Column update for scans and N/A cleanup

2017-12-28 22:47:58 -05:00
parent d03ba15772
commit c041693018
2 changed files with 10 additions and 7 deletions
--- a/vulnwhisp/frameworks/qualys.py
+++ b/vulnwhisp/frameworks/qualys.py
@ -321,7 +321,7 @@ class qualysReportFields:
    GROUP_HEADER = ['GROUP', 'Name', 'Category']
    OWASP_HEADER = ['OWASP', 'Code', 'Name']
    WASC_HEADER = ['WASC', 'Code', 'Name']
-    SCAN_META = ['Web Application Name', 'URL', 'Owner', 'Operating System', 'Scope']
+    SCAN_META = ['Web Application Name', 'URL', 'Owner', 'Scope', 'Operating System']
    CATEGORY_HEADER = ['Category', 'Severity', 'Level', 'Description']


@ -742,6 +742,8 @@ class qualysScanReport:
        merged_df = pd.merge(merged_df, df_dict['CATEGORY_HEADER'], how='left', left_on=['Category', 'Severity Level'],
                             right_on=['Category', 'Severity'], suffixes=('Severity', 'CatSev'))

+        merged_df = merged_df.fillna('')
+
        try:
            merged_df = \
                merged_df[~merged_df.Title.str.contains('Links Crawled|External Links Discovered'
@ -750,9 +752,9 @@ class qualysScanReport:
            print(e)
        return merged_df

-    def download_file(self, file_id):
+    def download_file(self, path='', file_id=None):
        report = self.qw.download_report(file_id)
-        filename = str(file_id) + '.csv'
+        filename = path + str(file_id) + '.csv'
        file_out = open(filename, 'w')
        for line in report.splitlines():
            file_out.write(line + '\n')
@ -763,10 +765,10 @@ class qualysScanReport:
    def remove_file(self, filename):
        os.remove(filename)

-    def process_data(self, file_id, cleanup=True):
+    def process_data(self, path='', file_id=None, cleanup=True):
        """Downloads a file from qualys and normalizes it"""

-        download_file = self.download_file(file_id)
+        download_file = self.download_file(path=path, file_id=file_id)
        print('[ACTION] - Downloading file ID: %s' % file_id)
        report_data = self.grab_sections(download_file)
        merged_data = self.data_normalizer(report_data)
--- a/vulnwhisp/vulnwhisp.py
+++ b/vulnwhisp/vulnwhisp.py
@ -408,7 +408,7 @@ class vulnWhispererQualys(vulnWhispererBase):
            debug=False,
            username=None,
            password=None,
-    ):
+        ):
        super(vulnWhispererQualys, self).__init__(config=config, )

        self.qualys_scan = qualysScanReport(config=config)
@ -466,7 +466,8 @@ class vulnWhispererQualys(vulnWhispererBase):
                    generated_report_id = root.data.Report.id
                    print('{info} - New Report ID: %s'.format(info=bcolors.INFO) \
                          % generated_report_id)
-                    vuln_ready = self.qualys_scan.process_data(generated_report_id)
+
+                    vuln_ready = self.qualys_scan.process_data(path=self.write_path, file_id=generated_report_id)

                    vuln_ready.to_csv(self.path_check(report_name), index=False, header=True)  # add when timestamp occured
                    print('{success} - Report written to %s'.format(success=bcolors.SUCCESS) \