* Use error codes for failed scans
* Fix indentations
* Fix more indentation
* Continue after failed download
* Add tests for failed scans
* Add more tests
* move definition
* Update nessus.py
This function was used by function `print_scans` which at the same time was an unused one that had been deleted in the PR itself.
* Fix closing logging handlers
* Fix *some* unicode issues for nessus and qualys
* Prevent multiple requests to nessus scans endpoint
* More unicode fixes
* Remove unnecessary call
* Fix whitespace
* Add mock module and argument
* Add test config and data
* Fix whitespace again
* Disable qualys_web until data is available
* Use logging module
* Delete report_tracker.db
* Cleanup mock calls
* Add httpretty to requirements
* Refactor into a class
* Updates travis tests
* Fix exit codes
* Remove print statements
* Remove test
* Add test directory as submodule
* moved qualysapi to branch master-update
* fixing bug of qualys scan without vulnerabilities: vulnWhispererQualysVuln[1361] ERROR Could not process scan/1549159480.84792: 'severity'
* change to fixed qualysapi branch
* fix bug and changed to qualysapi fork master branch
* updated submodule to master branch
* first ansible skeleton
* first commit of ansible installation of vulnwhisperer outside docker
* first ansible skeleton
* first commit of ansible installation of vulnwhisperer outside docker
* refactor the ansible role a bit
* update readme, add fail validation step to provision.yml and fix
typo when calling a logging funciton
* changing config template paths for qualys
* Update frameworks_example.ini
Will leave for now qualys local folder as "qualys" instead of changing to one for each module, as like this it will still be compatible with the current logstash and we will be able to update master to drop the qualysapi fork once the new version is uploaded to PyPI repository.
PR from qualysapi repo has already been merged, so the only missing is the upload to PyPI.
* initialize variable fullpath to avoid break
* fix get latest scan entry from db and ignore 'potential' not verified vulns
* added host resolv + cache to speed already resolved, jira logging
* make sure that vulnerability criticality appears as a label on ticket + automatic actions
* jira bulk report of scans, fix on nessus logging, jira time resolution and list all ticket reported assets
* added jira ticket data download + change default time window from 6 to 12 months
* small fixes
* jira logstash files
* fix variable confusion (thx Travis :)
* Rework logging using the stdlib machinery
Use the verbose or debug flag to enable/disable logging.DEBUG
Remove the vprint function from all classes
Remove bcolors from all code
Cleanup [INFO], [ERROR], {success} and similar
* fix some errors my local linter missed but travis catched
* add coloredlogs and --fancy command line flag
* clean OS X .DS_Store files
* fix nessus end of line carriage, added JIRA args
* JIRA module fully working
* jira module working with nessus
* added check on already existing jira config, update README
* qualys_vm<->jira working, qualys_vm database entries with qualys_vm, improved checks
* JIRA module updates ticket's assets and comments update
* added JIRA auto-close function for resolved vulnerabitilies
* fix if components variable empty issue
* fix creation of new ticket after updating existing one
* final fixes, added extra line in template
* added vulnerability criticality as label in order to be able to filter
* jira module gets now minimum criticality from config file
* added jira config to frameworks_example.ini
* fail check for config variable in case it is left empty
* clean OS X .DS_Store files
* fix nessus end of line carriage, added JIRA args
* JIRA module fully working
* jira module working with nessus
* added check on already existing jira config, update README
* qualys_vm<->jira working, qualys_vm database entries with qualys_vm, improved checks
* JIRA module updates ticket's assets and comments update
* added JIRA auto-close function for resolved vulnerabitilies
* fix if components variable empty issue
* fix creation of new ticket after updating existing one
* final fixes, added extra line in template
* added vulnerability criticality as label in order to be able to filter
* ignore nessus requests warnings
* docker-compose fully working with vulnwhisperer integrated
* remove comments docker-compose
* documenting docker-compose
* Readme corrections
* fix after recheck everything works out of the box
* fix exits that break the no specified section execution mode
* fix docker qualysapi issue, updated README
* revert change on deps/qualysapi/qualysapi/util.py (no effect)
* temporarily changed Dockerfile link to the working one
* Add Qualys vulnerability scans
* Use non-zero exit codes for failures
* Convert to strings for Logstash
* Update logstash config for vulnerability scans
* Update README
* Grab all scans statuses
* Add Qualys vulnerability scans
* Use non-zero exit codes for failures
* Convert to strings for Logstash
* Update logstash config for vulnerability scans
* Update README
* Grab all scans statuses
* Fix error: "Cannot convert non-finite values (NA or inf) to integer"
When trying to download the results of Qualys Vulnerability Management scans, the following error pops up:
[FAIL] - Could not process scan/xxxxxxxxxx.xxxxx - Cannot convert non-finite values (NA or inf) to integer
This error is due to pandas operating with the scan results json file, as the last element from the json doesn't fir with the rest of the response's scheme: that element is "target_distribution_across_scanner_appliances", which contains the scanners used and the IP ranges that each scanner went through.
Taking out the last line solves the issue.
Also adding the qualys_vuln scheme to the frameworks_example.ini
* No need to specify section to run
Until now it vulnwhisperer was not running if a section was not specified,
but there is the variable "enabled" on each module config, so now it will
check which modules are enabled and run them sequentialy.
Made mainly in order to be able to automate with docker-compose instance,
as the docker with vulnwhisperer (https://github.com/HASecuritySolutions/docker_vulnwhisperer)
has that command run at the end.
* added to readme + detectify
