bpmcdevitt/misc_rbtools
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

made this thing super fast! woohoO!

Browse source
This commit is contained in:
Brendan McDevitt 2019-08-09 02:05:32 -05:00
parent 2b2d400d75
commit 3c5c1c7be9
27 changed files with 61 additions and 34 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

BIN
data/cve/nvdcve-1.0-2002.json.gz
View file

Binary file not shown.

BIN
data/cve/nvdcve-1.0-2003.json.gz
View file

Binary file not shown.

BIN
data/cve/nvdcve-1.0-2004.json.gz
View file

Binary file not shown.

BIN
data/cve/nvdcve-1.0-2005.json.gz
View file

Binary file not shown.

BIN
data/cve/nvdcve-1.0-2006.json.gz
View file

Binary file not shown.

BIN
data/cve/nvdcve-1.0-2007.json.gz
View file

Binary file not shown.

BIN
data/cve/nvdcve-1.0-2008.json.gz
View file

Binary file not shown.

BIN
data/cve/nvdcve-1.0-2009.json.gz
View file

Binary file not shown.

BIN
data/cve/nvdcve-1.0-2010.json.gz
View file

Binary file not shown.

BIN
data/cve/nvdcve-1.0-2011.json.gz
View file

Binary file not shown.

BIN
data/cve/nvdcve-1.0-2012.json.gz
View file

Binary file not shown.

BIN
data/cve/nvdcve-1.0-2013.json.gz
View file

Binary file not shown.

BIN
data/cve/nvdcve-1.0-2014.json.gz
View file

Binary file not shown.

BIN
data/cve/nvdcve-1.0-2015.json.gz
View file

Binary file not shown.

BIN
data/cve/nvdcve-1.0-2016.json.gz
View file

Binary file not shown.

BIN
data/cve/nvdcve-1.0-2017.json.gz
View file

Binary file not shown.

BIN
data/cve/nvdcve-1.0-2018.json.gz
View file

Binary file not shown.

BIN
data/cve/nvdcve-1.0-2019.json.gz
View file

Binary file not shown.

BIN
data/cve/nvdcve-1.0-modified.json.gz
View file

Binary file not shown.

BIN
data/cve/nvdcve-1.0-recent.json.gz
View file

Binary file not shown.

10
kenna_kdi_importer/asset_generator.rb
View file

@ -22,22 +22,22 @@ module KennaKdi
} }
end end
def create_assets(number_of_assets, max_number_vulns) def create_assets(number_of_assets, number_of_vulns)
assets = assets_array(number_of_assets, max_number_vulns) assets = assets_array(number_of_assets, number_of_vulns)
vuln_hashes = assets.map {|asset| asset[:vulns]}.flatten vuln_hashes = assets.map {|asset| asset[:vulns]}.flatten
header_and_assets = skip_autoclose.merge(assets_merge(assets)) header_and_assets = skip_autoclose.merge(assets_merge(assets))
header_and_assets.merge(vuln_def_merge(vuln_hashes)) header_and_assets.merge(vuln_def_merge(vuln_hashes))
end end
def assets_array(number_of_assets, max_number_vulns) def assets_array(number_of_assets, number_of_vulns)
# this should be the primary logic that will generate the "assets": [asset1, asset2] data for the json # this should be the primary logic that will generate the "assets": [asset1, asset2] data for the json
number_of_assets.times.map do number_of_assets.times.map do
random_asset_hash(rand(1..max_number_vulns)) multiple_vulns_asset_hash(number_of_vulns)
end end
end end
def random_asset_hash(number_of_vulns) def multiple_vulns_asset_hash(number_of_vulns)
# generate number of vulns specified vuln and vulndef pairs to work with # generate number of vulns specified vuln and vulndef pairs to work with
v_and_vds = multiple_vulns(number_of_vulns) v_and_vds = multiple_vulns(number_of_vulns)
{ {

0
kenna_kdi_importer/cve_info.rb → kenna_kdi_importer/cve_report.rb
View file

1
kenna_kdi_importer/data/cve_ids.json Normal file
View file

File diff suppressed because one or more lines are too long

28
kenna_kdi_importer/generate_cve_ids.rb Normal file
View file

@ -0,0 +1,28 @@
require './cve_report'
module KennaKdi
class GenerateCveIdsJson
attr_accessor :cve_data_path, :cve_files
def initialize(cve_data_path)
@cve_data_path = cve_data_path
@cve_files = Dir.glob(File.join(cve_data_path, '**', '*')).select{|file| File.file?(file)}
end
def all_reports
cve_files.map do |cve_file|
CveReport.new(cve_file)
end
end
def perform
cve_reports = all_reports
cve_ids = cve_reports.map do |cve_report|
cve_report.cve_ids
end.flatten
cve_ids.to_json
end
end
end

8
kenna_kdi_importer/kdi_jsonify.rb → kenna_kdi_importer/kdi_format.rb
View file

@ -1,10 +1,6 @@
require 'json'
module KennaKdi module KennaKdi
class KdiJsonify class KdiFormat
def initialize
end
def default_hash def default_hash
# from https://help.kennasecurity.com/hc/en-us/articles/360026413111-Kenna-Data-Importer-JSON-Connector- # from https://help.kennasecurity.com/hc/en-us/articles/360026413111-Kenna-Data-Importer-JSON-Connector-
<<~HEREDOC <<~HEREDOC

18
kenna_kdi_importer/kenna_kdi_importer.rb
View file

@ -1,10 +1,7 @@
require 'optparse' require 'optparse'
require './asset_generator' require './asset_generator'
require './cve_info' require './cve_report'
require './kdi_jsonify' require './kdi_format'
require 'pry'
asset_generator = KennaKdi::AssetGenerator.new('./data/cve')
ARGV << '-h' if ARGV.empty? ARGV << '-h' if ARGV.empty?
@ -14,7 +11,7 @@ OptionParser.new do |opts|
opts.banner = "Usage: kenna_kdi_importer.rb [OPTIONS]" opts.banner = "Usage: kenna_kdi_importer.rb [OPTIONS]"
opts.on('-a NUM', '--assets', Integer, "Number of assets to create") { |a| params[:assets] = a } opts.on('-a NUM', '--assets', Integer, "Number of assets to create") { |a| params[:assets] = a }
opts.on('-v NUM', '--max_vulns', Integer, "Max number of vulns that may be created per asset") {|v| params[:max_vulns] = v } opts.on('-v NUM', '--vulns', Integer, "Number of vulns that may be created per asset") {|v| params[:vulns] = v }
opts.on_tail("-h", "--help", "Show this message") do opts.on_tail("-h", "--help", "Show this message") do
puts opts puts opts
@ -23,16 +20,15 @@ OptionParser.new do |opts|
end.parse!(into: params) end.parse!(into: params)
raise OptionParser::MissingArgument if params[:assets].nil? raise OptionParser::MissingArgument if params[:assets].nil?
raise OptionParser::MissingArgument if params[:max_vulns].nil? raise OptionParser::MissingArgument if params[:vulns].nil?
num_of_assets = params[:assets] num_of_assets = params[:assets]
max_vulns = params[:max_vulns] num_of_vulns = params[:vulns]
puts "Now creating #{num_of_assets} assets. Each asset with a random set of vulnerabilities between 1 and #{max_vulns}" asset_generator = KennaKdi::AssetGenerator.new('./data/cve_ids.json')
puts "\n"
while true do while true do
hash = asset_generator.create_assets(num_of_assets, max_vulns) hash = asset_generator.create_assets(num_of_assets, num_of_vulns)
if hash if hash
break break
end end

30
kenna_kdi_importer/vuln_generator.rb
View file

@ -1,10 +1,10 @@
module KennaKdi module KennaKdi
class VulnGenerator class VulnGenerator
attr_accessor :cve_data_path attr_accessor :path_to_cve_json, :cve_ids
def initialize(cve_data_path) def initialize(path_to_cve_json)
# path to a directory of json.gz nvd files for CveReport class @path_to_cve_json = path_to_cve_json
@cve_data_path = cve_data_path @cve_ids = JSON.parse(File.read(path_to_cve_json))
end end
def vulns(vulns_and_vuln_defs) def vulns(vulns_and_vuln_defs)
@ -23,13 +23,24 @@ module KennaKdi
num_of_vulns.times.map { random_vuln_and_vuln_def } num_of_vulns.times.map { random_vuln_and_vuln_def }
end end
def sample_cve_ids(num_of_cve)
num_of_cve.times.map { cve_ids.sample }
end
private private
def random_cve_report def random_cve_report
cve_files = Dir.glob(File.join(cve_data_path, '**', '*')).select{|file| File.file?(file)}
CveReport.new(cve_files.sample) CveReport.new(cve_files.sample)
end end
def all_cve_reports
cve_files.map { |file| CveReport.new(file) }
end
def cve_report(file_path)
CveReport.new(file_path)
end
def vuln_hash def vuln_hash
scanner_id = Faker::Code.nric scanner_id = Faker::Code.nric
t = Time.new t = Time.new
@ -45,17 +56,12 @@ module KennaKdi
end end
def vuln_def_hash(vuln_hash) def vuln_def_hash(vuln_hash)
cve_data = random_cve_report id = cve_ids.sample
id = cve_data.cve_ids.sample
cve = cve_data.cve(id)
description = cve_data.description(id)
{ {
"scanner_identifier": vuln_hash[:scanner_identifier], "scanner_identifier": vuln_hash[:scanner_identifier],
"scanner_type": vuln_hash[:scanner_type], "scanner_type": vuln_hash[:scanner_type],
"cve_identifiers": id, "cve_identifiers": id,
"name": "#{vuln_hash[:scanner_identifier]} - #{id}", "name": "#{vuln_hash[:scanner_identifier]} - #{id}"
"description": description
} }
end end