5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
|
# File 'lib/parsers/burp2.rb', line 5
def parse(xml,threshold)
vulns = Hash.new
findings = Array.new
vulns["findings"] = []
doc = Nokogiri::XML(xml)
doc.css('//issues/issue').each do |issue|
if issue.css('severity').text
finding = Finding.new()
finding.title = issue.css('name').text.to_s()
finding.overview = issue.css('issueBackground').text.to_s()+issue.css('issueDetail').text.to_s()
finding.remediation = issue.css('remediationBackground').text.to_s()
if issue.css('severity').text == 'Low'
finding.risk = 1
elsif issue.css('severity').text == 'Medium'
finding.risk = 2
elsif issue.css('severity').text =='High'
finding.risk = 3
else
finding.risk = 1
end
finding.type = "Web Application"
findings << finding
host = issue.css('host').text
ip = issue.css('host').attr('ip')
id = issue.css('type').text
hostname = "#{host}"
finding.affected_hosts = "#{host} (#{ip})"
finding.id = id
if vulns[hostname]
vulns[hostname] << finding.to_hash
else
vulns[hostname] = []
vulns[hostname] << finding.to_hash
end
end
end
return vulns.to_json
end
|