPZwMXHFtt4jyVT-1JitIW1zTrl7rwlX8
 praetorian_cli/sdk/test/test_setting.py,sha256=hdPQj71rjSYxa-PODG2D-kJd8C9gkAg1jQXnqYU4P6A,1326
 praetorian_cli/sdk/test/test_webhook.py,sha256=FQJY76QQ6Yg2iLCGpxgKiXGI8TtmB4zTpMIM2SpYKCc,2228
 praetorian_cli/sdk/test/test_webpage.py,sha256=jgKrsobD3ONibDIbbOT-yy7V_NmC5-LwEZmEYdYu0LI,1779
-praetorian_cli/sdk/test/test_z_cli.py,sha256=LKYYAcxTA06AXgVTF9pM_BXgMHVSC5srXd-qdUSuiMU,20669
+praetorian_cli/sdk/test/test_z_cli.py,sha256=jhpv65p0JRJU-_uSSbVo9SznKm_2iAhOlSPkx8E4Oq4,20703
 praetorian_cli/sdk/test/ui_mocks.py,sha256=kiqAPxaM-_T0NQ-HgOZupNiUoJa5mE2CsyK2cXWiPws,4146
 praetorian_cli/sdk/test/utils.py,sha256=svxMpzlaW4FRCij05cPgJFrTUEELVdt8G7SPKEdsgPo,3526
 praetorian_cli/ui/__init__.py,sha256=wEgkrgIaoOguH1VVp2FndaGIxWmZ5CfAynXtNtZ6iTo,81
@@ -96,9 +96,9 @@ praetorian_cli/ui/aegis/commands/set.py,sha256=WJ0Qt30fBa_hyWEaawyA3h3rSeWHFPbJS
 praetorian_cli/ui/aegis/commands/ssh.py,sha256=KGsNlN0i-Cwp6gWyr-cjML9_L13oE7xFenysF2pC8Rc,3045
 praetorian_cli/ui/conversation/__init__.py,sha256=sNhNN_ZG1Va_7OLTaoXlIFL6ageKHWdufFVYw6F_aV8,90
 praetorian_cli/ui/conversation/textual_chat.py,sha256=gGgEs7HhNAto9rTVrGbz62mG10OqmtArI-aKxFLSfVs,24405
-praetorian_cli-2.2.11.dist-info/licenses/LICENSE,sha256=Zv97QripiVALv-WokW_Elsiz9vtOfbtNt1aLZhhk67I,1067
-praetorian_cli-2.2.11.dist-info/METADATA,sha256=S38eZTVQ_ckoHoD6gFKzDanvXEcyOFjyJEWcIuFFZnU,7752
-praetorian_cli-2.2.11.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
-praetorian_cli-2.2.11.dist-info/entry_points.txt,sha256=uJbDvZdkYaLiCh2DMvXPUGKFm2p5ZfzJCizUK3-PUEE,56
-praetorian_cli-2.2.11.dist-info/top_level.txt,sha256=QbUdRPGEj_TyHO-E7AD5BxFfR8ore37i273jP4Gn43c,15
-praetorian_cli-2.2.11.dist-info/RECORD,,
+praetorian_cli-2.2.13.dist-info/licenses/LICENSE,sha256=Zv97QripiVALv-WokW_Elsiz9vtOfbtNt1aLZhhk67I,1067
+praetorian_cli-2.2.13.dist-info/METADATA,sha256=MUJwo3wrkUulp376p98YNPnFC_tmNaMvSwGWbANr5xI,7752
+praetorian_cli-2.2.13.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
+praetorian_cli-2.2.13.dist-info/entry_points.txt,sha256=uJbDvZdkYaLiCh2DMvXPUGKFm2p5ZfzJCizUK3-PUEE,56
+praetorian_cli-2.2.13.dist-info/top_level.txt,sha256=QbUdRPGEj_TyHO-E7AD5BxFfR8ore37i273jP4Gn43c,15
+praetorian_cli-2.2.13.dist-info/RECORD,,