bpmcdevitt/security_tools
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

can pull exploitability index now in the client

Browse source
This commit is contained in:
Brendan McDevitt 2022-09-20 09:24:07 -05:00
parent e400ddc258
commit dadf386eb5
1 changed files with 17 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

28
tools/microsoft/microsoft_cvrf_client.rb
View file

@ -38,27 +38,33 @@ class MicrosoftCvrfClient
puts "Exception when calling DefaultApi->cvrf_id_get: #{e}" puts "Exception when calling DefaultApi->cvrf_id_get: #{e}"
end end
# THREAT STRING SPECIFIC METHODS
# response from get_id() # response from get_id()
def cves_and_threat_strings(response) def cves_threat_strs(response)
response.vulnerability.map do |vuln| response.vulnerability.map do |vuln|
threat_string = get_threat_string_for_vuln(vuln) threat_str = get_threat_str_for_vuln(vuln)
split_t_string = split_threat_string(threat_string) split_t_str_arr = split_threat_str(threat_str)
#hashed_string = split_threat_string_to_hash(split_t_string) hashed_t_str = threat_str_arr_to_hash(split_t_str_arr)
[ vuln.cve, split_t_string ] { vuln.cve => hashed_t_str }
end end
end end
def get_threat_string_for_vuln(vuln) def get_threat_str_for_vuln(vuln)
vuln.threats.select { |t| t.type == 1 }.first.description.value vuln.threats.select { |t| t.type == 1 }.first.description.value
end end
def split_threat_string(threat_string) def split_threat_str(threat_str)
threat_string.split(";") threat_str.split(";")
end end
# doesnt work def threat_str_arr_to_hash(split_threat_str_arr)
def split_threat_string_to_hash(split_threat_string) arr_of_hash = split_threat_str_arr.map do |e|
Hash[*split_threat_string.flatten] spl_str = e.split(":")
k = spl_str[0]
v = spl_str[1]
{ k => v }
end
arr_of_hash.reduce Hash.new, :merge
end end
end end