47 lines
No EOL
1.2 KiB
Ruby
47 lines
No EOL
1.2 KiB
Ruby
module KennaKdi
|
|
class VulnGenerator
|
|
attr_accessor :cve_data_path, :cve_data
|
|
|
|
def initialize(cve_data_path)
|
|
# path to a directory of json.gz nvd files for CveReport class
|
|
@cve_data_path = cve_data_path
|
|
@cve_data = random_cve_report
|
|
end
|
|
|
|
def random_vuln_and_vuln_def
|
|
# spit out a pair of vuln/vuln_def hashes
|
|
scanner_id = Faker::Code.nric
|
|
t = Time.new
|
|
timestamp = t.strftime("%Y-%m-%d %H:%M:%S")
|
|
|
|
|
|
id = cve_data.cve_ids.sample
|
|
cve = cve_data.cve(id)
|
|
description = cve_data.description(id)
|
|
|
|
{
|
|
"vuln": {
|
|
"scanner_identifier": scanner_id,
|
|
"scanner_type": "KDI Faker Data",
|
|
"created_at": timestamp,
|
|
"last_seen_at": timestamp,
|
|
"status": "open"
|
|
},
|
|
"vuln_def": {
|
|
"scanner_identifier": scanner_id,
|
|
"scanner_type": "KDI Faker Data",
|
|
"cve_identifiers": id,
|
|
"name": "#{scanner_id} - #{id}",
|
|
"description": description
|
|
}
|
|
}
|
|
end
|
|
|
|
private
|
|
|
|
def random_cve_report
|
|
cve_files = Dir.glob(File.join(cve_data_path, '**', '*')).select{|file| File.file?(file)}
|
|
CveReport.new(cve_files.sample)
|
|
end
|
|
end
|
|
end |