class NipperParser::VulnerabilityAudit
VulnerabilityAudit
parse the 'Vulnerability Audit' part.
Vulnerability Audit part contains the following sections: - introduction - CVEs - Conclusions - Recommendations
@example Basic Usage:
require 'nokogiri' require 'pp' config = Nokogiri::XML open(ARGV[0]) vulnerability_audit = NipperParser::VulnerabilityAudit.new(config) pp vulnerability_audit.class pp vulnerability_audit.introduction pp vulnerability_audit.introduction.excluded_devices cve = vulnerability_audit.cves[0] pp cve.title pp cve.rating pp cve.summary pp cve.affected_devices pp cve.vendor_sec_advisories pp cve.references pp nipper_parser.vulnerability_audit.conclusions pp nipper_parser.vulnerability_audit.conclusions.list_critical pp nipper_parser.vulnerability_audit.recommendations
@param config [Nokogiri::XML] parsed XML @attr_reader title the report title @attr_reader config a parsed XML [Nokogiri::XML] object
Constants
- CVE
- Conclusion
- Introduction
Skeleton for
SecurityAudit
parts- Recommendations
Attributes
config[R]
title[R]
Public Class Methods
new(config)
click to toggle source
@param config [Nokogiri::XML::Document]
# File lib/nipper_parser/parsers/vulnerability_audit.rb, line 59 def initialize(config) part = config.xpath("//report/part[@ref='VULNAUDIT']") @config = part[0].elements @title = part[0].attributes['title'].text end
Public Instance Methods
conclusions()
click to toggle source
Conclusions
# File lib/nipper_parser/parsers/vulnerability_audit.rb, line 110 def conclusions conc = @config.search("section[@ref='VULNAUDIT.CONCLUSIONS']")[0] attribute = attributes(conc) index = attribute.index title = attribute.title reference = attribute.ref per_device = generate_table(conc.elements[1].elements) summary_findings = generate_table(conc.elements[3].elements) per_rating = { critical: summary_findings.select{|finding| finding[:rating] == 'Critical'}, high: summary_findings.select{|finding| finding[:rating] == 'High'}, medium: summary_findings.select{|finding| finding[:rating] == 'Medium'}, low: summary_findings.select{|finding| finding[:rating] == 'Low'}, } Conclusion.new( index, title, reference, per_device, per_rating, per_rating[:critical], per_rating[:high], per_rating[:medium], per_rating[:low] ) end
cves()
click to toggle source
# File lib/nipper_parser/parsers/vulnerability_audit.rb, line 84 def cves cves = @config.to_a.clone cves.shift # pop first item, the introduction cves.pop(2) # pop last 2 items, conclusion, recommendations cves.map.with_index do |cve, i| CVE.new( attributes(cve).index, attributes(cve).title, attributes(cve).ref, cve.elements[0], # FIXME rating cve.elements[1].elements.text, # summary # cve.elements[2].elements[1].nil?? cve.elements[2].elements.map{|d| d.text} : cve.elements[2].elements[1].elements.map(&:text), # this fix some affected devices scenario if cve.elements[2].elements[1].nil? cve.elements[2].elements.map{|d| d.text} else cve.elements[2].elements[1].elements.map(&:text) end, cve.elements[3].elements[1].elements.map(&:text), # vendor_sec_advisories cve.elements[4].nil?? [] : cve.elements[4].elements[1].elements.map(&:text) # references, check if no references ) end end
introduction()
click to toggle source
Introduction
of the Security Audit report
# File lib/nipper_parser/parsers/vulnerability_audit.rb, line 66 def introduction intro = @config[0] attribute = attributes(intro) index = attribute.index title = attribute.title reference = attribute.ref date = Date.parse(intro.elements[0].text).to_s devices = generate_table(intro.elements[1].elements) excluded = {devices: @config[0].elements[3].elements.map(&:text), # TODO enhance excluded results, need more excluded cases to see structure reason: @config[0].elements[2].text} Introduction.new( index, title, reference, date, devices, excluded ) end
recommendations()
click to toggle source
# File lib/nipper_parser/parsers/vulnerability_audit.rb, line 133 def recommendations recom = @config.search("section[@ref='VULNAUDIT.RECOMMENDATIONS']")[0] attribute = attributes(recom) index = attribute.index title = attribute.title reference = attribute.ref list = recom.elements[2].elements.map(&:text) Recommendations.new( index, title, reference, list ) end