From d41011a5edb43ad2a941b44c86e97effb0c68a28 Mon Sep 17 00:00:00 2001 From: pemontto Date: Wed, 24 Apr 2019 09:20:27 +1000 Subject: [PATCH] refactor qualys cvss extraction --- vulnwhisp/frameworks/qualys_vuln.py | 29 +++++------------------------ 1 file changed, 5 insertions(+), 24 deletions(-) diff --git a/vulnwhisp/frameworks/qualys_vuln.py b/vulnwhisp/frameworks/qualys_vuln.py index a202aab..19ca865 100644 --- a/vulnwhisp/frameworks/qualys_vuln.py +++ b/vulnwhisp/frameworks/qualys_vuln.py @@ -11,7 +11,6 @@ import pandas as pd import qualysapi - class qualysWhisperAPI(object): SCANS = 'api/2.0/fo/scan' @@ -165,29 +164,11 @@ class qualysVulnScan: # Contruct the CVSS vector self.logger.info('Extracting CVSS components') - df['cvss_vector'] = ( - df.loc[df['cvss_base'].str.contains(' \('), 'cvss_base'] - .str.split() - .apply(lambda x: x[1]) - .str.strip('()') - ) - df['cvss_base'] = ( - df.loc[df['cvss_base'].str.contains(' \('), 'cvss_base'] - .str.split() - .apply(lambda x: x[0]) - ) + df['cvss_vector'] = df['cvss_base'].str.extract('\((.*)\)', expand=False) + df['cvss_base'] = df['cvss_base'].str.extract('^([^ ]+)', expand=False) + df['cvss_temporal_vector'] = df['cvss_temporal'].str.extract('\((.*)\)', expand=False) + df['cvss_temporal'] = df['cvss_temporal'].str.extract('^([^ ]+)', expand=False) - df['cvss_temporal_vector'] = ( - df.loc[df['cvss_temporal'].str.contains(' \('), 'cvss_temporal'] - .str.split() - .apply(lambda x: x[1]) - .str.strip('()') - ) - df['cvss_temporal'] = ( - df.loc[df['cvss_temporal'].str.contains(' \('), 'cvss_temporal'] - .str.split() - .apply(lambda x: x[0]) - ) # Convert Qualys severity to standardised risk number df['risk_number'] = df['severity'].astype(int)-1 @@ -195,4 +176,4 @@ class qualysVulnScan: df.fillna('', inplace=True) - return df \ No newline at end of file + return df