souleyez 2.43.28__py3-none-any.whl → 2.43.32__py3-none-any.whl

souleyez/parsers/nuclei_parser.py

@@ -20,19 +20,13 @@ def parse_nuclei(log_path: str, target: str) -> Dict[str, Any]:
         Dict containing parsed findings with severity breakdown
     """
     findings = []
-    severity_counts = {
-        'critical': 0,
-        'high': 0,
-        'medium': 0,
-        'low': 0,
-        'info': 0
-    }
+    severity_counts = {"critical": 0, "high": 0, "medium": 0, "low": 0, "info": 0}
 
     try:
-        with open(log_path, 'r', encoding='utf-8') as f:
+        with open(log_path, "r", encoding="utf-8") as f:
             for line in f:
                 # Skip comment lines (metadata)
-                if line.startswith('#'):
+                if line.startswith("#"):
                     continue
 
                 line = line.strip()
@@ -43,33 +37,35 @@ def parse_nuclei(log_path: str, target: str) -> Dict[str, Any]:
                     result = json.loads(line)
 
                     # Extract finding information
-                    info = result.get('info', {})
-                    severity = info.get('severity', 'info').lower()
+                    info = result.get("info", {})
+                    severity = info.get("severity", "info").lower()
 
                     finding = {
-                        'template_id': result.get('template-id', result.get('templateID')),
-                        'name': info.get('name'),
-                        'severity': severity,
-                        'description': info.get('description'),
-                        'tags': info.get('tags', []),
-                        'matched_at': result.get('matched-at', result.get('matched')),
-                        'matcher_name': result.get('matcher-name'),
-                        'extracted_results': result.get('extracted-results', []),
-                        'curl_command': result.get('curl-command'),
-                        'type': result.get('type'),
-                        'host': result.get('host'),
-                        'metadata': info.get('metadata', {}),
+                        "template_id": result.get(
+                            "template-id", result.get("templateID")
+                        ),
+                        "name": info.get("name"),
+                        "severity": severity,
+                        "description": info.get("description"),
+                        "tags": info.get("tags", []),
+                        "matched_at": result.get("matched-at", result.get("matched")),
+                        "matcher_name": result.get("matcher-name"),
+                        "extracted_results": result.get("extracted-results", []),
+                        "curl_command": result.get("curl-command"),
+                        "type": result.get("type"),
+                        "host": result.get("host"),
+                        "metadata": info.get("metadata", {}),
                     }
 
                     # Extract CVE ID if present
-                    classification = info.get('classification', {})
+                    classification = info.get("classification", {})
                     if classification:
-                        finding['cve_id'] = classification.get('cve-id')
-                        finding['cvss_score'] = classification.get('cvss-score')
-                        finding['cwe_id'] = classification.get('cwe-id')
+                        finding["cve_id"] = classification.get("cve-id")
+                        finding["cvss_score"] = classification.get("cvss-score")
+                        finding["cwe_id"] = classification.get("cwe-id")
 
                     # Extract reference links
-                    finding['references'] = info.get('reference', [])
+                    finding["references"] = info.get("reference", [])
 
                     findings.append(finding)
                     severity_counts[severity] = severity_counts.get(severity, 0) + 1
@@ -80,24 +76,24 @@ def parse_nuclei(log_path: str, target: str) -> Dict[str, Any]:
 
     except FileNotFoundError:
         return {
-            'tool': 'nuclei',
-            'target': target,
-            'error': 'Log file not found',
-            'findings_count': 0,
-            'findings': []
+            "tool": "nuclei",
+            "target": target,
+            "error": "Log file not found",
+            "findings_count": 0,
+            "findings": [],
         }
 
     return {
-        'tool': 'nuclei',
-        'target': target,
-        'findings_count': len(findings),
-        'critical': severity_counts['critical'],
-        'high': severity_counts['high'],
-        'medium': severity_counts['medium'],
-        'low': severity_counts['low'],
-        'info': severity_counts['info'],
-        'findings': findings,
-        'severity_breakdown': severity_counts
+        "tool": "nuclei",
+        "target": target,
+        "findings_count": len(findings),
+        "critical": severity_counts["critical"],
+        "high": severity_counts["high"],
+        "medium": severity_counts["medium"],
+        "low": severity_counts["low"],
+        "info": severity_counts["info"],
+        "findings": findings,
+        "severity_breakdown": severity_counts,
     }
 
 
@@ -113,7 +109,7 @@ def parse_nuclei_output(content: str, target: str) -> Dict[str, Any]:
         Parsed nuclei data structure
     """
     # Write content to temp file and call existing parse_nuclei
-    with tempfile.NamedTemporaryFile(mode='w', suffix='.log', delete=False) as f:
+    with tempfile.NamedTemporaryFile(mode="w", suffix=".log", delete=False) as f:
         f.write(content)
         temp_path = f.name
 

souleyez/parsers/responder_parser.py

@@ -24,7 +24,7 @@ def parse_responder(log_path: str, interface: str) -> Dict:
     hash_files = list(log_dir.glob("*NTLMv2*.txt"))
 
     for hash_file in hash_files:
-        with open(hash_file, 'r') as f:
+        with open(hash_file, "r") as f:
             for line in f:
                 line = line.strip()
                 if not line or line.startswith("#"):
@@ -35,18 +35,18 @@ def parse_responder(log_path: str, interface: str) -> Dict:
                     credentials.append(cred)
 
     return {
-        'tool': 'responder',
-        'interface': interface,
-        'credentials_captured': len(credentials),
-        'credentials': credentials,
-        'hash_files': [str(f) for f in hash_files],
-        'summary': f"Captured {len(credentials)} NTLMv2 hash(es) from {len(hash_files)} file(s)"
+        "tool": "responder",
+        "interface": interface,
+        "credentials_captured": len(credentials),
+        "credentials": credentials,
+        "hash_files": [str(f) for f in hash_files],
+        "summary": f"Captured {len(credentials)} NTLMv2 hash(es) from {len(hash_files)} file(s)",
     }
 
 
 def _parse_ntlmv2_hash(hash_line: str, filename: str) -> Dict:
     """Parse NTLMv2 hash line."""
-    protocol_match = re.match(r'([A-Z]+)-NTLMv2', filename)
+    protocol_match = re.match(r"([A-Z]+)-NTLMv2", filename)
     protocol = protocol_match.group(1) if protocol_match else "Unknown"
 
     parts = hash_line.split(":")
@@ -65,14 +65,14 @@ def _parse_ntlmv2_hash(hash_line: str, filename: str) -> Dict:
         return None
 
     return {
-        'username': username,
-        'domain': domain,
-        'protocol': protocol,
-        'hash_type': 'NTLMv2',
-        'hash': hash_line,
-        'challenge': challenge,
-        'response': response,
-        'source': 'responder'
+        "username": username,
+        "domain": domain,
+        "protocol": protocol,
+        "hash_type": "NTLMv2",
+        "hash": hash_line,
+        "challenge": challenge,
+        "response": response,
+        "source": "responder",
     }
 
 
@@ -89,18 +89,18 @@ def store_responder_results(result: Dict, engagement_id: int, job_id: int):
 
     cm = CredentialsManager(engagement_id)
 
-    for cred in result.get('credentials', []):
+    for cred in result.get("credentials", []):
         cm.add_credential(
             username=f"{cred['domain']}\\{cred['username']}",
-            password=cred['hash'],
-            service=cred['protocol'].lower(),
+            password=cred["hash"],
+            service=cred["protocol"].lower(),
             host=None,
-            status='captured',
+            status="captured",
             source=f'responder_{cred["protocol"]}',
-            notes=f"NTLMv2 hash captured via {cred['protocol']} poisoning"
+            notes=f"NTLMv2 hash captured via {cred['protocol']} poisoning",
         )
 
-    if result['credentials_captured'] > 0:
+    if result["credentials_captured"] > 0:
         from souleyez.storage.findings import FindingsManager
 
         fm = FindingsManager()
@@ -108,8 +108,8 @@ def store_responder_results(result: Dict, engagement_id: int, job_id: int):
             engagement_id=engagement_id,
             title=f"LLMNR/NBT-NS Poisoning - {result['credentials_captured']} Credential(s) Captured",
             description=f"Responder successfully captured {result['credentials_captured']} NTLMv2 hash(es) "
-                        f"via LLMNR/NBT-NS poisoning. These hashes can be cracked offline.",
-            severity='high',
-            tool='responder',
-            evidence=result['summary']
+            f"via LLMNR/NBT-NS poisoning. These hashes can be cracked offline.",
+            severity="high",
+            tool="responder",
+            evidence=result["summary"],
         )

souleyez/parsers/searchsploit_parser.py

@@ -17,15 +17,15 @@ def _load_exploitdb_csv() -> Dict[str, Dict[str, str]]:
         Dict mapping EDB-ID to exploit metadata (platform, type, date_published)
     """
     csv_paths = [
-        '/usr/share/exploitdb/files_exploits.csv',
-        '/usr/share/exploitdb/files.csv',
+        "/usr/share/exploitdb/files_exploits.csv",
+        "/usr/share/exploitdb/files.csv",
     ]
 
     for csv_path in csv_paths:
         if Path(csv_path).exists():
             try:
                 exploits_db = {}
-                with open(csv_path, 'r', encoding='utf-8', errors='replace') as f:
+                with open(csv_path, "r", encoding="utf-8", errors="replace") as f:
                     reader = csv.reader(f)
                     next(reader)  # Skip header
 
@@ -35,9 +35,9 @@ def _load_exploitdb_csv() -> Dict[str, Dict[str, str]]:
 
                         edb_id = row[0]
                         exploits_db[edb_id] = {
-                            'platform': row[6] if len(row) > 6 else '',
-                            'type': row[5] if len(row) > 5 else '',
-                            'date_published': row[3] if len(row) > 3 else '',
+                            "platform": row[6] if len(row) > 6 else "",
+                            "type": row[5] if len(row) > 5 else "",
+                            "date_published": row[3] if len(row) > 3 else "",
                         }
 
                 return exploits_db
@@ -61,11 +61,11 @@ def _extract_edb_id(url: str) -> Optional[str]:
     if not url:
         return None
 
-    match = re.search(r'/exploits/(\d+)/?$', url)
+    match = re.search(r"/exploits/(\d+)/?$", url)
     if match:
         return match.group(1)
 
-    match = re.search(r'/shellcodes/(\d+)/?$', url)
+    match = re.search(r"/shellcodes/(\d+)/?$", url)
     if match:
         return match.group(1)
 
@@ -89,18 +89,18 @@ def parse_searchsploit(log_path: str, target: str) -> Dict[str, Any]:
         # Load exploitdb CSV database once for all exploits
         exploits_db = _load_exploitdb_csv()
 
-        with open(log_path, 'r', encoding='utf-8') as f:
+        with open(log_path, "r", encoding="utf-8") as f:
             content = f.read()
 
             # Find JSON content (skip metadata header)
-            json_start = content.find('{')
+            json_start = content.find("{")
             if json_start == -1:
                 return {
-                    'tool': 'searchsploit',
-                    'target': target,
-                    'exploit_count': 0,
-                    'exploits': [],
-                    'error': 'No JSON output found'
+                    "tool": "searchsploit",
+                    "target": target,
+                    "exploit_count": 0,
+                    "exploits": [],
+                    "error": "No JSON output found",
                 }
 
             json_content = content[json_start:]
@@ -111,9 +111,9 @@ def parse_searchsploit(log_path: str, target: str) -> Dict[str, Any]:
                 bracket_count = 0
                 json_end = 0
                 for i, char in enumerate(json_content):
-                    if char == '{':
+                    if char == "{":
                         bracket_count += 1
-                    elif char == '}':
+                    elif char == "}":
                         bracket_count -= 1
                         if bracket_count == 0:
                             json_end = i + 1
@@ -128,105 +128,105 @@ def parse_searchsploit(log_path: str, target: str) -> Dict[str, Any]:
                 data = json.loads(json_content)
 
         # Parse results
-        for result in data.get('RESULTS_EXPLOIT', []):
+        for result in data.get("RESULTS_EXPLOIT", []):
             # searchsploit --json provides these fields directly
-            edb_id = result.get('EDB-ID', '')
+            edb_id = result.get("EDB-ID", "")
 
             # URL may be provided or we construct it from EDB-ID
-            url = result.get('URL', '')
+            url = result.get("URL", "")
             if not url and edb_id:
-                url = f'https://www.exploit-db.com/exploits/{edb_id}'
+                url = f"https://www.exploit-db.com/exploits/{edb_id}"
 
             # If EDB-ID not in result, try extracting from URL
             if not edb_id:
-                edb_id = _extract_edb_id(url) or ''
+                edb_id = _extract_edb_id(url) or ""
 
             # Get metadata directly from result (newer searchsploit format)
             # Fall back to CSV lookup if not present
-            date = result.get('Date_Published', result.get('Date_Added', ''))
-            platform = result.get('Platform', '')
-            exploit_type = result.get('Type', '')
+            date = result.get("Date_Published", result.get("Date_Added", ""))
+            platform = result.get("Platform", "")
+            exploit_type = result.get("Type", "")
 
             # If metadata not in result, look up from CSV database
             if not (date or platform or exploit_type):
                 metadata = exploits_db.get(str(edb_id), {}) if edb_id else {}
-                date = date or metadata.get('date_published', '')
-                platform = platform or metadata.get('platform', '')
-                exploit_type = exploit_type or metadata.get('type', '')
+                date = date or metadata.get("date_published", "")
+                platform = platform or metadata.get("platform", "")
+                exploit_type = exploit_type or metadata.get("type", "")
 
             exploit = {
-                'title': result.get('Title', ''),
-                'path': result.get('Path', ''),
-                'edb_id': str(edb_id),
-                'date': date,
-                'platform': platform,
-                'type': exploit_type,
-                'url': url,
-                'verified': result.get('Verified', '0') == '1',
-                'codes': result.get('Codes', ''),  # CVE codes
+                "title": result.get("Title", ""),
+                "path": result.get("Path", ""),
+                "edb_id": str(edb_id),
+                "date": date,
+                "platform": platform,
+                "type": exploit_type,
+                "url": url,
+                "verified": result.get("Verified", "0") == "1",
+                "codes": result.get("Codes", ""),  # CVE codes
             }
             exploits.append(exploit)
 
         # Also check for shellcode results
-        for result in data.get('RESULTS_SHELLCODE', []):
-            edb_id = result.get('EDB-ID', '')
-            url = result.get('URL', '')
+        for result in data.get("RESULTS_SHELLCODE", []):
+            edb_id = result.get("EDB-ID", "")
+            url = result.get("URL", "")
             if not url and edb_id:
-                url = f'https://www.exploit-db.com/shellcodes/{edb_id}'
+                url = f"https://www.exploit-db.com/shellcodes/{edb_id}"
 
             if not edb_id:
-                edb_id = _extract_edb_id(url) or ''
+                edb_id = _extract_edb_id(url) or ""
 
-            date = result.get('Date_Published', result.get('Date_Added', ''))
-            platform = result.get('Platform', '')
+            date = result.get("Date_Published", result.get("Date_Added", ""))
+            platform = result.get("Platform", "")
 
             # Look up metadata from CSV database if not in result
             if not (date or platform):
                 metadata = exploits_db.get(str(edb_id), {}) if edb_id else {}
-                date = date or metadata.get('date_published', '')
-                platform = platform or metadata.get('platform', '')
+                date = date or metadata.get("date_published", "")
+                platform = platform or metadata.get("platform", "")
 
             exploit = {
-                'title': result.get('Title', ''),
-                'path': result.get('Path', ''),
-                'edb_id': str(edb_id),
-                'date': date,
-                'platform': platform,
-                'type': 'shellcode',
-                'url': url,
-                'verified': result.get('Verified', '0') == '1',
-                'codes': result.get('Codes', ''),
+                "title": result.get("Title", ""),
+                "path": result.get("Path", ""),
+                "edb_id": str(edb_id),
+                "date": date,
+                "platform": platform,
+                "type": "shellcode",
+                "url": url,
+                "verified": result.get("Verified", "0") == "1",
+                "codes": result.get("Codes", ""),
             }
             exploits.append(exploit)
 
     except FileNotFoundError:
         return {
-            'tool': 'searchsploit',
-            'target': target,
-            'error': 'Log file not found',
-            'exploit_count': 0,
-            'exploits': []
+            "tool": "searchsploit",
+            "target": target,
+            "error": "Log file not found",
+            "exploit_count": 0,
+            "exploits": [],
         }
     except json.JSONDecodeError as e:
         return {
-            'tool': 'searchsploit',
-            'target': target,
-            'error': f'JSON parse error: {e}',
-            'exploit_count': 0,
-            'exploits': []
+            "tool": "searchsploit",
+            "target": target,
+            "error": f"JSON parse error: {e}",
+            "exploit_count": 0,
+            "exploits": [],
         }
     except Exception as e:
         return {
-            'tool': 'searchsploit',
-            'target': target,
-            'error': f'Parse error: {e}',
-            'exploit_count': 0,
-            'exploits': []
+            "tool": "searchsploit",
+            "target": target,
+            "error": f"Parse error: {e}",
+            "exploit_count": 0,
+            "exploits": [],
         }
 
     return {
-        'tool': 'searchsploit',
-        'target': target,
-        'exploit_count': len(exploits),
-        'exploits': exploits
+        "tool": "searchsploit",
+        "target": target,
+        "exploit_count": len(exploits),
+        "exploits": exploits,
     }