Cyberdefense/VulnWhisperer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

logging updates

Browse Source
This commit is contained in:
pemontto
2019-05-03 15:11:59 +01:00
parent f441f4f992
commit ff6fec3a38
2 changed files with 32 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
bin/vuln_whisperer
View File

@ -71,9 +71,11 @@ def main():
try: try:
if args.config and not args.section: if args.config and not args.section:
# this remains a print since we are in the main binary # this remains a print since we are in the main binary
print('WARNING: {warning}'.format(warning='No section was specified, vulnwhisperer will scrape enabled modules from config file. \ print(
"WARNING: No section was specified, vulnwhisperer will scrape enabled modules from config file. \
\nPlease specify a section using -s. \ \nPlease specify a section using -s. \
\nExample vuln_whisperer -c config.ini -s nessus')) \nExample vuln_whisperer -c config.ini -s nessus"
)
logger.info('No section was specified, vulnwhisperer will scrape enabled modules from the config file.') logger.info('No section was specified, vulnwhisperer will scrape enabled modules from the config file.')
config = vwConfig(config_in=args.config) config = vwConfig(config_in=args.config)

41
vulnwhisp/vulnwhisp.py
View File

@ -63,8 +63,6 @@ class vulnWhispererBase(object):
self.db_path = self.config.get(self.CONFIG_SECTION, 'db_path') self.db_path = self.config.get(self.CONFIG_SECTION, 'db_path')
self.logger = logging.getLogger('vulnWhispererBase') self.logger = logging.getLogger('vulnWhispererBase')
self.logger.setLevel(logging.INFO)
self.logger.info('Running {} framwork'.format(self.CONFIG_SECTION))
self.logger.setLevel(logging.DEBUG if debug else logging.INFO if verbose else logging.WARNING) self.logger.setLevel(logging.DEBUG if debug else logging.INFO if verbose else logging.WARNING)
if self.db_name is not None: if self.db_name is not None:
@ -274,7 +272,7 @@ class vulnWhispererBase(object):
# Map CVSS to severity name # Map CVSS to severity name
df.loc[df[cvss_version].astype(str) == '', cvss_version] = None df.loc[df[cvss_version].astype(str) == '', cvss_version] = None
df[cvss_version] = df[cvss_version].astype('float') df[cvss_version] = df[cvss_version].astype('float')
df.loc[df[cvss_version] == 0, cvss_version + '_severity'] = 'informational' df.loc[cvss_version + '_severity'] = 'informational'
df.loc[(df[cvss_version] > 0) & (df[cvss_version] < 3), cvss_version + '_severity'] = 'low' df.loc[(df[cvss_version] > 0) & (df[cvss_version] < 3), cvss_version + '_severity'] = 'low'
df.loc[(df[cvss_version] >= 3) & (df[cvss_version] < 6), cvss_version + '_severity'] = 'medium' df.loc[(df[cvss_version] >= 3) & (df[cvss_version] < 6), cvss_version + '_severity'] = 'medium'
df.loc[(df[cvss_version] >= 6) & (df[cvss_version] < 9), cvss_version + '_severity'] = 'high' df.loc[(df[cvss_version] >= 6) & (df[cvss_version] < 9), cvss_version + '_severity'] = 'high'
@ -556,7 +554,7 @@ class vulnWhispererQualys(vulnWhispererBase):
debug=False, debug=False,
): ):
super(vulnWhispererQualys, self).__init__(config=config, debug=debug) super(vulnWhispererQualys, self).__init__(config=config, verbose=verbose, debug=debug)
self.logger = logging.getLogger('vulnWhispererQualys') self.logger = logging.getLogger('vulnWhispererQualys')
if not verbose: if not verbose:
verbose = self.config.getbool(self.CONFIG_SECTION, 'verbose') verbose = self.config.getbool(self.CONFIG_SECTION, 'verbose')
@ -729,7 +727,7 @@ class vulnWhispererOpenVAS(vulnWhispererBase):
verbose=False, verbose=False,
debug=False, debug=False,
): ):
super(vulnWhispererOpenVAS, self).__init__(config=config, debug=debug) super(vulnWhispererOpenVAS, self).__init__(config=config, verbose=verbose, debug=debug)
self.logger = logging.getLogger('vulnWhispererOpenVAS') self.logger = logging.getLogger('vulnWhispererOpenVAS')
if not verbose: if not verbose:
verbose = self.config.getbool(self.CONFIG_SECTION, 'verbose') verbose = self.config.getbool(self.CONFIG_SECTION, 'verbose')
@ -854,7 +852,7 @@ class vulnWhispererQualysVuln(vulnWhispererBase):
debug=False, debug=False,
): ):
super(vulnWhispererQualysVuln, self).__init__(config=config, debug=debug) super(vulnWhispererQualysVuln, self).__init__(config=config, verbose=verbose, debug=debug)
self.logger = logging.getLogger('vulnWhispererQualysVuln') self.logger = logging.getLogger('vulnWhispererQualysVuln')
if not verbose: if not verbose:
verbose = self.config.getbool(self.CONFIG_SECTION, 'verbose') verbose = self.config.getbool(self.CONFIG_SECTION, 'verbose')
@ -984,7 +982,7 @@ class vulnWhispererJIRA(vulnWhispererBase):
verbose=False, verbose=False,
debug=False, debug=False,
): ):
super(vulnWhispererJIRA, self).__init__(config=config, debug=debug) super(vulnWhispererJIRA, self).__init__(config=config, verbose=verbose, debug=debug)
self.logger = logging.getLogger('vulnWhispererJira') self.logger = logging.getLogger('vulnWhispererJira')
if not verbose: if not verbose:
@ -1269,38 +1267,53 @@ class vulnWhisperer(object):
self.logger = logging.getLogger('vulnWhisperer') self.logger = logging.getLogger('vulnWhisperer')
self.logger.setLevel(logging.DEBUG if debug else logging.INFO if verbose else logging.WARNING) self.logger.setLevel(logging.DEBUG if debug else logging.INFO if verbose else logging.WARNING)
self.profile = profile self.profile = profile
self.verbose = verbose
self.debug = debug
self.config = config self.config = config
self.source = source self.source = source
self.scanname = scanname self.scanname = scanname
self.exit_code = 0 self.exit_code = 0
def whisper_vulnerabilities(self): def whisper_vulnerabilities(self):
self.logger.setLevel(logging.INFO)
self.logger.info('Running {} framwork'.format(self.profile))
if self.profile == 'nessus': if self.profile == 'nessus':
vw = vulnWhispererNessus(config=self.config, vw = vulnWhispererNessus(config=self.config,
profile=self.profile) profile=self.profile,
verbose=self.verbose,
debug=self.debug)
self.exit_code += vw.whisper_nessus() self.exit_code += vw.whisper_nessus()
elif self.profile == 'qualys_web': elif self.profile == 'qualys_web':
vw = vulnWhispererQualys(config=self.config) vw = vulnWhispererQualys(config=self.config,
verbose=self.verbose,
debug=self.debug)
self.exit_code += vw.process_web_assets() self.exit_code += vw.process_web_assets()
elif self.profile == 'openvas': elif self.profile == 'openvas':
vw_openvas = vulnWhispererOpenVAS(config=self.config) vw_openvas = vulnWhispererOpenVAS(config=self.config,
verbose=self.verbose,
debug=self.debug)
self.exit_code += vw_openvas.process_openvas_scans() self.exit_code += vw_openvas.process_openvas_scans()
elif self.profile == 'tenable': elif self.profile == 'tenable':
vw = vulnWhispererNessus(config=self.config, vw = vulnWhispererNessus(config=self.config,
profile=self.profile) profile=self.profile,
verbose=self.verbose,
debug=self.debug)
self.exit_code += vw.whisper_nessus() self.exit_code += vw.whisper_nessus()
elif self.profile == 'qualys_vuln': elif self.profile == 'qualys_vuln':
vw = vulnWhispererQualysVuln(config=self.config) vw = vulnWhispererQualysVuln(config=self.config,
verbose=self.verbose,
debug=self.debug)
self.exit_code += vw.process_vuln_scans() self.exit_code += vw.process_vuln_scans()
elif self.profile == 'jira': elif self.profile == 'jira':
#first we check config fields are created, otherwise we create them #first we check config fields are created, otherwise we create them
vw = vulnWhispererJIRA(config=self.config) vw = vulnWhispererJIRA(config=self.config,
verbose=self.verbose,
debug=self.debug)
if not (self.source and self.scanname): if not (self.source and self.scanname):
self.logger.info('No source/scan_name selected, all enabled scans will be synced') self.logger.info('No source/scan_name selected, all enabled scans will be synced')
success = vw.sync_all() success = vw.sync_all()