Skip to content
This repository was archived by the owner on May 3, 2020. It is now read-only.

Serpico Meta Language In Depth

Jump to bottom
BuffaloWill edited this page Nov 15, 2015 · 15 revisions

Meta language In-Depth

Here is the list of characters used:

Ω - A simple substitution variable.

ΩFULL_COMPANY_NAMEΩ

renders as:
Acme Corporation

§ - A User Defined Variable. These can be added by the user through UI. A user defined variable is very useful for adding your own variables to a report.

§my_executive_summary§

renders as:
Whatever the user has placed in the UI.

¬ - for each

¬finding¬
STUFF
∆

Renders as a for loop for every finding and prints 'STUFF' in each loop.

π - Substituition variable inside of for loops. Do not use Ω inside of a for loop.

¬report/findings_list/findings¬
πtitleπ
∆

Renders the finding title for every finding in the findings_list of the report.

NOTE: You can use multiple if statements with for:

¬report/findings_list/findings:::DREAD_TOTAL<50:::DREAD_TOTAL>30¬
πtitleπ
∆

# This is read as:
for each finding
if dread_total is less than 50
if dread_total is greater than 30

print title

close for loop and both if's

æ - for each loop for table rows only

::: - is used for if statements within the row

æreport/findings_list/findings:::DREAD_TOTAL>35æ

Renders a new table row every finding with a DREAD total greater than 35.

- Substituition variable inside of a for loop inside of a table. Only used in a table.

æreport/findings_list/findings:::DREAD_TOTAL>35æ ∞title∞

Renders a new table row with the title for every finding with a DREAD total greater than 35.

- if conditional

† DREAD_SCORE > 1 †
HELLO WORLD
¥

Renders a HELLO WORLD if the DREAD_SCORE is > 1

µ - Initiates choose/when structure

ƒ - The when value in a choose/when

å - Ends the choose/when not in a for-each

- Ends the choose/when inside of a for-each

¬overview/paragraph¬ 
µCONDITIONALµ π.π
ƒcodeƒ π.π
ƒitalicsƒ π.π
÷ π.π ≠

This will take each paragraph from the overview section of the finding. 
If the paragraph is labelled as code then the paragraph will be formatted as code. 
The "." above means the paragraph variable from the 'overview/paragraph' for loop.

- End for each

¥ - End if statement

The following are the components of a finding that are accessible. For example in:

¬report/findings_list/findings¬
πtitleπ
∆

Attribute List:

title
damage
reproducability
exploitability
affected_users
discoverability
effort
type
dread_total
overview
poc
remediation
notes
assessment_type
references
risk
affected_hosts
presentation_points

Clone this wiki locally