Cyberdefense/VulnWhisperer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update qualysapi to latest + PR and refactored vulnwhisperer qualys module to qualys-web (#108)

Browse Source 
* update qualysapi to latest + PR and refactored vulnwhisperer qualys module to qualys-web

* changing config template paths for qualys

* Update frameworks_example.ini

Will leave for now qualys local folder as "qualys" instead of changing to one for each module, as like this it will still be compatible with the current logstash and we will be able to update master to drop the qualysapi fork once the new version is uploaded to PyPI repository.
PR from qualysapi repo has already been merged, so the only missing is the upload to PyPI.
This commit is contained in:
Quim Montal
2018-10-18 11:39:08 +02:00
committed by Austin Taylor
parent 9383c12495
commit b7d6d6207f
15 changed files with 174 additions and 358 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
vulnwhisp/frameworks/qualys_vuln.py
View File

@ -17,7 +17,7 @@ class qualysWhisperAPI(object):
def __init__(self, config=None):
self.config = config
try:
self.qgc = qualysapi.connect(config)
self.qgc = qualysapi.connect(config, 'qualys_vuln')
# Fail early if we can't make a request or auth is incorrect
self.qgc.request('about.php')
print('[SUCCESS] - Connected to Qualys at %s' % self.qgc.server)

2
vulnwhisp/frameworks/qualys.py → vulnwhisp/frameworks/qualys_web.py
View File

@ -35,7 +35,7 @@ class qualysWhisperAPI(object):
def __init__(self, config=None):
self.config = config
try:
self.qgc = qualysapi.connect(config)
self.qgc = qualysapi.connect(config, 'qualys_web')
print('[SUCCESS] - Connected to Qualys at %s' % self.qgc.server)
except Exception as e:
print('[ERROR] Could not connect to Qualys - %s' % e)

6
vulnwhisp/vulnwhisp.py
View File

@ -4,7 +4,7 @@ __author__ = 'Austin Taylor'
from base.config import vwConfig
from frameworks.nessus import NessusAPI
from frameworks.qualys import qualysScanReport
from frameworks.qualys_web import qualysScanReport
from frameworks.qualys_vuln import qualysVulnScan
from frameworks.openvas import OpenVAS_API
from reporting.jira_api import JiraAPI
@ -469,7 +469,7 @@ class vulnWhispererNessus(vulnWhispererBase):
class vulnWhispererQualys(vulnWhispererBase):
CONFIG_SECTION = 'qualys'
CONFIG_SECTION = 'qualys_web'
COLUMN_MAPPING = {'Access Path': 'access_path',
'Ajax Request': 'ajax_request',
'Ajax Request ID': 'ajax_request_id',
@ -1176,7 +1176,7 @@ class vulnWhisperer(object):
profile=self.profile)
vw.whisper_nessus()
elif self.profile == 'qualys':
elif self.profile == 'qualys_web':
vw = vulnWhispererQualys(config=self.config)
vw.process_web_assets()