The last post was about SikuliX. It’s fair to say that it’s not optimal for web applications automation. For such applications, it’s better to use something, that will natively work with your web-browse. The first solution that comes to mind is, of course, Selenium.
Selenium is a portable software-testing framework for web applications. Selenium provides a record/playback tool for authoring tests without the need to learn a test scripting language.
This app is released under the Apache 2.0 license and is a very common tool for Quality Assurance (QA). It can be also used in Information Security. For example, you can upload Selenium scripts in Qualys WAS (Web Application Scanner) to help scanner in performing some complex operations, for example in authentication on the website.
Selenium is available in a form of two products: Selenium WebDriver for some hardcore automation and web-browser plugin Selenium IDE, which will help you to create and run scripts. I chose Selenium IDE.
This post I will publish in the API section of my blog. However, it is about the situation when there application has no API. Let’s suppose that we have to use in our work some graphical application or web-service. And unfortunately we need constantly repeat some very routine and annoying operations in it. This often happens if the application developers have not thought enough about the real-life cases their end-users will deal with. What can we do in such scenario?
- First of all, look maybe there is an open and documented API
- If there is no API, and it is an installed application, maybe you can use it in a console mode
- If it is a web-service, maybe you can figure out how it works and how to automate it using tools like Firebug
But sometimes it is impossible to do anything at all. And it is even more sad, if this routine task is really elementary and you can easily explain the logic: what menu to choose, what button to push, where you should enter text and so on.
At this point, you just spit on all and use your last resort – SikuliX.
With this tool, you can automate everything. It doesn’t matter if it is a web-service or a GUI application, what operating system it uses and so on. That’s all because SikuliX is working at the highest level. In fact, it just makes screenshots, analyses them as images, trying to find graphical elements that it should somehow use.
Previous post about Nessus v2 reports I was writing mainly about the format itself. Now let’s see how you can parse them with Python.
Please don’t work with XML documents the same way you process text files. I adore bash scripting and awk, but that’s an awful idea to use it for XML parsing. In Python you can do it much easier and the script will work much faster. I will use lxml library for this.
So, let’s assume that we have Nessus xml report. We could get it using Nessus API or SecurityCenter API. First of all, we need to read content of the file.
It is strange to even talk about custom reports based on vulnerability scans from Tenable products.
Just look at the variety of report templates available for SecurityCenter. For every taste and need! Why may you ever need to make any custom reports?
The thing is, if you want to use SecurityCenter reports you need to have all the scans of all your hosts in SecurityCenter and, as you know, SecurityCenter is licensed by IPs. What if you have tens of thousands of hosts? Price may be extremely high. In the other hand, you can take Nessus or SecurityCenter scan results via API (read how to do it in “Retrieving scan results through Nessus API” and “Tenable SecurityCenter and its API“) and process it with your own scripts for free.
Vulners collection is a zip archive containing all available objects of some type (e.g. CentOS security bulletins or OpenVAS detection plugins) from the Vulners Knowledge Base. Let’s see how to work with this data using powerful Python scripting language. You can read more about Vulners itself at “Vulners – Google for hacker“.
All collections are listed at https://vulners.com/#stats:
Note a gray icon with black arrow. Press it to download particular vulners collection.
OpenVAS collection link: https://vulners.com/api/v3/archive/collection/?type=openvas
If you need to get all objects for further analysis, you don’t need to make huge amount simmilar Search API requests. You just need to download one file. It’s takes less time and efforts and makes less load on Vulners service.