Adding custom version of QualysAPI

deps/qualysapi/examples/__init__.py

@@ -0,0 +1 @@
+__author__ = 'pbaxi'

deps/qualysapi/examples/qualysapi-example.py

@@ -0,0 +1,113 @@
+__author__ = 'Parag Baxi <parag.baxi@gmail.com>'
+__license__ = 'Apache License 2.0'
+
+import qualysapi
+from lxml import objectify
+from lxml.builder import E
+
+# Setup connection to QualysGuard API.
+qgc = qualysapi.connect('config.txt')
+#
+# API v1 call: Scan the New York & Las Vegas asset groups
+# The call is our request's first parameter.
+call = 'scan.php'
+# The parameters to append to the url is our request's second parameter.
+parameters = {'scan_title': 'Go big or go home', 'asset_groups': 'New York&Las Vegas', 'option': 'Initial+Options'}
+# Note qualysapi will automatically convert spaces into plus signs for API v1 & v2.
+# Let's call the API and store the result in xml_output.
+xml_output = qgc.request(call, parameters, concurrent_scans_retries=2, concurrent_scans_retry_delay=600)
+# concurrent_retries: Retry the call this many times if your subscription hits the concurrent scans limit.
+# concurrent_retries: Delay in seconds between retrying when subscription hits the concurrent scans limit.
+# Example XML response when this happens below:
+#     <?xml version="1.0" encoding="UTF-8"?>
+#     <ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="http://localhost:50205/qps/rest/app//xsd/3.0/was/wasscan.xsd">
+#       <responseCode>INVALID_REQUEST</responseCode>
+#       <responseErrorDetails>
+#         <errorMessage>You have reached the maximum number of concurrent running scans (10) for your account</errorMessage>
+#         <errorResolution>Please wait until your previous scans have completed</errorResolution>
+#       </responseErrorDetails>
+#
+print(xml_output)
+#
+# API v1 call: Print out all IPs associated with asset group "Looneyville Texas".
+# Note that the question mark at the end is optional.
+call = 'asset_group_list.php?'
+# We can still use strings for the data (not recommended).
+parameters = 'title=Looneyville Texas'
+# Let's call the API and store the result in xml_output.
+xml_output = qgc.request(call, parameters)
+# Let's objectify the xml_output string.
+root = objectify.fromstring(xml_output)
+# Print out the IPs.
+print(root.ASSET_GROUP.SCANIPS.IP.text)
+# Prints out:
+# 10.0.0.102
+#
+# API v2 call: Print out DNS name for a range of IPs.
+call = '/api/2.0/fo/asset/host/'
+parameters = {'action': 'list', 'ips': '10.0.0.10-10.0.0.11'}
+xml_output = qgc.request(call, parameters)
+root = objectify.fromstring(xml_output)
+# Iterate hosts and print out DNS name.
+for host in root.RESPONSE.HOST_LIST.HOST:
+    print(host.IP.text, host.DNS.text)
+# Prints out:
+# 10.0.0.10 mydns1.qualys.com
+# 10.0.0.11 mydns2.qualys.com
+#
+# API v3 WAS call: Print out number of webapps.
+call = '/count/was/webapp'
+# Note that this call does not have a payload so we don't send any data parameters.
+xml_output = qgc.request(call)
+root = objectify.fromstring(xml_output)
+# Print out count of webapps.
+print(root.count.text)
+# Prints out:
+# 89
+#
+# API v3 WAS call: Print out number of webapps containing title 'Supafly'.
+call = '/count/was/webapp'
+# We can send a string XML for the data.
+parameters = '<ServiceRequest><filters><Criteria operator="CONTAINS" field="name">Supafly</Criteria></filters></ServiceRequest>'
+xml_output = qgc.request(call, parameters)
+root = objectify.fromstring(xml_output)
+# Print out count of webapps.
+print(root.count.text)
+# Prints out:
+# 3
+#
+# API v3 WAS call: Print out number of webapps containing title 'Lightsabertooth Tiger'.
+call = '/count/was/webapp'
+# We can also send an lxml.builder E object.
+parameters = (
+    E.ServiceRequest(
+        E.filters(
+            E.Criteria('Lightsabertooth Tiger', field='name',operator='CONTAINS'))))
+xml_output = qgc.request(call, parameters)
+root = objectify.fromstring(xml_output)
+# Print out count of webapps.
+print(root.count.text)
+# Prints out:
+# 0
+# Too bad, because that is an awesome webapp name!
+#
+# API v3 Asset Management call: Count tags.
+call = '/count/am/tag'
+xml_output = qgc.request(call)
+root = objectify.fromstring(xml_output)
+# We can use XPATH to find the count.
+print(root.xpath('count')[0].text)
+# Prints out:
+# 840
+#
+# API v3 Asset Management call: Find asset by name.
+call = '/search/am/tag'
+parameters = '''<ServiceRequest>
+        <preferences>
+            <limitResults>10</limitResults>
+        </preferences>
+        <filters>
+            <Criteria field="name" operator="CONTAINS">PB</Criteria>
+        </filters>
+    </ServiceRequest>'''
+xml_output = qgc.request(call, parameters)

deps/qualysapi/examples/qualysapi-simple-v1.py

@@ -0,0 +1,42 @@
+#!/usr/bin/env python
+import sys
+import logging
+
+import qualysapi
+
+# Questions?  See:
+#  https://bitbucket.org/uWaterloo_IST_ISS/python-qualysconnect
+
+if __name__ == '__main__':
+    # Basic command line processing.
+    if len(sys.argv) != 2:
+        print('A single IPv4 address is expected as the only argument')
+        sys.exit(2)
+    
+    # Set the MAXIMUM level of log messages displayed @ runtime. 
+    logging.basicConfig(level=logging.INFO)
+    
+    # Call helper that creates a connection w/ HTTP-Basic to QualysGuard API.
+    qgs=qualysapi.connect()
+
+    # Logging must be set after instanciation of connector class.
+    logger = logging.getLogger('qualysapi.connector')
+    logger.setLevel(logging.DEBUG)
+
+    # Log to sys.out.
+    logger_console = logging.StreamHandler()
+    logger_console.setLevel(logging.DEBUG)
+    formatter = logging.Formatter('%(name)-12s: %(levelname)-8s %(message)s')
+    logging.getLogger(__name__).addHandler(logger)
+
+    # Formulate a request to the QualysGuard V1 API.
+    #  docs @
+    #  https://community.qualys.com/docs/DOC-1324
+    #  http://www.qualys.com/docs/QualysGuard_API_User_Guide.pdf
+    #
+    # Old way still works:
+    # ret = qgs.request(1,'asset_search.php', "target_ips=%s&"%(sys.argv[1]))
+    # New way is cleaner:
+    ret = qgs.request(1,'asset_search.php', {'target_ips': sys.argv[1]})
+
+    print(ret)

deps/qualysapi/examples/qualysapi-simple-v2-report.py

@@ -0,0 +1,37 @@
+#!/usr/bin/env python
+import sys
+import logging
+
+import qualysapi
+
+if __name__ == '__main__':
+    # Basic command line processing.
+    if len(sys.argv) != 3:
+        print('A report template and scan reference respectively are expected as the only arguments.')
+        sys.exit(2)
+    
+    # Set the MAXIMUM level of log messages displayed @ runtime. 
+    logging.basicConfig(level=logging.DEBUG)
+    
+    # Call helper that creates a connection w/ HTTP-Basic to QualysGuard v1 API
+    qgs=qualysapi.connect()
+
+    # Logging must be set after instanciation of connector class.
+    logger = logging.getLogger('qualysapi.connector')
+    logger.setLevel(logging.DEBUG)
+
+    # Log to sys.out.
+    logger_console = logging.StreamHandler()
+    logger_console.setLevel(logging.DEBUG)
+    formatter = logging.Formatter('%(name)-12s: %(levelname)-8s %(message)s')
+    logging.getLogger(__name__).addHandler(logger)
+
+
+    # Formulate a request to the QualysGuard V1 API 
+    #  docs @
+    #  https://community.qualys.com/docs/DOC-1324
+    #  http://www.qualys.com/docs/QualysGuard_API_User_Guide.pdf
+    #
+    ret = qgs.request('/api/2.0/fo/report',{'action': 'launch', 'report_refs': sys.argv[2], 'output_format': 'xml', 'template_id': sys.argv[1], 'report_type': 'Scan'})
+
+    print(ret)

deps/qualysapi/examples/qualysapi-simple-v2.py

@@ -0,0 +1,43 @@
+#!/usr/bin/env python
+import sys
+import logging
+
+import qualysapi
+
+# Questions?  See:
+#  https://bitbucket.org/uWaterloo_IST_ISS/python-qualysconnect
+
+if __name__ == '__main__':
+    # Basic command line processing.
+    if len(sys.argv) != 2:
+        print('A single IPv4 address is expected as the only argument.')
+        sys.exit(2)
+    
+    # Set the MAXIMUM level of log messages displayed @ runtime. 
+    logging.basicConfig(level=logging.INFO)
+    
+    # Call helper that creates a connection w/ HTTP-Basic to QualysGuard v1 API
+    qgs=qualysapi.connect()
+
+    # Logging must be set after instanciation of connector class.
+    logger = logging.getLogger('qualysapi.connector')
+    logger.setLevel(logging.DEBUG)
+
+    # Log to sys.out.
+    logger_console = logging.StreamHandler()
+    logger_console.setLevel(logging.DEBUG)
+    formatter = logging.Formatter('%(name)-12s: %(levelname)-8s %(message)s')
+    logging.getLogger(__name__).addHandler(logger)
+
+
+    # Formulate a request to the QualysGuard V1 API 
+    #  docs @
+    #  https://community.qualys.com/docs/DOC-1324
+    #  http://www.qualys.com/docs/QualysGuard_API_User_Guide.pdf
+    #
+    # Old way still works:
+    # ret = qgs.request(2, "asset/host","?action=list&ips=%s&"%(sys.argv[1]))
+    # New way is cleaner:
+    ret = qgs.request('/api/2.0/fo/asset/host',{'action': 'list', 'ips': sys.argv[1]})
+
+    print(ret)