From 039030549afec5461e6aa2306cdb6df51e48114e Mon Sep 17 00:00:00 2001 From: Damian Krawczyk Date: Mon, 9 Sep 2019 21:52:44 +0200 Subject: [PATCH] v. 0.4.0 --- CHANGELOG.rst | 9 +++++++++ nessus_file_analyzer/__about__.py | 4 ++-- nessus_file_analyzer/app.py | 33 +++++++++++++++++++++++++++++-- requirements.txt | 2 +- version.rc | 8 ++++---- 5 files changed, 47 insertions(+), 9 deletions(-) diff --git a/CHANGELOG.rst b/CHANGELOG.rst index d488acb..d65b103 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -6,6 +6,15 @@ This document records all notable changes to `nessus file analyzer by LimberDuck This project adheres to `Semantic Versioning `_. +0.4.0 (2019-09-09) +--------------------- + +New Features + - **CVE information in vulnerabilities report** - now you will have two additional columns at the end: + - CVE counter - with number of all CVE numbers assigned to particular plugin, if there is no CVE assigned cell has value 0 + - CVE number - with list of CVE numbers assigned to particular plugin, if there is no CVE assigned cell is empty + + 0.3.1 (2019-09-02) --------------------- diff --git a/nessus_file_analyzer/__about__.py b/nessus_file_analyzer/__about__.py index 60c52b1..8ce79c5 100644 --- a/nessus_file_analyzer/__about__.py +++ b/nessus_file_analyzer/__about__.py @@ -33,8 +33,8 @@ "of scans performed by using Nessus by (C) Tenable, Inc. and exports parsed" \ "data to a Microsoft Excel Workbook for effortless analysis." __uri__ = "https://github.com/LimberDuck" -__version__ = "0.3.1" -__release_date__ = "2019.09.02" +__version__ = "0.4.0" +__release_date__ = "2019.09.09" __author__ = u"Damian Krawczyk" __email__ = "damian.krawczyk@limberduck.org" __license_name__ = "GNU GPLv3" diff --git a/nessus_file_analyzer/app.py b/nessus_file_analyzer/app.py index 7f6cefb..a843e39 100644 --- a/nessus_file_analyzer/app.py +++ b/nessus_file_analyzer/app.py @@ -2086,7 +2086,9 @@ def create_worksheet_for_vulnerabilities(self, workbook, list_of_source_files): 'Plugin modification date', 'Plugin description', 'Solution', - 'Plugin output' + 'Plugin output', + 'CVE counter', + 'CVE number' ] else: headers = [ @@ -2114,7 +2116,9 @@ def create_worksheet_for_vulnerabilities(self, workbook, list_of_source_files): 'Plugin modification date', 'Plugin description', 'Solution', - 'Plugin output' + 'Plugin output', + 'CVE counter', + 'CVE number' ] number_of_columns = len(headers) # print('Number of columns: ' + str(number_of_columns)) @@ -2213,6 +2217,7 @@ def create_worksheet_for_vulnerabilities(self, workbook, list_of_source_files): plugin_description = nfr.plugin.report_item_value(report_item, 'description') solution = nfr.plugin.report_item_value(report_item, 'solution') plugin_output = nfr.plugin.report_item_value(report_item, 'plugin_output') + plugin_cves = nfr.plugin.report_item_values(report_item, 'cve') if not self.report_vulnerabilities_debug_data_enabled and not \ self.report_vulnerabilities_none_skip: @@ -2250,6 +2255,12 @@ def create_worksheet_for_vulnerabilities(self, workbook, list_of_source_files): worksheet.write_string(row_index, 19, plugin_output) else: worksheet.write_blank(row_index, 19, None) + if plugin_cves: + worksheet.write_number(row_index, 20, len(plugin_cves)) + worksheet.write_string(row_index, 21, ','.join(plugin_cves)) + else: + worksheet.write_number(row_index, 20, 0) + worksheet.write_blank(row_index, 21, None) elif not self.report_vulnerabilities_debug_data_enabled and \ self.report_vulnerabilities_none_skip: if risk_factor == 'None': @@ -2289,6 +2300,12 @@ def create_worksheet_for_vulnerabilities(self, workbook, list_of_source_files): worksheet.write_string(row_index, 19, plugin_output) else: worksheet.write_blank(row_index, 19, None) + if plugin_cves: + worksheet.write_number(row_index, 20, len(plugin_cves)) + worksheet.write_string(row_index, 21, ','.join(plugin_cves)) + else: + worksheet.write_number(row_index, 20, 0) + worksheet.write_blank(row_index, 21, None) elif self.report_vulnerabilities_debug_data_enabled and not \ self.report_vulnerabilities_none_skip: worksheet.write(row_index, 0, host_scanner_ip) @@ -2330,6 +2347,12 @@ def create_worksheet_for_vulnerabilities(self, workbook, list_of_source_files): worksheet.write_string(row_index, 24, plugin_output) else: worksheet.write_blank(row_index, 24, None) + if plugin_cves: + worksheet.write_number(row_index, 25, len(plugin_cves)) + worksheet.write_string(row_index, 26, ','.join(plugin_cves)) + else: + worksheet.write_number(row_index, 25, 0) + worksheet.write_blank(row_index, 26, None) elif self.report_vulnerabilities_debug_data_enabled and \ self.report_vulnerabilities_none_skip: if risk_factor == 'None': @@ -2374,6 +2397,12 @@ def create_worksheet_for_vulnerabilities(self, workbook, list_of_source_files): worksheet.write_string(row_index, 24, plugin_output) else: worksheet.write_blank(row_index, 24, None) + if plugin_cves: + worksheet.write_number(row_index, 25, len(plugin_cves)) + worksheet.write_string(row_index, 26, ','.join(plugin_cves)) + else: + worksheet.write_number(row_index, 25, 0) + worksheet.write_blank(row_index, 26, None) end_time = time.time() elapsed_time = end_time - start_time diff --git a/requirements.txt b/requirements.txt index 8f75084..738f788 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,6 +1,6 @@ chardet==3.0.4 imageio==2.5.0 -nessus-file-reader==0.1.0 +nessus-file-reader==0.2.0 numpy==1.16.2 Pillow==5.4.1 PyQt5==5.12.1 diff --git a/version.rc b/version.rc index 6d73961..6252447 100644 --- a/version.rc +++ b/version.rc @@ -1,7 +1,7 @@ VSVersionInfo( ffi=FixedFileInfo( - filevers=(0, 3, 1, 0), - prodvers=(0, 3, 1, 0), + filevers=(0, 4, 0, 0), + prodvers=(0, 4, 0, 0), mask=0x3f, flags=0x0, OS=0x40004, @@ -16,12 +16,12 @@ VSVersionInfo( u'040904B0', [StringStruct(u'CompanyName', u'LimberDuck'), StringStruct(u'FileDescription', u'nessus file analyzer'), - StringStruct(u'FileVersion', u'0.3.1.0'), + StringStruct(u'FileVersion', u'0.4.0.0'), StringStruct(u'InternalName', u'nfa'), StringStruct(u'LegalCopyright', u'\xa9 Damian Krawczyk.'), StringStruct(u'OriginalFilename', u'nfa.exe'), StringStruct(u'ProductName', u'nessus file analyzer'), - StringStruct(u'ProductVersion', u'0.3.1.0')]) + StringStruct(u'ProductVersion', u'0.4.0.0')]) ]), VarFileInfo([VarStruct(u'Translation', [1033, 1200])]) ]