PyPI - regscale-cli - Versions diffs - 6.16.0.0__py3-none-any.whl - Mend

regscale-cli 6.16.0.0__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of regscale-cli might be problematic. Click here for more details.

Files changed (481) hide show

regscale/__init__.py +1 -0
regscale/airflow/__init__.py +9 -0
regscale/airflow/azure/__init__.py +9 -0
regscale/airflow/azure/cli.py +89 -0
regscale/airflow/azure/upload_dags.py +116 -0
regscale/airflow/click_dags.py +127 -0
regscale/airflow/click_mixins.py +82 -0
regscale/airflow/config.py +25 -0
regscale/airflow/factories/__init__.py +0 -0
regscale/airflow/factories/connections.py +58 -0
regscale/airflow/factories/workflows.py +78 -0
regscale/airflow/hierarchy.py +88 -0
regscale/airflow/operators/__init__.py +0 -0
regscale/airflow/operators/click.py +36 -0
regscale/airflow/sensors/__init__.py +0 -0
regscale/airflow/sensors/sql.py +107 -0
regscale/airflow/sessions/__init__.py +0 -0
regscale/airflow/sessions/sql/__init__.py +3 -0
regscale/airflow/sessions/sql/queries.py +64 -0
regscale/airflow/sessions/sql/sql_server_queries.py +248 -0
regscale/airflow/tasks/__init__.py +0 -0
regscale/airflow/tasks/branches.py +22 -0
regscale/airflow/tasks/cli.py +116 -0
regscale/airflow/tasks/click.py +73 -0
regscale/airflow/tasks/debugging.py +9 -0
regscale/airflow/tasks/groups.py +116 -0
regscale/airflow/tasks/init.py +60 -0
regscale/airflow/tasks/states.py +47 -0
regscale/airflow/tasks/workflows.py +36 -0
regscale/ansible/__init__.py +9 -0
regscale/core/__init__.py +0 -0
regscale/core/app/__init__.py +3 -0
regscale/core/app/api.py +571 -0
regscale/core/app/application.py +665 -0
regscale/core/app/internal/__init__.py +136 -0
regscale/core/app/internal/admin_actions.py +230 -0
regscale/core/app/internal/assessments_editor.py +873 -0
regscale/core/app/internal/catalog.py +316 -0
regscale/core/app/internal/comparison.py +459 -0
regscale/core/app/internal/control_editor.py +571 -0
regscale/core/app/internal/encrypt.py +79 -0
regscale/core/app/internal/evidence.py +1240 -0
regscale/core/app/internal/file_uploads.py +151 -0
regscale/core/app/internal/healthcheck.py +66 -0
regscale/core/app/internal/login.py +305 -0
regscale/core/app/internal/migrations.py +240 -0
regscale/core/app/internal/model_editor.py +1701 -0
regscale/core/app/internal/poam_editor.py +632 -0
regscale/core/app/internal/workflow.py +105 -0
regscale/core/app/logz.py +74 -0
regscale/core/app/utils/XMLIR.py +258 -0
regscale/core/app/utils/__init__.py +0 -0
regscale/core/app/utils/api_handler.py +358 -0
regscale/core/app/utils/app_utils.py +1110 -0
regscale/core/app/utils/catalog_utils/__init__.py +0 -0
regscale/core/app/utils/catalog_utils/common.py +91 -0
regscale/core/app/utils/catalog_utils/compare_catalog.py +193 -0
regscale/core/app/utils/catalog_utils/diagnostic_catalog.py +97 -0
regscale/core/app/utils/catalog_utils/download_catalog.py +103 -0
regscale/core/app/utils/catalog_utils/update_catalog.py +718 -0
regscale/core/app/utils/catalog_utils/update_catalog_v2.py +1378 -0
regscale/core/app/utils/catalog_utils/update_catalog_v3.py +1272 -0
regscale/core/app/utils/catalog_utils/update_plans.py +334 -0
regscale/core/app/utils/file_utils.py +238 -0
regscale/core/app/utils/parser_utils.py +81 -0
regscale/core/app/utils/pickle_file_handler.py +57 -0
regscale/core/app/utils/regscale_utils.py +319 -0
regscale/core/app/utils/report_utils.py +119 -0
regscale/core/app/utils/variables.py +226 -0
regscale/core/decorators.py +31 -0
regscale/core/lazy_group.py +65 -0
regscale/core/login.py +63 -0
regscale/core/server/__init__.py +0 -0
regscale/core/server/flask_api.py +473 -0
regscale/core/server/helpers.py +373 -0
regscale/core/server/rest.py +64 -0
regscale/core/server/static/css/bootstrap.css +6030 -0
regscale/core/server/static/css/bootstrap.min.css +6 -0
regscale/core/server/static/css/main.css +176 -0
regscale/core/server/static/images/regscale-cli.svg +49 -0
regscale/core/server/static/images/regscale.svg +38 -0
regscale/core/server/templates/base.html +74 -0
regscale/core/server/templates/index.html +43 -0
regscale/core/server/templates/login.html +28 -0
regscale/core/server/templates/make_base64.html +22 -0
regscale/core/server/templates/upload_STIG.html +109 -0
regscale/core/server/templates/upload_STIG_result.html +26 -0
regscale/core/server/templates/upload_ssp.html +144 -0
regscale/core/server/templates/upload_ssp_result.html +128 -0
regscale/core/static/__init__.py +0 -0
regscale/core/static/regex.py +14 -0
regscale/core/utils/__init__.py +117 -0
regscale/core/utils/click_utils.py +13 -0
regscale/core/utils/date.py +238 -0
regscale/core/utils/graphql.py +254 -0
regscale/core/utils/urls.py +23 -0
regscale/dev/__init__.py +6 -0
regscale/dev/analysis.py +454 -0
regscale/dev/cli.py +235 -0
regscale/dev/code_gen.py +492 -0
regscale/dev/dirs.py +69 -0
regscale/dev/docs.py +384 -0
regscale/dev/monitoring.py +26 -0
regscale/dev/profiling.py +216 -0
regscale/exceptions/__init__.py +4 -0
regscale/exceptions/license_exception.py +7 -0
regscale/exceptions/validation_exception.py +9 -0
regscale/integrations/__init__.py +1 -0
regscale/integrations/commercial/__init__.py +486 -0
regscale/integrations/commercial/ad.py +433 -0
regscale/integrations/commercial/amazon/__init__.py +0 -0
regscale/integrations/commercial/amazon/common.py +106 -0
regscale/integrations/commercial/aqua/__init__.py +0 -0
regscale/integrations/commercial/aqua/aqua.py +91 -0
regscale/integrations/commercial/aws/__init__.py +6 -0
regscale/integrations/commercial/aws/cli.py +322 -0
regscale/integrations/commercial/aws/inventory/__init__.py +110 -0
regscale/integrations/commercial/aws/inventory/base.py +64 -0
regscale/integrations/commercial/aws/inventory/resources/__init__.py +19 -0
regscale/integrations/commercial/aws/inventory/resources/compute.py +234 -0
regscale/integrations/commercial/aws/inventory/resources/containers.py +113 -0
regscale/integrations/commercial/aws/inventory/resources/database.py +101 -0
regscale/integrations/commercial/aws/inventory/resources/integration.py +237 -0
regscale/integrations/commercial/aws/inventory/resources/networking.py +253 -0
regscale/integrations/commercial/aws/inventory/resources/security.py +240 -0
regscale/integrations/commercial/aws/inventory/resources/storage.py +91 -0
regscale/integrations/commercial/aws/scanner.py +823 -0
regscale/integrations/commercial/azure/__init__.py +0 -0
regscale/integrations/commercial/azure/common.py +32 -0
regscale/integrations/commercial/azure/intune.py +488 -0
regscale/integrations/commercial/azure/scanner.py +49 -0
regscale/integrations/commercial/burp.py +78 -0
regscale/integrations/commercial/cpe.py +144 -0
regscale/integrations/commercial/crowdstrike.py +1117 -0
regscale/integrations/commercial/defender.py +1511 -0
regscale/integrations/commercial/dependabot.py +210 -0
regscale/integrations/commercial/durosuite/__init__.py +0 -0
regscale/integrations/commercial/durosuite/api.py +1546 -0
regscale/integrations/commercial/durosuite/process_devices.py +101 -0
regscale/integrations/commercial/durosuite/scanner.py +637 -0
regscale/integrations/commercial/durosuite/variables.py +21 -0
regscale/integrations/commercial/ecr.py +90 -0
regscale/integrations/commercial/gcp/__init__.py +237 -0
regscale/integrations/commercial/gcp/auth.py +96 -0
regscale/integrations/commercial/gcp/control_tests.py +238 -0
regscale/integrations/commercial/gcp/variables.py +18 -0
regscale/integrations/commercial/gitlab.py +332 -0
regscale/integrations/commercial/grype.py +165 -0
regscale/integrations/commercial/ibm.py +90 -0
regscale/integrations/commercial/import_all/__init__.py +0 -0
regscale/integrations/commercial/import_all/import_all_cmd.py +467 -0
regscale/integrations/commercial/import_all/scan_file_fingerprints.json +27 -0
regscale/integrations/commercial/jira.py +1046 -0
regscale/integrations/commercial/mappings/__init__.py +0 -0
regscale/integrations/commercial/mappings/csf_controls.json +713 -0
regscale/integrations/commercial/mappings/nist_800_53_r5_controls.json +1516 -0
regscale/integrations/commercial/nessus/__init__.py +0 -0
regscale/integrations/commercial/nessus/nessus_utils.py +429 -0
regscale/integrations/commercial/nessus/scanner.py +416 -0
regscale/integrations/commercial/nexpose.py +90 -0
regscale/integrations/commercial/okta.py +798 -0
regscale/integrations/commercial/opentext/__init__.py +0 -0
regscale/integrations/commercial/opentext/click.py +99 -0
regscale/integrations/commercial/opentext/scanner.py +143 -0
regscale/integrations/commercial/prisma.py +91 -0
regscale/integrations/commercial/qualys.py +1462 -0
regscale/integrations/commercial/salesforce.py +980 -0
regscale/integrations/commercial/sap/__init__.py +0 -0
regscale/integrations/commercial/sap/click.py +31 -0
regscale/integrations/commercial/sap/sysdig/__init__.py +0 -0
regscale/integrations/commercial/sap/sysdig/click.py +57 -0
regscale/integrations/commercial/sap/sysdig/sysdig_scanner.py +190 -0
regscale/integrations/commercial/sap/tenable/__init__.py +0 -0
regscale/integrations/commercial/sap/tenable/click.py +49 -0
regscale/integrations/commercial/sap/tenable/scanner.py +196 -0
regscale/integrations/commercial/servicenow.py +1756 -0
regscale/integrations/commercial/sicura/__init__.py +0 -0
regscale/integrations/commercial/sicura/api.py +855 -0
regscale/integrations/commercial/sicura/commands.py +73 -0
regscale/integrations/commercial/sicura/scanner.py +481 -0
regscale/integrations/commercial/sicura/variables.py +16 -0
regscale/integrations/commercial/snyk.py +90 -0
regscale/integrations/commercial/sonarcloud.py +260 -0
regscale/integrations/commercial/sqlserver.py +369 -0
regscale/integrations/commercial/stig_mapper_integration/__init__.py +0 -0
regscale/integrations/commercial/stig_mapper_integration/click_commands.py +38 -0
regscale/integrations/commercial/stig_mapper_integration/mapping_engine.py +353 -0
regscale/integrations/commercial/stigv2/__init__.py +0 -0
regscale/integrations/commercial/stigv2/ckl_parser.py +349 -0
regscale/integrations/commercial/stigv2/click_commands.py +95 -0
regscale/integrations/commercial/stigv2/stig_integration.py +202 -0
regscale/integrations/commercial/synqly/__init__.py +0 -0
regscale/integrations/commercial/synqly/assets.py +46 -0
regscale/integrations/commercial/synqly/ticketing.py +132 -0
regscale/integrations/commercial/synqly/vulnerabilities.py +223 -0
regscale/integrations/commercial/synqly_jira.py +840 -0
regscale/integrations/commercial/tenablev2/__init__.py +0 -0
regscale/integrations/commercial/tenablev2/authenticate.py +31 -0
regscale/integrations/commercial/tenablev2/click.py +1584 -0
regscale/integrations/commercial/tenablev2/scanner.py +504 -0
regscale/integrations/commercial/tenablev2/stig_parsers.py +140 -0
regscale/integrations/commercial/tenablev2/utils.py +78 -0
regscale/integrations/commercial/tenablev2/variables.py +17 -0
regscale/integrations/commercial/trivy.py +162 -0
regscale/integrations/commercial/veracode.py +96 -0
regscale/integrations/commercial/wizv2/WizDataMixin.py +97 -0
regscale/integrations/commercial/wizv2/__init__.py +0 -0
regscale/integrations/commercial/wizv2/click.py +429 -0
regscale/integrations/commercial/wizv2/constants.py +1001 -0
regscale/integrations/commercial/wizv2/issue.py +361 -0
regscale/integrations/commercial/wizv2/models.py +112 -0
regscale/integrations/commercial/wizv2/parsers.py +339 -0
regscale/integrations/commercial/wizv2/sbom.py +115 -0
regscale/integrations/commercial/wizv2/scanner.py +416 -0
regscale/integrations/commercial/wizv2/utils.py +796 -0
regscale/integrations/commercial/wizv2/variables.py +39 -0
regscale/integrations/commercial/wizv2/wiz_auth.py +159 -0
regscale/integrations/commercial/xray.py +91 -0
regscale/integrations/integration/__init__.py +2 -0
regscale/integrations/integration/integration.py +26 -0
regscale/integrations/integration/inventory.py +17 -0
regscale/integrations/integration/issue.py +100 -0
regscale/integrations/integration_override.py +149 -0
regscale/integrations/public/__init__.py +103 -0
regscale/integrations/public/cisa.py +641 -0
regscale/integrations/public/criticality_updater.py +70 -0
regscale/integrations/public/emass.py +411 -0
regscale/integrations/public/emass_slcm_import.py +697 -0
regscale/integrations/public/fedramp/__init__.py +0 -0
regscale/integrations/public/fedramp/appendix_parser.py +548 -0
regscale/integrations/public/fedramp/click.py +479 -0
regscale/integrations/public/fedramp/components.py +714 -0
regscale/integrations/public/fedramp/docx_parser.py +259 -0
regscale/integrations/public/fedramp/fedramp_cis_crm.py +1124 -0
regscale/integrations/public/fedramp/fedramp_common.py +3181 -0
regscale/integrations/public/fedramp/fedramp_docx.py +388 -0
regscale/integrations/public/fedramp/fedramp_five.py +2343 -0
regscale/integrations/public/fedramp/fedramp_traversal.py +138 -0
regscale/integrations/public/fedramp/import_fedramp_r4_ssp.py +279 -0
regscale/integrations/public/fedramp/import_workbook.py +495 -0
regscale/integrations/public/fedramp/inventory_items.py +244 -0
regscale/integrations/public/fedramp/mappings/__init__.py +0 -0
regscale/integrations/public/fedramp/mappings/fedramp_r4_parts.json +7388 -0
regscale/integrations/public/fedramp/mappings/fedramp_r5_params.json +8636 -0
regscale/integrations/public/fedramp/mappings/fedramp_r5_parts.json +9605 -0
regscale/integrations/public/fedramp/mappings/system_roles.py +34 -0
regscale/integrations/public/fedramp/mappings/user.py +175 -0
regscale/integrations/public/fedramp/mappings/values.py +141 -0
regscale/integrations/public/fedramp/markdown_parser.py +150 -0
regscale/integrations/public/fedramp/metadata.py +689 -0
regscale/integrations/public/fedramp/models/__init__.py +59 -0
regscale/integrations/public/fedramp/models/leveraged_auth_new.py +168 -0
regscale/integrations/public/fedramp/models/poam_importer.py +522 -0
regscale/integrations/public/fedramp/parts_mapper.py +107 -0
regscale/integrations/public/fedramp/poam/__init__.py +0 -0
regscale/integrations/public/fedramp/poam/scanner.py +851 -0
regscale/integrations/public/fedramp/properties.py +201 -0
regscale/integrations/public/fedramp/reporting.py +84 -0
regscale/integrations/public/fedramp/resources.py +496 -0
regscale/integrations/public/fedramp/rosetta.py +110 -0
regscale/integrations/public/fedramp/ssp_logger.py +87 -0
regscale/integrations/public/fedramp/system_characteristics.py +922 -0
regscale/integrations/public/fedramp/system_control_implementations.py +582 -0
regscale/integrations/public/fedramp/system_implementation.py +190 -0
regscale/integrations/public/fedramp/xml_utils.py +87 -0
regscale/integrations/public/nist_catalog.py +275 -0
regscale/integrations/public/oscal.py +1946 -0
regscale/integrations/public/otx.py +169 -0
regscale/integrations/scanner_integration.py +2692 -0
regscale/integrations/variables.py +25 -0
regscale/models/__init__.py +7 -0
regscale/models/app_models/__init__.py +5 -0
regscale/models/app_models/catalog_compare.py +213 -0
regscale/models/app_models/click.py +252 -0
regscale/models/app_models/datetime_encoder.py +21 -0
regscale/models/app_models/import_validater.py +321 -0
regscale/models/app_models/mapping.py +260 -0
regscale/models/app_models/pipeline.py +37 -0
regscale/models/click_models.py +413 -0
regscale/models/config.py +154 -0
regscale/models/email_style.css +67 -0
regscale/models/hierarchy.py +8 -0
regscale/models/inspect_models.py +79 -0
regscale/models/integration_models/__init__.py +0 -0
regscale/models/integration_models/amazon_models/__init__.py +0 -0
regscale/models/integration_models/amazon_models/inspector.py +262 -0
regscale/models/integration_models/amazon_models/inspector_scan.py +206 -0
regscale/models/integration_models/aqua.py +247 -0
regscale/models/integration_models/azure_alerts.py +255 -0
regscale/models/integration_models/base64.py +23 -0
regscale/models/integration_models/burp.py +433 -0
regscale/models/integration_models/burp_models.py +128 -0
regscale/models/integration_models/cisa_kev_data.json +19333 -0
regscale/models/integration_models/defender_data.py +93 -0
regscale/models/integration_models/defenderimport.py +143 -0
regscale/models/integration_models/drf.py +443 -0
regscale/models/integration_models/ecr_models/__init__.py +0 -0
regscale/models/integration_models/ecr_models/data.py +69 -0
regscale/models/integration_models/ecr_models/ecr.py +239 -0
regscale/models/integration_models/flat_file_importer.py +1079 -0
regscale/models/integration_models/grype_import.py +247 -0
regscale/models/integration_models/ibm.py +126 -0
regscale/models/integration_models/implementation_results.py +85 -0
regscale/models/integration_models/nexpose.py +140 -0
regscale/models/integration_models/prisma.py +202 -0
regscale/models/integration_models/qualys.py +720 -0
regscale/models/integration_models/qualys_scanner.py +160 -0
regscale/models/integration_models/sbom/__init__.py +0 -0
regscale/models/integration_models/sbom/cyclone_dx.py +139 -0
regscale/models/integration_models/send_reminders.py +620 -0
regscale/models/integration_models/snyk.py +155 -0
regscale/models/integration_models/synqly_models/__init__.py +0 -0
regscale/models/integration_models/synqly_models/capabilities.json +1 -0
regscale/models/integration_models/synqly_models/connector_types.py +22 -0
regscale/models/integration_models/synqly_models/connectors/__init__.py +7 -0
regscale/models/integration_models/synqly_models/connectors/assets.py +97 -0
regscale/models/integration_models/synqly_models/connectors/ticketing.py +583 -0
regscale/models/integration_models/synqly_models/connectors/vulnerabilities.py +169 -0
regscale/models/integration_models/synqly_models/ocsf_mapper.py +331 -0
regscale/models/integration_models/synqly_models/param.py +72 -0
regscale/models/integration_models/synqly_models/synqly_model.py +733 -0
regscale/models/integration_models/synqly_models/tenants.py +39 -0
regscale/models/integration_models/tenable_models/__init__.py +0 -0
regscale/models/integration_models/tenable_models/integration.py +187 -0
regscale/models/integration_models/tenable_models/models.py +513 -0
regscale/models/integration_models/trivy_import.py +231 -0
regscale/models/integration_models/veracode.py +217 -0
regscale/models/integration_models/xray.py +135 -0
regscale/models/locking.py +100 -0
regscale/models/platform.py +110 -0
regscale/models/regscale_models/__init__.py +67 -0
regscale/models/regscale_models/assessment.py +570 -0
regscale/models/regscale_models/assessment_plan.py +52 -0
regscale/models/regscale_models/asset.py +567 -0
regscale/models/regscale_models/asset_mapping.py +190 -0
regscale/models/regscale_models/case.py +42 -0
regscale/models/regscale_models/catalog.py +261 -0
regscale/models/regscale_models/cci.py +46 -0
regscale/models/regscale_models/change.py +167 -0
regscale/models/regscale_models/checklist.py +372 -0
regscale/models/regscale_models/comment.py +49 -0
regscale/models/regscale_models/compliance_settings.py +112 -0
regscale/models/regscale_models/component.py +412 -0
regscale/models/regscale_models/component_mapping.py +65 -0
regscale/models/regscale_models/control.py +38 -0
regscale/models/regscale_models/control_implementation.py +1128 -0
regscale/models/regscale_models/control_objective.py +261 -0
regscale/models/regscale_models/control_parameter.py +100 -0
regscale/models/regscale_models/control_test.py +34 -0
regscale/models/regscale_models/control_test_plan.py +75 -0
regscale/models/regscale_models/control_test_result.py +52 -0
regscale/models/regscale_models/custom_field.py +245 -0
regscale/models/regscale_models/data.py +109 -0
regscale/models/regscale_models/data_center.py +40 -0
regscale/models/regscale_models/deviation.py +203 -0
regscale/models/regscale_models/email.py +97 -0
regscale/models/regscale_models/evidence.py +47 -0
regscale/models/regscale_models/evidence_mapping.py +40 -0
regscale/models/regscale_models/facility.py +59 -0
regscale/models/regscale_models/file.py +382 -0
regscale/models/regscale_models/filetag.py +37 -0
regscale/models/regscale_models/form_field_value.py +94 -0
regscale/models/regscale_models/group.py +169 -0
regscale/models/regscale_models/implementation_objective.py +335 -0
regscale/models/regscale_models/implementation_option.py +275 -0
regscale/models/regscale_models/implementation_role.py +33 -0
regscale/models/regscale_models/incident.py +177 -0
regscale/models/regscale_models/interconnection.py +43 -0
regscale/models/regscale_models/issue.py +1176 -0
regscale/models/regscale_models/leveraged_authorization.py +125 -0
regscale/models/regscale_models/line_of_inquiry.py +52 -0
regscale/models/regscale_models/link.py +205 -0
regscale/models/regscale_models/meta_data.py +64 -0
regscale/models/regscale_models/mixins/__init__.py +0 -0
regscale/models/regscale_models/mixins/parent_cache.py +124 -0
regscale/models/regscale_models/module.py +224 -0
regscale/models/regscale_models/modules.py +191 -0
regscale/models/regscale_models/objective.py +14 -0
regscale/models/regscale_models/parameter.py +87 -0
regscale/models/regscale_models/ports_protocol.py +81 -0
regscale/models/regscale_models/privacy.py +89 -0
regscale/models/regscale_models/profile.py +50 -0
regscale/models/regscale_models/profile_link.py +68 -0
regscale/models/regscale_models/profile_mapping.py +124 -0
regscale/models/regscale_models/project.py +63 -0
regscale/models/regscale_models/property.py +278 -0
regscale/models/regscale_models/question.py +85 -0
regscale/models/regscale_models/questionnaire.py +87 -0
regscale/models/regscale_models/questionnaire_instance.py +177 -0
regscale/models/regscale_models/rbac.py +132 -0
regscale/models/regscale_models/reference.py +86 -0
regscale/models/regscale_models/regscale_model.py +1643 -0
regscale/models/regscale_models/requirement.py +29 -0
regscale/models/regscale_models/risk.py +274 -0
regscale/models/regscale_models/sbom.py +54 -0
regscale/models/regscale_models/scan_history.py +436 -0
regscale/models/regscale_models/search.py +53 -0
regscale/models/regscale_models/security_control.py +132 -0
regscale/models/regscale_models/security_plan.py +204 -0
regscale/models/regscale_models/software_inventory.py +159 -0
regscale/models/regscale_models/stake_holder.py +64 -0
regscale/models/regscale_models/stig.py +647 -0
regscale/models/regscale_models/supply_chain.py +152 -0
regscale/models/regscale_models/system_role.py +188 -0
regscale/models/regscale_models/system_role_external_assignment.py +40 -0
regscale/models/regscale_models/tag.py +37 -0
regscale/models/regscale_models/tag_mapping.py +19 -0
regscale/models/regscale_models/task.py +133 -0
regscale/models/regscale_models/threat.py +196 -0
regscale/models/regscale_models/user.py +175 -0
regscale/models/regscale_models/user_group.py +55 -0
regscale/models/regscale_models/vulnerability.py +242 -0
regscale/models/regscale_models/vulnerability_mapping.py +162 -0
regscale/models/regscale_models/workflow.py +55 -0
regscale/models/regscale_models/workflow_action.py +34 -0
regscale/models/regscale_models/workflow_instance.py +269 -0
regscale/models/regscale_models/workflow_instance_step.py +114 -0
regscale/models/regscale_models/workflow_template.py +58 -0
regscale/models/regscale_models/workflow_template_step.py +45 -0
regscale/regscale.py +815 -0
regscale/utils/__init__.py +7 -0
regscale/utils/b64conversion.py +14 -0
regscale/utils/click_utils.py +118 -0
regscale/utils/decorators.py +48 -0
regscale/utils/dict_utils.py +59 -0
regscale/utils/files.py +79 -0
regscale/utils/fxns.py +30 -0
regscale/utils/graphql_client.py +113 -0
regscale/utils/lists.py +16 -0
regscale/utils/numbers.py +12 -0
regscale/utils/shell.py +148 -0
regscale/utils/string.py +121 -0
regscale/utils/synqly_utils.py +165 -0
regscale/utils/threading/__init__.py +8 -0
regscale/utils/threading/threadhandler.py +131 -0
regscale/utils/threading/threadsafe_counter.py +47 -0
regscale/utils/threading/threadsafe_dict.py +242 -0
regscale/utils/threading/threadsafe_list.py +83 -0
regscale/utils/version.py +104 -0
regscale/validation/__init__.py +0 -0
regscale/validation/address.py +37 -0
regscale/validation/record.py +48 -0
regscale/visualization/__init__.py +5 -0
regscale/visualization/click.py +34 -0
regscale_cli-6.16.0.0.dist-info/LICENSE +21 -0
regscale_cli-6.16.0.0.dist-info/METADATA +659 -0
regscale_cli-6.16.0.0.dist-info/RECORD +481 -0
regscale_cli-6.16.0.0.dist-info/WHEEL +5 -0
regscale_cli-6.16.0.0.dist-info/entry_points.txt +6 -0
regscale_cli-6.16.0.0.dist-info/top_level.txt +2 -0
tests/fixtures/__init__.py +2 -0
tests/fixtures/api.py +87 -0
tests/fixtures/models.py +91 -0
tests/fixtures/test_fixture.py +144 -0
tests/mocks/__init__.py +0 -0
tests/mocks/objects.py +3 -0
tests/mocks/response.py +32 -0
tests/mocks/xml.py +13 -0
tests/regscale/__init__.py +0 -0
tests/regscale/core/__init__.py +0 -0
tests/regscale/core/test_api.py +232 -0
tests/regscale/core/test_app.py +406 -0
tests/regscale/core/test_login.py +37 -0
tests/regscale/core/test_logz.py +66 -0
tests/regscale/core/test_sbom_generator.py +87 -0
tests/regscale/core/test_validation_utils.py +163 -0
tests/regscale/core/test_version.py +78 -0
tests/regscale/models/__init__.py +0 -0
tests/regscale/models/test_asset.py +71 -0
tests/regscale/models/test_config.py +26 -0
tests/regscale/models/test_control_implementation.py +27 -0
tests/regscale/models/test_import.py +97 -0
tests/regscale/models/test_issue.py +36 -0
tests/regscale/models/test_mapping.py +52 -0
tests/regscale/models/test_platform.py +31 -0
tests/regscale/models/test_regscale_model.py +346 -0
tests/regscale/models/test_report.py +32 -0
tests/regscale/models/test_tenable_integrations.py +118 -0
tests/regscale/models/test_user_model.py +121 -0
tests/regscale/test_about.py +19 -0
tests/regscale/test_authorization.py +65 -0

regscale/models/integration_models/burp.py ADDED Viewed

@@ -0,0 +1,433 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+"""Pydantic model for a Burp Scan"""
+import os
+import re
+import shutil
+from datetime import datetime, timedelta
+from pathlib import Path
+from typing import Any, Generator, List, Optional, TextIO
+from urllib.parse import urlparse
+from xml.etree.ElementTree import Element, ParseError, fromstring, parse
+from regscale.core.app.api import Api
+from regscale.core.app.application import Application
+from regscale.core.app.logz import create_logger
+from regscale.core.app.utils.app_utils import check_file_path, get_current_datetime
+from regscale.integrations.scanner_integration import IntegrationAsset, IntegrationFinding
+from regscale.models.integration_models.burp_models import BurpRequest, BurpResponse, Issue, RequestResponse
+from regscale.models.regscale_models import File
+from regscale.models.regscale_models import Issue as RegscaleIssue
+# standard python imports
+class Burp:
+    """Burp Scan information"""
+    def __init__(self, app: Application, file_path: str, encoding="utf-8", **kwargs) -> "Burp":
+        logger = create_logger("Burp")
+        logger.info("Now processing %s", file_path)
+        self.integration_assets: Generator[IntegrationAsset, None, None] = (x for x in [])
+        self.integration_findings: Generator[IntegrationFinding, None, None] = (x for x in [])
+        self.num_assets = 0
+        self.num_findings = 0
+        self.job_complete = False
+        self.logger = logger
+        self.app = app
+        self.api = Api()
+        self.parent_id = 0
+        self.parent_module = "assets"
+        if "parentId" in kwargs and kwargs["parentId"]:
+            self.parent_id = kwargs["parentId"]
+        if "parentModule" in kwargs and kwargs["parentModule"]:
+            self.parent_module = kwargs["parentModule"]
+        self.encoding = encoding
+        self.file_path = Path(file_path)
+        self.version = None
+        self.export_time = None
+        self.burp_issues = []
+        self.existing_issues = []
+        self.from_file()
+    def move_files(self, upload_file: Optional[bool] = True) -> None:
+        """
+        Move files to processed directory and upload to RegScale after processing
+        :param Optional[bool] upload_file: Whether to upload the file to RegScale after processing. Default is True.
+        :rtype: None
+        """
+        api = Api()
+        # Create processed directory if it doesn't exist, and copy file to it.
+        new_file_path: Path = Path()
+        processed_dir = self.file_path.parent / "processed"
+        check_file_path(str(processed_dir.absolute()))
+        try:
+            if self.parent_id and self.job_complete:
+                file_name = f"{self.file_path.stem}_{get_current_datetime('%Y%m%d-%I%M%S%p')}".replace(" ", "_")
+                # Rename to friendly file name and post to Regscale
+                new_file_path = self.file_path.rename(self.file_path.parent / (file_name + ".xml"))
+                self.logger.info(
+                    "Renaming %s to %s...",
+                    self.file_path.name,
+                    new_file_path.name,
+                )
+                if upload_file and File.upload_file_to_regscale(
+                    file_name=str(new_file_path.absolute()),
+                    parent_id=self.parent_id,
+                    parent_module="securityplans",
+                    api=api,
+                ):
+                    self.logger.info("Uploaded %s to RegScale securityplans #%i.", new_file_path.name, self.parent_id)
+                shutil.move(new_file_path, processed_dir)
+                try:
+                    # Clean up the gzipped file created
+                    os.remove(new_file_path.with_suffix(".gz"))
+                except FileNotFoundError:
+                    self.logger.debug(
+                        "File %s already exists in %s",
+                        new_file_path.with_suffix(".gz").name,
+                        processed_dir,
+                    )
+        except shutil.Error:
+            self.logger.debug(
+                "File %s already exists in %s",
+                new_file_path.name,
+                processed_dir,
+            )
+    def from_file(self) -> None:
+        """
+        Read Burp Scan file
+        :rtype: None
+        """
+        self.logger.debug(os.getcwd())
+        try:
+            with open(file=self.file_path, mode="r", encoding=self.encoding) as file:
+                root = self.file_root_element(file)
+                self.version = root.attrib["burpVersion"]
+                self.export_time = root.attrib["exportTime"]
+                self.gen_findings(root)
+                self.gen_assets()
+                self.job_complete = True
+        except (FileNotFoundError, ParseError):
+            self.logger.error("File not found: %s", self.file_path)
+    @staticmethod
+    def file_root_element(file: TextIO) -> Element:
+        """
+        Function returns the root element for tree of given file with scan results
+        :param TextIO file: file with scan results
+        :return: root element for this tree
+        :rtype: Element
+        """
+        scan_file_parsed = parse(file)
+        root = scan_file_parsed.getroot()
+        return root
+    def create_issue(self, xml: Element) -> Issue:
+        """
+        Create an issue from the XML
+        :param Element xml: XML
+        :return: Issue object from XML
+        :rtype: Issue
+        """
+        issue = Issue()
+        issue.serialNumber = self.get(xml, "serialNumber")
+        issue.type = self.get(xml, "type")
+        issue.host = self.get_domain_name(self.get(xml, "host"))
+        issue.path = self.get(xml, "path")
+        issue.name = self.get(xml, "name")
+        issue.location = self.get(xml, "location")
+        issue.severity = self.get(xml, "severity")
+        issue.confidence = self.get(xml, "confidence")
+        issue.background = self.strip_html_tags(self.get(xml, "issueBackground"))
+        issue.detail = self.get(xml, "issueDetail")
+        issue.remediation_background = self.strip_html_tags(self.get(xml, "remediationBackground"))
+        issue.remediation_detail = self.strip_html_tags(self.get(xml, "remediationDetail"))
+        issue.links = self.extract_links(self.get(xml, "vulnerabilityClassifications"))
+        issue.cwes = self.extract_classifications(self.get(xml, "vulnerabilityClassifications"))
+        issue.request_response = self.get_io(xml)
+        return issue
+    def create_regscale_finding(self, issue: Issue, scan_time: datetime, fmt: str) -> Optional[IntegrationFinding]:
+        """
+        Create a RegScale finding from a Burp Issue
+        :param Issue issue: Burp Issue
+        :param datetime scan_time: Scan time
+        :param str fmt: Format for datetime object
+        :return: RegScale Issue
+        :rtype: Optional[IntegrationFinding]
+        """
+        remediation_actions = None
+        if issue.severity.lower() == "info":
+            return None
+        due_date = self.get_due_delta(issue.severity)
+        if issue.detail and issue.remediation_background:
+            remediation_actions = issue.detail + "<br>" + issue.remediation_background
+        elif issue.remediation_background:
+            remediation_actions = issue.remediation_background
+        elif issue.detail:
+            remediation_actions = issue.detail
+        # No CVE available, must use background
+        cve = self.extract_cve(issue.background)
+        external_id = str(hex(int(issue.type)) if issue.type and (issue.type).isdigit() else issue.type).replace(
+            "0x", "0x00"
+        )  # Use burp hexidecimal issue type and format as external_id
+        finding = IntegrationFinding(
+            control_labels=[],  # Add an empty list for control_labels
+            category="Burp Vulnerability",  # Add a default category
+            title=issue.name,
+            description=(issue.background if issue.background else "")[:255],
+            severity=RegscaleIssue.assign_severity(issue.severity),
+            status="Open",
+            asset_identifier=issue.host,
+            external_id=external_id,
+            remediation=(remediation_actions if remediation_actions else "update affected package")[:255],
+            cvss_score=None,
+            cve=cve,
+            cvss_v3_base_score=None,
+            source_rule_id=str(issue.type),
+            vulnerability_type="Vulnerability Scan",
+            baseline="Burp Host",
+            recommendation_for_mitigation=issue.remediation_background,
+            results=issue.detail,
+            plugin_name=issue.type,
+            plugin_id=issue.type,
+            ip_address=issue.host,
+        )
+        if issue.detail:
+            finding.description = finding.description + "<br>" + issue.detail
+        if issue.cwes:
+            finding.description = finding.description + "<br>" + ", ".join(issue.cwes)
+        finding.first_seen = datetime.strftime(scan_time, fmt)
+        finding.last_seen = datetime.strftime(scan_time, fmt)
+        if scan_time + timedelta(days=due_date) < datetime.now():
+            finding.due_date = datetime.strftime(datetime.now() + timedelta(days=due_date), fmt)
+        else:
+            finding.due_date = datetime.strftime(scan_time + timedelta(days=due_date), fmt)
+        finding.basis_for_adjustment = "Burp Scan import"
+        return finding
+    def gen_findings(self, root: Element) -> None:
+        """
+        Generate issues
+        :param Element root: Root
+        :rtype: None
+        """
+        issues = []
+        findings = set()
+        self.existing_issues = RegscaleIssue.get_all_by_parent(parent_id=self.parent_id, parent_module="securityplans")
+        root_issues = root.findall("issue")
+        fmt = "%Y-%m-%d %H:%M:%S"
+        scan_time = datetime.strptime(root.attrib["exportTime"], "%a %b %d %H:%M:%S %Z %Y")
+        for xml in root_issues:
+            issue = self.create_issue(xml)
+            issues.append(issue)
+            regscale_finding = self.create_regscale_finding(issue, scan_time, fmt)
+            if regscale_finding and regscale_finding not in findings:
+                findings.add(regscale_finding)
+                self.num_findings += 1
+        self.burp_issues = issues
+        self.integration_findings = (x for x in findings)
+    def get_due_delta(self, severity: str) -> int:
+        """
+        Find the due delta from the config file
+        :param str severity: The severity level
+        :return: Due date delta
+        :rtype: int
+        """
+        # Leave at Tenable for now
+        due_delta = self.app.config["issues"]["tenable"]["low"]
+        if severity.lower() in ["medium", "moderate"]:
+            due_delta = self.app.config["issues"]["tenable"]["moderate"]
+        elif severity.lower() == "high":
+            due_delta = self.app.config["issues"]["tenable"]["high"]
+        elif severity.lower() == "critical":
+            due_delta = self.app.config["issues"]["tenable"]["critical"]
+        return due_delta
+    @classmethod
+    def get(cls, item: Any, key: Any) -> Optional[Any]:
+        """
+        Get item
+        :param Any item: Object to try and get value from
+        :param Any key: The key to get the value with
+        :return: item stored at the provided key, or None if not found
+        :rtype: Optional[Any]
+        """
+        try:
+            return item.find(key).text
+        except (AttributeError, KeyError):
+            return None
+    @staticmethod
+    def extract_numbers(string: str) -> List[int]:
+        """
+        Extract numbers from string
+        :param str string: string with numbers
+        :return: List of numbers found in provided string
+        :rtype: List[int]
+        """
+        return re.findall(r"\d+", string)
+    @staticmethod
+    def get_request_response(item: Element) -> RequestResponse:
+        """
+        Get the Request/Response object
+        :param Element item: item
+        :return: The Request/Response object
+        :rtype: RequestResponse
+        """
+        request_data = item.find(".//request")
+        if response_data := item.find(".//response"):
+            base64_dat = bool(request_data.attrib["base64"]) if "base64" in item.attrib else False
+            response_data_is_base64 = BurpResponse.is_base64(response_data.text)
+            method = request_data.attrib["method"] if "method" in item.attrib else "GET"
+            request = (
+                BurpRequest(dataString=request_data.text, base64=base64_dat, method=method)
+                if BurpRequest.is_base64(request_data.text)
+                else None
+            )
+            response = BurpResponse(
+                dataString=response_data.text if response_data_is_base64 else None,
+                base64=(bool(item.find(".//response").attrib["base64"]) if response_data_is_base64 else False),
+            )
+            return RequestResponse(request=request, response=response)
+        return RequestResponse(request=None, response=None)
+    def get_io(self, xml: Element) -> RequestResponse:
+        """
+        Generate the Response Request object
+        :param Element xml: xml
+        :return: The Request/Response object
+        :rtype: RequestResponse
+        """
+        for item in xml.findall("requestresponse"):
+            dat = item.find(".//request")
+            if dat.tag == "request":
+                return self.get_request_response(item)
+    def gen_assets(self) -> None:
+        """
+        Generate RegScale Assets from Burp Issues
+        :rtype: None
+        :return: None
+        """
+        assets: List[IntegrationAsset] = []
+        for issue in self.burp_issues:
+            host_name = None
+            hosts = self.extract_ip_address(issue.host)
+            host_name = issue.host
+            if hosts:
+                host_name = hosts[0]
+            integration_asset = IntegrationAsset(
+                name=host_name,
+                identifier=host_name,
+                asset_type="Virtual Machine (VM)",
+                asset_owner_id=self.app.config["userId"],
+                parent_id=self.parent_id,
+                parent_module=self.parent_module,
+                asset_category="Hardware",
+                date_last_updated=get_current_datetime(),
+                status="Active (On Network)",
+                ip_address=host_name if hosts else None,
+                is_public_facing=False,
+                mac_address="",
+                fqdn="",
+                disk_storage=0,
+                cpu=0,
+                ram=0,
+            )
+            if integration_asset.name not in [asset.name for asset in assets]:
+                assets.append(integration_asset)
+                self.num_assets += 1
+        self.integration_assets = (x for x in assets)
+    @staticmethod
+    def extract_ip_address(string: str) -> List[str]:
+        """
+        Extract IP address from string
+        :param str string: string to extract IP address from
+        :return: List of IP addresses found in provided string
+        :rtype: List[str]
+        """
+        ip_pattern = r"\b(?:\d{1,3}\.){3}\d{1,3}\b"
+        return re.findall(ip_pattern, string)
+    @staticmethod
+    def extract_links(html: str) -> List[str]:
+        """
+        Extract links from html with standard library
+        :param str html: HTML
+        :return: List containing links found in the provided HTML string
+        :rtype: List[str]
+        """
+        root = fromstring(html)
+        return [link.attrib["href"] for link in root.iter("a")]
+    @staticmethod
+    def extract_classifications(html: str) -> List[str]:
+        """
+        Extract classifications from html with standard library
+        :param str html: HTML to parse classifications from
+        :return: List containing classifications found in the provided HTML string
+        :rtype: List[str]
+        """
+        root = fromstring(html)
+        return [link.text.strip() for link in root.iter("a")]
+    def get_domain_name(self, url: str) -> str:
+        """
+        Get the domain name from a URL
+        :param str url: URL
+        :return: Domain name
+        :rtype: str
+        """
+        parsed_url = urlparse(url)
+        domain_name = parsed_url.hostname
+        return domain_name
+    def strip_html_tags(self, text: str) -> str:
+        """
+        Strip HTML tags from a string.
+        :param str text: The string containing HTML tags
+        :return: The string without HTML tags
+        :rtype: str
+        """
+        if not text:
+            return text
+        clean = re.sub(r"<.*?>", "", text)
+        return clean
+    def extract_cve(self, input_string: str) -> Optional[str]:
+        """
+        Extract CVEs from a string.
+        :param str input_string: The string to extract CVEs from
+        :return: List of CVEs found in the provided string
+        :rtype: Optional[str]
+        """
+        cve_pattern = r"CVE-\d{4}-\d{4,7}"
+        cve_ids = re.findall(cve_pattern, input_string)
+        return cve_ids.pop() if cve_ids else None

regscale/models/integration_models/burp_models.py ADDED Viewed

@@ -0,0 +1,128 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+"""Pydantic models for Burp Scans"""
+# standard python imports
+import base64
+import json
+from typing import List, Optional, Union, Any
+from pydantic import BaseModel
+from regscale.models.integration_models.base64 import Base64String
+class BurpResponse(BaseModel):
+    """Response information"""
+    base64: Optional[bool] = None
+    dataString: Optional[Union[Base64String, str]] = None
+    def convert_to_response(self) -> Optional[str]:
+        """
+        Convert base64 encoded response to a requests Response object
+        :return: Base64 decoded response as a string
+        :rtype: Optional[str]
+        """
+        try:
+            bytes_data = base64.b64decode(self.dataString)
+            if bytes_data:
+                # Decode bytes to string
+                res = bytes_data.decode("utf-8")
+        except Exception:
+            res = None
+        return res
+    def convert_to_json(self) -> Optional[dict]:
+        """
+        Convert base64 encoded response to a JSON object
+        :return: Base64 decoded response as a JSON object or None
+        :rtype: Optional[dict]
+        """
+        res = self.convert_to_response()
+        data = None
+        if res:
+            # Find the start and end of the JSON data
+            start = res.find("{")  # +1 to include the closing brace
+            # Extract the JSON data and convert it to a Python dictionary
+            try:
+                data = json.loads(res[start:])
+            except json.decoder.JSONDecodeError:
+                data = None
+        return data
+    @classmethod
+    def is_base64(cls, sb: Any) -> bool:
+        """
+        Check if string is base64 encoded
+        :param Any sb: String to check
+        :raises ValueError: If argument is not a string or bytes
+        :return: True if base64 encoded
+        :rtype: bool
+        """
+        try:
+            if isinstance(sb, str):
+                # If there's any unicode here, an exception will be thrown and the function will return false
+                sb_bytes = bytes(sb, "ascii")
+            elif isinstance(sb, bytes):
+                sb_bytes = sb
+            else:
+                raise ValueError("Argument must be string or bytes")
+            # If this works, there's base64-encoded data here.
+            _ = base64.b64encode(base64.b64decode(sb_bytes)) == sb_bytes
+        except Exception:
+            return False
+        return True
+class Host(BaseModel):
+    """Host information"""
+    ip: str
+    hostname: str
+class IssueDetailItem(BaseModel):
+    """Issue Detail Item information"""
+    issueDetailItem: Optional[str] = None
+class BurpRequest(BurpResponse):
+    """Request information"""
+    method: str
+class RequestResponse(BaseModel):
+    """Request Response information"""
+    request: Optional[BurpRequest] = None
+    response: Optional[BurpResponse] = None
+class Issue(BaseModel):
+    """Issue information"""
+    serialNumber: Optional[str] = None
+    type: Optional[str] = None
+    name: Optional[str] = None
+    host: Optional[Host] = None
+    path: Optional[str] = None
+    location: Optional[str] = None
+    severity: Optional[str] = None
+    confidence: Optional[str] = None
+    background: Optional[str] = None
+    remediation_background: Optional[str] = None
+    detail: Optional[str] = None
+    detail_items: Optional[List[IssueDetailItem]] = None
+    request_response: Optional[RequestResponse] = None
+    remediation_detail: Optional[str] = None
+    references: Optional[str] = None
+    vulnerability_classifications: Optional[str] = None
+    cwes: Optional[List[str]] = None
+    links: Optional[List[str]] = None