reorganize directory structure

2020-10-28 23:43:06 -05:00 · 2020-10-28 23:43:06 -05:00 · 04ce52f2cf
commit 04ce52f2cf
parent 588ffa593b
49 changed files with 0 additions and 1311053 deletions
--- a/security_tools/kenna_kdi_importer/asset.json
+++ b/security_tools/kenna_kdi_importer/asset.json
--- a/security_tools/kenna_kdi_importer/asset_generator.rb
+++ b/security_tools/kenna_kdi_importer/asset_generator.rb
--- a/security_tools/kenna_kdi_importer/cve_report.rb
+++ b/security_tools/kenna_kdi_importer/cve_report.rb
--- a/security_tools/kenna_kdi_importer/data/cve/nvdcve-1.0-2002.json.gz
+++ b/security_tools/kenna_kdi_importer/data/cve/nvdcve-1.0-2002.json.gz
--- a/security_tools/kenna_kdi_importer/data/cve/nvdcve-1.0-2003.json.gz
+++ b/security_tools/kenna_kdi_importer/data/cve/nvdcve-1.0-2003.json.gz
--- a/security_tools/kenna_kdi_importer/data/cve/nvdcve-1.0-2004.json.gz
+++ b/security_tools/kenna_kdi_importer/data/cve/nvdcve-1.0-2004.json.gz
--- a/security_tools/kenna_kdi_importer/data/cve/nvdcve-1.0-2005.json.gz
+++ b/security_tools/kenna_kdi_importer/data/cve/nvdcve-1.0-2005.json.gz
--- a/security_tools/kenna_kdi_importer/data/cve/nvdcve-1.0-2006.json.gz
+++ b/security_tools/kenna_kdi_importer/data/cve/nvdcve-1.0-2006.json.gz
--- a/security_tools/kenna_kdi_importer/data/cve/nvdcve-1.0-2007.json.gz
+++ b/security_tools/kenna_kdi_importer/data/cve/nvdcve-1.0-2007.json.gz
--- a/security_tools/kenna_kdi_importer/data/cve/nvdcve-1.0-2008.json.gz
+++ b/security_tools/kenna_kdi_importer/data/cve/nvdcve-1.0-2008.json.gz
--- a/security_tools/kenna_kdi_importer/data/cve/nvdcve-1.0-2009.json.gz
+++ b/security_tools/kenna_kdi_importer/data/cve/nvdcve-1.0-2009.json.gz
--- a/security_tools/kenna_kdi_importer/data/cve/nvdcve-1.0-2010.json.gz
+++ b/security_tools/kenna_kdi_importer/data/cve/nvdcve-1.0-2010.json.gz
--- a/security_tools/kenna_kdi_importer/data/cve/nvdcve-1.0-2011.json.gz
+++ b/security_tools/kenna_kdi_importer/data/cve/nvdcve-1.0-2011.json.gz
--- a/security_tools/kenna_kdi_importer/data/cve/nvdcve-1.0-2012.json.gz
+++ b/security_tools/kenna_kdi_importer/data/cve/nvdcve-1.0-2012.json.gz
--- a/security_tools/kenna_kdi_importer/data/cve/nvdcve-1.0-2013.json.gz
+++ b/security_tools/kenna_kdi_importer/data/cve/nvdcve-1.0-2013.json.gz
--- a/security_tools/kenna_kdi_importer/data/cve/nvdcve-1.0-2014.json.gz
+++ b/security_tools/kenna_kdi_importer/data/cve/nvdcve-1.0-2014.json.gz
--- a/security_tools/kenna_kdi_importer/data/cve/nvdcve-1.0-2015.json.gz
+++ b/security_tools/kenna_kdi_importer/data/cve/nvdcve-1.0-2015.json.gz
--- a/security_tools/kenna_kdi_importer/data/cve/nvdcve-1.0-2016.json.gz
+++ b/security_tools/kenna_kdi_importer/data/cve/nvdcve-1.0-2016.json.gz
--- a/security_tools/kenna_kdi_importer/data/cve/nvdcve-1.0-2017.json.gz
+++ b/security_tools/kenna_kdi_importer/data/cve/nvdcve-1.0-2017.json.gz
--- a/security_tools/kenna_kdi_importer/data/cve/nvdcve-1.0-2018.json.gz
+++ b/security_tools/kenna_kdi_importer/data/cve/nvdcve-1.0-2018.json.gz
--- a/security_tools/kenna_kdi_importer/data/cve/nvdcve-1.0-2019.json.gz
+++ b/security_tools/kenna_kdi_importer/data/cve/nvdcve-1.0-2019.json.gz
--- a/security_tools/kenna_kdi_importer/data/cve/nvdcve-1.0-modified.json.gz
+++ b/security_tools/kenna_kdi_importer/data/cve/nvdcve-1.0-modified.json.gz
--- a/security_tools/kenna_kdi_importer/data/cve/nvdcve-1.0-recent.json.gz
+++ b/security_tools/kenna_kdi_importer/data/cve/nvdcve-1.0-recent.json.gz
--- a/security_tools/kenna_kdi_importer/data/cve/nvdcve-1.1-2020.json.gz
+++ b/security_tools/kenna_kdi_importer/data/cve/nvdcve-1.1-2020.json.gz
--- a/security_tools/kenna_kdi_importer/data/cve_ids.json
+++ b/security_tools/kenna_kdi_importer/data/cve_ids.json
--- a/security_tools/kenna_kdi_importer/data/samples/100_assets_100_vulns_each_kdi.json
+++ b/security_tools/kenna_kdi_importer/data/samples/100_assets_100_vulns_each_kdi.json
--- a/security_tools/kenna_kdi_importer/data/samples/1_asset_1_vuln.json
+++ b/security_tools/kenna_kdi_importer/data/samples/1_asset_1_vuln.json
--- a/security_tools/kenna_kdi_importer/data/samples/1k_assets_with_50v_each.json
+++ b/security_tools/kenna_kdi_importer/data/samples/1k_assets_with_50v_each.json
--- a/security_tools/kenna_kdi_importer/data/samples/2_asset_2_vulns.json
+++ b/security_tools/kenna_kdi_importer/data/samples/2_asset_2_vulns.json
--- a/security_tools/kenna_kdi_importer/data/samples/3_asset_3_vulns.json
+++ b/security_tools/kenna_kdi_importer/data/samples/3_asset_3_vulns.json
--- a/security_tools/kenna_kdi_importer/data/samples/sample_multiple_vuln_sample_vulndef.json
+++ b/security_tools/kenna_kdi_importer/data/samples/sample_multiple_vuln_sample_vulndef.json
--- a/security_tools/kenna_kdi_importer/generate_cve_ids.rb
+++ b/security_tools/kenna_kdi_importer/generate_cve_ids.rb
--- a/security_tools/kenna_kdi_importer/kdi_file.json
+++ b/security_tools/kenna_kdi_importer/kdi_file.json
--- a/security_tools/kenna_kdi_importer/kdi_file_100_assets.json
+++ b/security_tools/kenna_kdi_importer/kdi_file_100_assets.json
--- a/security_tools/kenna_kdi_importer/kdi_format.rb
+++ b/security_tools/kenna_kdi_importer/kdi_format.rb
--- a/security_tools/kenna_kdi_importer/kenna_kdi_importer.rb
+++ b/security_tools/kenna_kdi_importer/kenna_kdi_importer.rb
--- a/security_tools/kenna_kdi_importer/sample_asset_with_tags_kdi.json
+++ b/security_tools/kenna_kdi_importer/sample_asset_with_tags_kdi.json
--- a/security_tools/kenna_kdi_importer/subdomain_generator.rb
+++ b/security_tools/kenna_kdi_importer/subdomain_generator.rb
--- a/security_tools/kenna_kdi_importer/vuln_generator.rb
+++ b/security_tools/kenna_kdi_importer/vuln_generator.rb
--- a/security_tools/microsoft_tools/microsoft_kb_auditer/microsoft_cve_audit.rb
+++ b/security_tools/microsoft_tools/microsoft_kb_auditer/microsoft_cve_audit.rb
--- a/security_tools/microsoft_tools/microsoft_kb_auditer/microsoft_kb_checker.rb
+++ b/security_tools/microsoft_tools/microsoft_kb_auditer/microsoft_kb_checker.rb
--- a/security_tools/redhat_oval_definition_parser/oval_stream_data_parser.rb
+++ b/security_tools/redhat_oval_definition_parser/oval_stream_data_parser.rb
@ -1,64 +0,0 @@
 # frozen_string_literal: true
 require 'json'
 require 'rest-client'
 class OvalStreamDataParser
  attr_accessor :index_data, :api_url
  def initialize
    @api_url = 'https://access.redhat.com/hydra/rest/securitydata/oval'
    @index_data = refresh_index
  end
  def refresh_index
    response = RestClient::Request.execute(
      method: :get,
      url: "#{api_url}/ovalstreams.json",
      content_type: 'application/json'
    )
    if response.code == 200
      parse_index(response)
    else
      puts "Error: HTTP Response code #{response.code} received."
    end
  end
  def parse_index(response)
    JSON.parse(response.body)
  end
  def list_stream_names
    index_data.map do |entry|
      entry['stream']
    end.sort
  end
  def list_stream_urls
    index_data.map do |entry|
      entry['resourceUrl']
    end.sort
  end
  def list_stream_labels
    index_data.map do |entry|
      entry['label']
    end.sort
  end
  def select_stream_by_label(label)
    index_data.select { |json| json['label'] == label }
  end
  def verify_shasum
    # method that will check the sha256sum of a downloaded file from resourceUrl and ensure they match
    # step 1:
    # get original shasum
    # step 2:
    # download file
    # step 3:
    # run sha256sum against file download
    # step 4:
    # run == logic against both sums and return true/false
  end
 end
--- a/security_tools/redhat_oval_definition_parser/ovalstreams.json
+++ b/security_tools/redhat_oval_definition_parser/ovalstreams.json
--- a/security_tools/redhat_oval_definition_parser/refresh_data_xml.sh
+++ b/security_tools/redhat_oval_definition_parser/refresh_data_xml.sh
@ -1,5 +0,0 @@
 #!/usr/bin/env bash
 # do a fresh pull of the data
 # the class should also do this when initialized but if you want a seperate script to run quick just to pull you can use this 
 wget https://access.redhat.com/hydra/rest/securitydata/oval/ovalstreams.json
--- a/security_tools/rpm_to_cve_parser/rhel_rpm_to_cve.rb
+++ b/security_tools/rpm_to_cve_parser/rhel_rpm_to_cve.rb
@ -1,50 +0,0 @@
 require 'ox'
 class RhelRpmToCve
  # filepath == /path/to/rpm-to-cve.xml
  attr_accessor :filepath, :file, :xml
  def initialize(filepath)
    @filepath = filepath
    @file = File.read(filepath)
    @xml = Ox.parse(file)
  end
  def list_pkg_names
    xml.rpms.locate("?/@rpm")
  end
  def pkg_exists?(pkg_name)
    list_pkg_names.include? pkg_name
  end
  def cves_per_pkg_name(pkg_name)
    if pkg_exists? pkg_name
      results = find_pkg(pkg_name).locate('*/cve').map do |r|
        r.text
      end.compact
      cves = results.map {|cve| cve}
      { 
        :rhel_package_name => pkg_name,
        :cves => cves,
        :cve_count => cves.count
      }
    else
      'Package not found.'
    end
  end
  def find_pkg(pkg_name)
    xml.rpms.locate("rpm[@rpm=#{pkg_name}]").first
  end
  def convert_to_json
    pkgs = list_pkg_names
    pkgs_and_cves = pkgs.map do |pkg_name|
      cves_per_pkg_name(pkg_name)
    end
    pkgs_and_cves.to_json
  end
 end
--- a/security_tools/rpm_to_cve_parser/rpm-to-cve.xml
+++ b/security_tools/rpm_to_cve_parser/rpm-to-cve.xml
--- a/security_tools/rpm_to_cve_parser/rpm_pkg_audit.rb
+++ b/security_tools/rpm_to_cve_parser/rpm_pkg_audit.rb
@ -1,32 +0,0 @@
 #!/usr/bin/env ruby
 # frozen_string_literal: true
 require 'optparse'
 require 'json'
 require './rhel_rpm_to_cve'
 data_file = './rpm-to-cve.xml'
 options = {}
 parser = OptionParser.new do |parser|
  parser.banner = 'Usage: rpm_pkg_audit.rb [options]'
  parser.on('-p', '--pkg PKGNAME', 'The pkg name you want to audit.') do |pkg|
    options[:pkg] = pkg
  end
  parser.on('-l', '--list', 'List packages in the XML datafile.') do |list|
    options[:list] = list
  end
 end
 parser.parse!
 pkg_name = options[:pkg]
 rpm_auditer = RhelRpmToCve.new(data_file)
 if pkg_name
  json = rpm_auditer.cves_per_pkg_name(pkg_name).to_json
  puts JSON.pretty_generate(JSON.parse(json))
 else options.key?(:list)
  puts rpm_auditer.list_pkg_names.sort
 end
--- a/security_tools/rpm_to_cve_parser/sax_parser.rb
+++ b/security_tools/rpm_to_cve_parser/sax_parser.rb
@ -1,36 +0,0 @@
 #!/usr/bin/env ruby
 require 'ox'
 class SaxParser < Ox::Sax
  def initialize
    @elements = []
  end
  def start_element(name)
    #puts "start: #{name}"
  end
  def current_element
    @elements.last
  end
  def end_element(name)
    #puts "end: #{name}"
  end
  def attr(name, value)
    #puts "  #{name} => #{value}"
  end
  def text(value)
    #puts "text: #{value}"
  end
 end
 file = File.read('./rpm-to-cve.xml')
 handler = SaxParser.new()
 Ox.sax_parse(handler, file)
--- a/security_tools/rpm_to_cve_parser/update_rpms_to_cve_xml.sh
+++ b/security_tools/rpm_to_cve_parser/update_rpms_to_cve_xml.sh
@ -1,4 +0,0 @@
 #!/usr/bin/env bash
 # refresh the latest rpm to cve xml mapping file from redhat security page
 wget https://www.redhat.com/security/data/metrics/rpm-to-cve.xml .