From f1e435e5900c7e7456f12631f5510cc3ea28f804 Mon Sep 17 00:00:00 2001 From: manuelsommer <47991713+manuel-sommer@users.noreply.github.com> Date: Fri, 19 Jan 2024 16:41:32 +0100 Subject: [PATCH] :sparkles: advance parser docs to provide sample scan data (#9347) * :sparkles: advance parser docs to provide sample scan data * update according to review comment * remove openvas-md from commit --- docs/content/en/integrations/parsers/file/acunetix.md | 3 +++ docs/content/en/integrations/parsers/file/acunetix360.md | 3 +++ .../en/integrations/parsers/file/anchore_enterprise.md | 3 +++ docs/content/en/integrations/parsers/file/anchore_grype.md | 1 - .../en/integrations/parsers/file/anchorectl_policies.md | 5 ++++- .../en/integrations/parsers/file/anchorectl_vulns.md | 5 ++++- docs/content/en/integrations/parsers/file/appspider.md | 3 +++ docs/content/en/integrations/parsers/file/aqua.md | 3 +++ docs/content/en/integrations/parsers/file/arachni.md | 3 +++ docs/content/en/integrations/parsers/file/asff.md | 3 +++ docs/content/en/integrations/parsers/file/auditjs.md | 3 +++ docs/content/en/integrations/parsers/file/aws_prowler.md | 3 +++ .../content/en/integrations/parsers/file/aws_prowler_v3.md | 1 - docs/content/en/integrations/parsers/file/aws_scout2.md | 3 +++ .../content/en/integrations/parsers/file/awssecurityhub.md | 1 - .../parsers/file/azure_security_center_recommendations.md | 3 +++ docs/content/en/integrations/parsers/file/bandit.md | 1 - docs/content/en/integrations/parsers/file/blackduck.md | 5 ++++- .../integrations/parsers/file/blackduck_binary_analysis.md | 3 +++ .../integrations/parsers/file/blackduck_component_risk.md | 5 ++++- docs/content/en/integrations/parsers/file/brakeman.md | 3 +++ docs/content/en/integrations/parsers/file/bugcrowd.md | 3 +++ docs/content/en/integrations/parsers/file/bundler_audit.md | 3 +++ docs/content/en/integrations/parsers/file/burp_api.md | 5 ++++- .../en/integrations/parsers/file/burp_enterprise.md | 5 ++--- docs/content/en/integrations/parsers/file/burp_graphql.md | 2 ++ docs/content/en/integrations/parsers/file/cargo_audit.md | 5 ++++- docs/content/en/integrations/parsers/file/checkmarx.md | 3 +++ docs/content/en/integrations/parsers/file/checkov.md | 2 +- docs/content/en/integrations/parsers/file/clair.md | 3 +++ docs/content/en/integrations/parsers/file/clair_klar.md | 5 ++++- docs/content/en/integrations/parsers/file/cloudsploit.md | 5 ++++- docs/content/en/integrations/parsers/file/cobalt.md | 3 +++ docs/content/en/integrations/parsers/file/codechecker.md | 3 +++ docs/content/en/integrations/parsers/file/contrast.md | 3 +++ docs/content/en/integrations/parsers/file/coverity_api.md | 3 +++ .../en/integrations/parsers/file/crashtest_security.md | 3 +++ docs/content/en/integrations/parsers/file/cred_scan.md | 3 +++ docs/content/en/integrations/parsers/file/cyclonedx.md | 5 ++++- docs/content/en/integrations/parsers/file/dawnscanner.md | 3 +++ .../en/integrations/parsers/file/dependency_check.md | 3 +++ .../en/integrations/parsers/file/dependency_track.md | 3 +++ .../content/en/integrations/parsers/file/detect_secrets.md | 5 ++++- docs/content/en/integrations/parsers/file/dockerbench.md | 5 ++++- docs/content/en/integrations/parsers/file/dockle.md | 5 ++++- docs/content/en/integrations/parsers/file/drheader.md | 3 +++ docs/content/en/integrations/parsers/file/dsop.md | 5 ++++- docs/content/en/integrations/parsers/file/edgescan.md | 1 + docs/content/en/integrations/parsers/file/eslint.md | 3 +++ docs/content/en/integrations/parsers/file/fortify.md | 3 +++ docs/content/en/integrations/parsers/file/generic.md | 3 +++ docs/content/en/integrations/parsers/file/ggshield.md | 5 ++++- .../en/integrations/parsers/file/github_vulnerability.md | 3 +++ .../en/integrations/parsers/file/gitlab_api_fuzzing.md | 5 ++++- .../en/integrations/parsers/file/gitlab_container_scan.md | 5 ++++- docs/content/en/integrations/parsers/file/gitlab_dast.md | 5 ++++- .../en/integrations/parsers/file/gitlab_dep_scan.md | 5 ++++- docs/content/en/integrations/parsers/file/gitlab_sast.md | 5 ++++- .../parsers/file/gitlab_secret_detection_report.md | 5 ++++- docs/content/en/integrations/parsers/file/gitleaks.md | 3 +++ docs/content/en/integrations/parsers/file/gosec.md | 3 +++ docs/content/en/integrations/parsers/file/govulncheck.md | 5 ++++- docs/content/en/integrations/parsers/file/h1.md | 5 ++++- docs/content/en/integrations/parsers/file/hadolint.md | 3 +++ .../en/integrations/parsers/file/harbor_vulnerability.md | 5 ++++- docs/content/en/integrations/parsers/file/hcl_appscan.md | 3 +++ docs/content/en/integrations/parsers/file/horusec.md | 4 +++- docs/content/en/integrations/parsers/file/humble.md | 5 ++++- docs/content/en/integrations/parsers/file/huskyci.md | 5 ++++- docs/content/en/integrations/parsers/file/hydra.md | 3 +++ docs/content/en/integrations/parsers/file/ibm_app.md | 3 +++ docs/content/en/integrations/parsers/file/immuniweb.md | 3 +++ docs/content/en/integrations/parsers/file/intsights.md | 3 +++ .../parsers/file/jfrog_xray_api_summary_artifact.md | 2 +- .../parsers/file/jfrog_xray_on_demand_binary_scan.md | 7 +++++-- .../en/integrations/parsers/file/jfrog_xray_unified.md | 3 +++ docs/content/en/integrations/parsers/file/jfrogxray.md | 3 +++ docs/content/en/integrations/parsers/file/kics.md | 3 +++ docs/content/en/integrations/parsers/file/kiuwan.md | 3 +++ docs/content/en/integrations/parsers/file/kubebench.md | 3 +++ docs/content/en/integrations/parsers/file/kubehunter.md | 3 +++ docs/content/en/integrations/parsers/file/meterian.md | 3 +++ .../en/integrations/parsers/file/microfocus_webinspect.md | 3 +++ docs/content/en/integrations/parsers/file/mobsf.md | 3 +++ docs/content/en/integrations/parsers/file/mobsfscan.md | 3 +++ .../en/integrations/parsers/file/mozilla_observatory.md | 3 +++ docs/content/en/integrations/parsers/file/ms_defender.md | 5 ++++- docs/content/en/integrations/parsers/file/netsparker.md | 3 +++ docs/content/en/integrations/parsers/file/neuvector.md | 5 ++++- .../en/integrations/parsers/file/neuvector_compliance.md | 5 ++++- docs/content/en/integrations/parsers/file/nexpose.md | 3 +++ docs/content/en/integrations/parsers/file/nikto.md | 5 ++++- docs/content/en/integrations/parsers/file/nmap.md | 3 +++ docs/content/en/integrations/parsers/file/npm_audit.md | 3 +++ docs/content/en/integrations/parsers/file/nsp.md | 3 +++ docs/content/en/integrations/parsers/file/nuclei.md | 3 +++ docs/content/en/integrations/parsers/file/openscap.md | 3 +++ docs/content/en/integrations/parsers/file/ort.md | 5 ++++- .../en/integrations/parsers/file/ossindex_devaudit.md | 5 ++++- docs/content/en/integrations/parsers/file/outpost24.md | 5 ++++- .../en/integrations/parsers/file/php_security_audit_v2.md | 3 +++ .../parsers/file/php_symfony_security_check.md | 3 +++ docs/content/en/integrations/parsers/file/pip_audit.md | 5 ++++- docs/content/en/integrations/parsers/file/pmd.md | 5 ++++- docs/content/en/integrations/parsers/file/popeye.md | 2 ++ docs/content/en/integrations/parsers/file/pwn_sast.md | 5 ++++- docs/content/en/integrations/parsers/file/qualys.md | 3 +++ .../integrations/parsers/file/qualys_infrascan_webgui.md | 5 ++++- docs/content/en/integrations/parsers/file/qualys_webapp.md | 3 +++ docs/content/en/integrations/parsers/file/retirejs.md | 3 +++ docs/content/en/integrations/parsers/file/risk_recon.md | 3 +++ docs/content/en/integrations/parsers/file/rubocop.md | 3 +++ docs/content/en/integrations/parsers/file/rusty_hog.md | 5 ++++- docs/content/en/integrations/parsers/file/sarif.md | 3 +++ docs/content/en/integrations/parsers/file/scantist.md | 5 ++++- docs/content/en/integrations/parsers/file/scout_suite.md | 5 ++++- docs/content/en/integrations/parsers/file/semgrep.md | 3 +++ docs/content/en/integrations/parsers/file/skf.md | 3 +++ docs/content/en/integrations/parsers/file/snyk.md | 3 +++ .../en/integrations/parsers/file/solar_appscreener.md | 5 ++++- docs/content/en/integrations/parsers/file/sonarqube.md | 3 +++ docs/content/en/integrations/parsers/file/sonatype.md | 3 +++ docs/content/en/integrations/parsers/file/spotbugs.md | 3 +++ docs/content/en/integrations/parsers/file/ssh_audit.md | 5 ++++- docs/content/en/integrations/parsers/file/ssl_labs.md | 3 +++ docs/content/en/integrations/parsers/file/sslscan.md | 3 +++ docs/content/en/integrations/parsers/file/sslyze.md | 5 +++-- docs/content/en/integrations/parsers/file/stackhawk.md | 5 ++++- .../content/en/integrations/parsers/file/sysdig_reports.md | 5 ++++- docs/content/en/integrations/parsers/file/talisman.md | 5 ++++- docs/content/en/integrations/parsers/file/tenable.md | 4 +++- docs/content/en/integrations/parsers/file/terrascan.md | 3 +++ docs/content/en/integrations/parsers/file/testssl.md | 3 +++ docs/content/en/integrations/parsers/file/tfsec.md | 3 +++ docs/content/en/integrations/parsers/file/trivy.md | 3 +++ .../content/en/integrations/parsers/file/trivy_operator.md | 3 +++ docs/content/en/integrations/parsers/file/trufflehog.md | 3 +++ docs/content/en/integrations/parsers/file/trufflehog3.md | 3 +++ docs/content/en/integrations/parsers/file/trustwave.md | 3 +++ .../en/integrations/parsers/file/trustwave_fusion_api.md | 5 ++++- docs/content/en/integrations/parsers/file/twistlock.md | 3 +++ docs/content/en/integrations/parsers/file/vcg.md | 1 + docs/content/en/integrations/parsers/file/veracode.md | 3 +++ docs/content/en/integrations/parsers/file/veracode_sca.md | 3 +++ docs/content/en/integrations/parsers/file/wapiti.md | 3 +++ docs/content/en/integrations/parsers/file/wazuh.md | 3 +++ docs/content/en/integrations/parsers/file/wfuzz.md | 5 ++++- docs/content/en/integrations/parsers/file/whispers.md | 4 +++- .../en/integrations/parsers/file/whitehat_sentinel.md | 5 ++++- docs/content/en/integrations/parsers/file/whitesource.md | 3 +++ docs/content/en/integrations/parsers/file/wpscan.md | 3 +++ docs/content/en/integrations/parsers/file/xanitizer.md | 5 ++++- docs/content/en/integrations/parsers/file/yarn_audit.md | 3 +++ docs/content/en/integrations/parsers/file/zap.md | 3 +++ 154 files changed, 489 insertions(+), 64 deletions(-) diff --git a/docs/content/en/integrations/parsers/file/acunetix.md b/docs/content/en/integrations/parsers/file/acunetix.md index 9bc0122928..96a2c2005c 100644 --- a/docs/content/en/integrations/parsers/file/acunetix.md +++ b/docs/content/en/integrations/parsers/file/acunetix.md @@ -3,3 +3,6 @@ title: "Acunetix Scanner" toc_hide: true --- XML format + +### Sample Scan Data +Sample Acunetix Scanner scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/acunetix). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/acunetix360.md b/docs/content/en/integrations/parsers/file/acunetix360.md index 135dff8898..01b208bbea 100644 --- a/docs/content/en/integrations/parsers/file/acunetix360.md +++ b/docs/content/en/integrations/parsers/file/acunetix360.md @@ -3,3 +3,6 @@ title: "Acunetix 360 Scanner" toc_hide: true --- Vulnerabilities List - JSON report + +### Sample Scan Data +Sample Acunetix 360 Scanner scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/acunetix360). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/anchore_enterprise.md b/docs/content/en/integrations/parsers/file/anchore_enterprise.md index 7aff9a7c4a..78d3441eb5 100644 --- a/docs/content/en/integrations/parsers/file/anchore_enterprise.md +++ b/docs/content/en/integrations/parsers/file/anchore_enterprise.md @@ -3,3 +3,6 @@ title: "Anchore Enterprise Policy Check" toc_hide: true --- Anchore-CLI JSON policy check report format. + +### Sample Scan Data +Sample Anchore Enterprise Policy Check scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/anchore_enterprise). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/anchore_grype.md b/docs/content/en/integrations/parsers/file/anchore_grype.md index 1316d69c54..02bb647384 100644 --- a/docs/content/en/integrations/parsers/file/anchore_grype.md +++ b/docs/content/en/integrations/parsers/file/anchore_grype.md @@ -12,7 +12,6 @@ Anchore Grype JSON files are created using the Grype CLI, using the '-o json' op grype yourApp/example-page -o json > example_vulns.json {{< /highlight >}} - ### Acceptable JSON Format All properties are expected as strings and are required by the parser. diff --git a/docs/content/en/integrations/parsers/file/anchorectl_policies.md b/docs/content/en/integrations/parsers/file/anchorectl_policies.md index 809ddbbd47..8ff36f7239 100644 --- a/docs/content/en/integrations/parsers/file/anchorectl_policies.md +++ b/docs/content/en/integrations/parsers/file/anchorectl_policies.md @@ -2,4 +2,7 @@ title: "AnchoreCTL Policies Report" toc_hide: true --- -AnchoreCTLs JSON policies report format \ No newline at end of file +AnchoreCTLs JSON policies report format + +### Sample Scan Data +Sample AnchoreCTL Policies Report scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/anchorectl_policies). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/anchorectl_vulns.md b/docs/content/en/integrations/parsers/file/anchorectl_vulns.md index 09d9d3ff90..7f41b0e0a4 100644 --- a/docs/content/en/integrations/parsers/file/anchorectl_vulns.md +++ b/docs/content/en/integrations/parsers/file/anchorectl_vulns.md @@ -2,4 +2,7 @@ title: "AnchoreCTL Vuln Report" toc_hide: true --- -AnchoreCTLs JSON vulnerability report format \ No newline at end of file +AnchoreCTLs JSON vulnerability report format + +### Sample Scan Data +Sample AnchoreCTL Vuln Report scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/anchorectl_vulns). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/appspider.md b/docs/content/en/integrations/parsers/file/appspider.md index 6a030ca4cc..0fd952c0f0 100644 --- a/docs/content/en/integrations/parsers/file/appspider.md +++ b/docs/content/en/integrations/parsers/file/appspider.md @@ -4,3 +4,6 @@ toc_hide: true --- Use the VulnerabilitiesSummary.xml file found in the zipped report download. + +### Sample Scan Data +Sample AppSpider (Rapid7) scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/appspider). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/aqua.md b/docs/content/en/integrations/parsers/file/aqua.md index 0186d3bf63..78b5f0cb38 100644 --- a/docs/content/en/integrations/parsers/file/aqua.md +++ b/docs/content/en/integrations/parsers/file/aqua.md @@ -3,3 +3,6 @@ title: "Aqua" toc_hide: true --- JSON report format. + +### Sample Scan Data +Sample Aqua scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/aqua). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/arachni.md b/docs/content/en/integrations/parsers/file/arachni.md index 296b0495da..0c48e534d1 100644 --- a/docs/content/en/integrations/parsers/file/arachni.md +++ b/docs/content/en/integrations/parsers/file/arachni.md @@ -9,3 +9,6 @@ Reports are generated with `arachni_reporter` tool this way: {{< highlight bash >}} arachni_reporter --reporter 'json' js.com.afr {{< /highlight >}} + +### Sample Scan Data +Sample Arachni Scanner scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/arachni). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/asff.md b/docs/content/en/integrations/parsers/file/asff.md index 75dafff971..de830908aa 100644 --- a/docs/content/en/integrations/parsers/file/asff.md +++ b/docs/content/en/integrations/parsers/file/asff.md @@ -8,3 +8,6 @@ AWS Security Hub consumes, aggregates, organizes, and prioritizes findings from Reference: https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format.html Prowler tool can generate this format with option `-M json-asff`. + +### Sample Scan Data +Sample AWS Security Finding Format (ASFF) scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/asff). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/auditjs.md b/docs/content/en/integrations/parsers/file/auditjs.md index 7fadb7be0e..03ed4e4bf8 100644 --- a/docs/content/en/integrations/parsers/file/auditjs.md +++ b/docs/content/en/integrations/parsers/file/auditjs.md @@ -7,3 +7,6 @@ AuditJS scanning tool using OSSIndex database and generated with `--json` or `-j {{< highlight bash >}} auditjs ossi --json > auditjs_report.json {{< /highlight >}} + +### Sample Scan Data +Sample AuditJS (OSSIndex) scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/auditjs). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/aws_prowler.md b/docs/content/en/integrations/parsers/file/aws_prowler.md index 1d20fb615d..628b657ef0 100644 --- a/docs/content/en/integrations/parsers/file/aws_prowler.md +++ b/docs/content/en/integrations/parsers/file/aws_prowler.md @@ -3,3 +3,6 @@ title: "AWS Prowler Scanner" toc_hide: true --- Prowler file can be imported as a CSV (`-M csv`) or JSON (`-M json`) file. + +### Sample Scan Data +Sample AWS Prowler Scanner scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/aws_prowler). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/aws_prowler_v3.md b/docs/content/en/integrations/parsers/file/aws_prowler_v3.md index 7e98fb826e..17dcf9698a 100644 --- a/docs/content/en/integrations/parsers/file/aws_prowler_v3.md +++ b/docs/content/en/integrations/parsers/file/aws_prowler_v3.md @@ -8,7 +8,6 @@ DefectDojo parser accepts a .json file. Please note: earlier versions of AWS Pr JSON reports can be created from the [AWS Prowler V3 CLI](https://docs.prowler.cloud/en/latest/tutorials/reporting/#json) using the following command: `prowler -M json` - ### Acceptable JSON Format Parser expects an array of assessments. All properties are strings and are required by the parser. diff --git a/docs/content/en/integrations/parsers/file/aws_scout2.md b/docs/content/en/integrations/parsers/file/aws_scout2.md index ef2ce4d8f1..2a5cbbf715 100644 --- a/docs/content/en/integrations/parsers/file/aws_scout2.md +++ b/docs/content/en/integrations/parsers/file/aws_scout2.md @@ -12,3 +12,6 @@ Please switch to the new parser for ScoutSuite. {{% alert title="Warning" color="warning" %}} This parser is disactivated by default in releases >= 2.3.1 and will be removed in release >= 3.x.x. {{% /alert %}} + +### Sample Scan Data +Sample AWS Scout2 Scanner (deprecated) scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/aws_scout2). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/awssecurityhub.md b/docs/content/en/integrations/parsers/file/awssecurityhub.md index 826eae53a5..dc2a2f06b4 100644 --- a/docs/content/en/integrations/parsers/file/awssecurityhub.md +++ b/docs/content/en/integrations/parsers/file/awssecurityhub.md @@ -7,7 +7,6 @@ DefectDojo parser accepts a .json file. JSON reports can be created from the [AWS Security Hub CLI](https://docs.aws.amazon.com/cli/latest/reference/securityhub/get-findings.html) using the following command: `aws securityhub get-findings`. - ### Acceptable JSON Format Parser expects a .json file, with an array of Findings contained within a single JSON object. All properties are strings and are required by the parser. diff --git a/docs/content/en/integrations/parsers/file/azure_security_center_recommendations.md b/docs/content/en/integrations/parsers/file/azure_security_center_recommendations.md index 8220d347e3..c4bffbd7a3 100644 --- a/docs/content/en/integrations/parsers/file/azure_security_center_recommendations.md +++ b/docs/content/en/integrations/parsers/file/azure_security_center_recommendations.md @@ -3,3 +3,6 @@ title: "Azure Security Center Recommendations Scan" toc_hide: true --- Azure Security Center recommendations can be exported from the user interface in CSV format. + +### Sample Scan Data +Sample Azure Security Center Recommendations Scan scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/azure_security_center_recommendations). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/bandit.md b/docs/content/en/integrations/parsers/file/bandit.md index cf2734e0f5..604bbdffb3 100644 --- a/docs/content/en/integrations/parsers/file/bandit.md +++ b/docs/content/en/integrations/parsers/file/bandit.md @@ -9,7 +9,6 @@ DefectDojo parser accepts a .json file. To export a .json file from Bandit, you will need to install and run the .json report formatter from your Bandit instance. See Bandit documentation: https://bandit.readthedocs.io/en/latest/formatters/index.html - ### Acceptable JSON Format All properties are expected as strings, except "metrics" properties, which are expected as numbers. All properties are required by the parser. diff --git a/docs/content/en/integrations/parsers/file/blackduck.md b/docs/content/en/integrations/parsers/file/blackduck.md index 232d817ad1..7f8226fd1e 100644 --- a/docs/content/en/integrations/parsers/file/blackduck.md +++ b/docs/content/en/integrations/parsers/file/blackduck.md @@ -8,4 +8,7 @@ toc_hide: true The zip file must contain the security.csv and files.csv in order to produce findings that bear file locations information. * Import a single security.csv file. Findings will not have any file location -information. \ No newline at end of file +information. + +### Sample Scan Data +Sample Blackduck Hub scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/blackduck). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/blackduck_binary_analysis.md b/docs/content/en/integrations/parsers/file/blackduck_binary_analysis.md index af573a1f0f..a51cea701a 100644 --- a/docs/content/en/integrations/parsers/file/blackduck_binary_analysis.md +++ b/docs/content/en/integrations/parsers/file/blackduck_binary_analysis.md @@ -18,3 +18,6 @@ Black Duck Binary Analysis can also detect if sensitive information like email a #### **How** #### * Initiate Black Duck Binary Analysis scans using the UI, REST API, or drivers such as [pwn_bdba_scan](https://github.com/0dayinc/pwn/blob/master/bin/pwn_bdba_scan) found within the security automation framework, [PWN](https://github.com/0dayinc/pwn) * Import a single BDBA vulnerabilty csv results file into DefectDojo leveraging the UI, REST API, or drivers such as [pwn_defectdojo_importscan](https://github.com/0dayInc/pwn/blob/master/bin/pwn_defectdojo_importscan) or [pwn_defectdojo_reimportscan](https://github.com/0dayInc/pwn/blob/master/bin/pwn_defectdojo_reimportscan). + +### Sample Scan Data +Sample Blackduck Binary Analysis scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/blackduck_binary_analysis). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/blackduck_component_risk.md b/docs/content/en/integrations/parsers/file/blackduck_component_risk.md index 7344a94f77..0a8ff1e7b1 100644 --- a/docs/content/en/integrations/parsers/file/blackduck_component_risk.md +++ b/docs/content/en/integrations/parsers/file/blackduck_component_risk.md @@ -2,4 +2,7 @@ title: "Blackduck Component Risk" toc_hide: true --- -Upload the zip file containing the security.csv and files.csv. \ No newline at end of file +Upload the zip file containing the security.csv and files.csv. + +### Sample Scan Data +Sample Blackduck Component Risk scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/blackduck_component_risk). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/brakeman.md b/docs/content/en/integrations/parsers/file/brakeman.md index 1a45149caf..ca70864138 100644 --- a/docs/content/en/integrations/parsers/file/brakeman.md +++ b/docs/content/en/integrations/parsers/file/brakeman.md @@ -3,3 +3,6 @@ title: "Brakeman Scan" toc_hide: true --- Import Brakeman Scanner findings in JSON format. + +### Sample Scan Data +Sample Brakeman Scan scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/brakeman). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/bugcrowd.md b/docs/content/en/integrations/parsers/file/bugcrowd.md index bd7bf34327..a04076f853 100644 --- a/docs/content/en/integrations/parsers/file/bugcrowd.md +++ b/docs/content/en/integrations/parsers/file/bugcrowd.md @@ -3,3 +3,6 @@ title: "Bugcrowd" toc_hide: true --- Import Bugcrowd results in CSV format. + +### Sample Scan Data +Sample Bugcrowd scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/bugcrowd). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/bundler_audit.md b/docs/content/en/integrations/parsers/file/bundler_audit.md index f1d94ef7f3..04d8bceb42 100644 --- a/docs/content/en/integrations/parsers/file/bundler_audit.md +++ b/docs/content/en/integrations/parsers/file/bundler_audit.md @@ -3,3 +3,6 @@ title: "Bundler-Audit" toc_hide: true --- Import the text output generated with bundle-audit check + +### Sample Scan Data +Sample Bundler-Audit scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/bundler_audit). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/burp_api.md b/docs/content/en/integrations/parsers/file/burp_api.md index 887895437e..686e781b04 100644 --- a/docs/content/en/integrations/parsers/file/burp_api.md +++ b/docs/content/en/integrations/parsers/file/burp_api.md @@ -2,4 +2,7 @@ title: "Burp REST API" toc_hide: true --- -Import Burp REST API scan data in JSON format (/scan/[task_id] endpoint). \ No newline at end of file +Import Burp REST API scan data in JSON format (/scan/[task_id] endpoint). + +### Sample Scan Data +Sample Burp REST API scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/burp_api). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/burp_enterprise.md b/docs/content/en/integrations/parsers/file/burp_enterprise.md index 18338bbb5d..a328ac1b13 100644 --- a/docs/content/en/integrations/parsers/file/burp_enterprise.md +++ b/docs/content/en/integrations/parsers/file/burp_enterprise.md @@ -9,6 +9,5 @@ DefectDojo parser accepts a Standard Report as an HTML file. To parse an XML fi See also Burp documentation for info on how to export a Standard Report: https://portswigger.net/burp/documentation/enterprise/work-with-scan-results/generate-reports - -### Sample Reports -A standard Burp Enterprise HTML Report can be found at https://github.com/DefectDojo/django-DefectDojo/blob/master/unittests/scans/burp_enterprise/many_vulns.html. +### Sample Scan Data +Sample Burp Enterprise Scan scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/burp_enterprise). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/burp_graphql.md b/docs/content/en/integrations/parsers/file/burp_graphql.md index 3ac18b987c..90d60c4394 100644 --- a/docs/content/en/integrations/parsers/file/burp_graphql.md +++ b/docs/content/en/integrations/parsers/file/burp_graphql.md @@ -104,3 +104,5 @@ Example GraphQL query to get issue details: } {{< /highlight >}} +### Sample Scan Data +Sample Burp GraphQL scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/burp_graphql). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/cargo_audit.md b/docs/content/en/integrations/parsers/file/cargo_audit.md index 37d7089c41..d56b41200c 100644 --- a/docs/content/en/integrations/parsers/file/cargo_audit.md +++ b/docs/content/en/integrations/parsers/file/cargo_audit.md @@ -2,4 +2,7 @@ title: "CargoAudit Scan" toc_hide: true --- -Import JSON output of cargo-audit scan report \ No newline at end of file +Import JSON output of cargo-audit scan report + +### Sample Scan Data +Sample CargoAudit Scan scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/cargo_audit). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/checkmarx.md b/docs/content/en/integrations/parsers/file/checkmarx.md index df62aae803..679adf935f 100644 --- a/docs/content/en/integrations/parsers/file/checkmarx.md +++ b/docs/content/en/integrations/parsers/file/checkmarx.md @@ -12,3 +12,6 @@ That will generate three files, two of which are needed for defectdojo. Build th `jq -s . CxOSAVulnerabilities.json CxOSALibraries.json` Data for SAST, SCA and KICS are supported. + +### Sample Scan Data +Sample Checkmarx scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/checkmarx). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/checkov.md b/docs/content/en/integrations/parsers/file/checkov.md index 8a34d1e969..8c45815da1 100644 --- a/docs/content/en/integrations/parsers/file/checkov.md +++ b/docs/content/en/integrations/parsers/file/checkov.md @@ -49,4 +49,4 @@ JSON files can be created from the Checkov CLI: https://www.checkov.io/2.Basics/ ~~~ ### Sample Scan Data -Sample Checkov scans can be found at https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/checkov +Sample Checkov scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/checkov). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/clair.md b/docs/content/en/integrations/parsers/file/clair.md index e2e9bd6dc5..235f801ee9 100644 --- a/docs/content/en/integrations/parsers/file/clair.md +++ b/docs/content/en/integrations/parsers/file/clair.md @@ -3,3 +3,6 @@ title: "Clair Scan" toc_hide: true --- Import JSON reports of Docker image vulnerabilities. + +### Sample Scan Data +Sample Clair Scan scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/clair). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/clair_klar.md b/docs/content/en/integrations/parsers/file/clair_klar.md index 4328a17bda..05651bf267 100644 --- a/docs/content/en/integrations/parsers/file/clair_klar.md +++ b/docs/content/en/integrations/parsers/file/clair_klar.md @@ -3,4 +3,7 @@ title: "Clair Klar Scan" toc_hide: true --- Import JSON reports of Docker image vulnerabilities from clair klar -client. \ No newline at end of file +client. + +### Sample Scan Data +Sample Clair Klar Scan scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/clair_klar). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/cloudsploit.md b/docs/content/en/integrations/parsers/file/cloudsploit.md index 653a3b3289..8e178efdff 100644 --- a/docs/content/en/integrations/parsers/file/cloudsploit.md +++ b/docs/content/en/integrations/parsers/file/cloudsploit.md @@ -2,4 +2,7 @@ title: "Cloudsploit (AquaSecurity)" toc_hide: true --- -From: https://github.com/aquasecurity/cloudsploit . Import the JSON output. \ No newline at end of file +From: https://github.com/aquasecurity/cloudsploit . Import the JSON output. + +### Sample Scan Data +Sample Cloudsploit (AquaSecurity) scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/cloudsploit). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/cobalt.md b/docs/content/en/integrations/parsers/file/cobalt.md index 59a7d2d4db..c17f0f662a 100644 --- a/docs/content/en/integrations/parsers/file/cobalt.md +++ b/docs/content/en/integrations/parsers/file/cobalt.md @@ -3,3 +3,6 @@ title: "Cobalt.io Scan" toc_hide: true --- CSV Report + +### Sample Scan Data +Sample Cobalt.io Scan scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/cobalt). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/codechecker.md b/docs/content/en/integrations/parsers/file/codechecker.md index 71c2fb6c22..912fdcab26 100644 --- a/docs/content/en/integrations/parsers/file/codechecker.md +++ b/docs/content/en/integrations/parsers/file/codechecker.md @@ -19,3 +19,6 @@ then analyze it ```shell CodeChecker analyze ./codechecker.log -o /path/to/codechecker/analyzer/output/directory ``` + +### Sample Scan Data +Sample Codechecker Report native scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/codechecker). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/contrast.md b/docs/content/en/integrations/parsers/file/contrast.md index bfd1315b29..bf667bc7bd 100644 --- a/docs/content/en/integrations/parsers/file/contrast.md +++ b/docs/content/en/integrations/parsers/file/contrast.md @@ -3,3 +3,6 @@ title: "Contrast Scanner" toc_hide: true --- CSV Report + +### Sample Scan Data +Sample Contrast Scanner scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/contrast). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/coverity_api.md b/docs/content/en/integrations/parsers/file/coverity_api.md index afc3d4ae49..8d72942a29 100644 --- a/docs/content/en/integrations/parsers/file/coverity_api.md +++ b/docs/content/en/integrations/parsers/file/coverity_api.md @@ -11,3 +11,6 @@ Currently these columns are mandatory: * `firstDetected` (`First Detected` in the UI) Other supported attributes: `cwe`, `displayFile`, `occurrenceCount` and `firstDetected` + +### Sample Scan Data +Sample Coverity API scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/coverity_api). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/crashtest_security.md b/docs/content/en/integrations/parsers/file/crashtest_security.md index 9c7c0f4a19..cce1b524cf 100644 --- a/docs/content/en/integrations/parsers/file/crashtest_security.md +++ b/docs/content/en/integrations/parsers/file/crashtest_security.md @@ -3,3 +3,6 @@ title: "Crashtest Security" toc_hide: true --- Import JSON Report Import XML Report in JUnit Format + +### Sample Scan Data +Sample Crashtest Security scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/crashtest_security). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/cred_scan.md b/docs/content/en/integrations/parsers/file/cred_scan.md index f3031bee28..7a52a74b14 100644 --- a/docs/content/en/integrations/parsers/file/cred_scan.md +++ b/docs/content/en/integrations/parsers/file/cred_scan.md @@ -3,3 +3,6 @@ title: "CredScan Report" toc_hide: true --- Import CSV credential scanner reports + +### Sample Scan Data +Sample CredScan Report scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/cred_scan). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/cyclonedx.md b/docs/content/en/integrations/parsers/file/cyclonedx.md index 543e70ee56..d0d6a4e61a 100644 --- a/docs/content/en/integrations/parsers/file/cyclonedx.md +++ b/docs/content/en/integrations/parsers/file/cyclonedx.md @@ -25,4 +25,7 @@ cyclonedx-py -i - the alternate filename to a frozen requirements.txt -o - the bom file to create -j - generate JSON instead of XML -{{< /highlight >}} \ No newline at end of file +{{< /highlight >}} + +### Sample Scan Data +Sample CycloneDX scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/cyclonedx). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/dawnscanner.md b/docs/content/en/integrations/parsers/file/dawnscanner.md index 931d641732..bc3682cf9a 100644 --- a/docs/content/en/integrations/parsers/file/dawnscanner.md +++ b/docs/content/en/integrations/parsers/file/dawnscanner.md @@ -3,3 +3,6 @@ title: "DawnScanner" toc_hide: true --- Import report in JSON generated with -j option + +### Sample Scan Data +Sample DawnScanner scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/dawnscanner). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/dependency_check.md b/docs/content/en/integrations/parsers/file/dependency_check.md index 0882a74885..ddc631a127 100644 --- a/docs/content/en/integrations/parsers/file/dependency_check.md +++ b/docs/content/en/integrations/parsers/file/dependency_check.md @@ -8,3 +8,6 @@ OWASP Dependency Check output can be imported in Xml format. This parser ingests * Suppressed vulnerabilities are marked as mitigated. * If the suppression is missing any `` tag, it tags them as `no_suppression_document`. * Related vulnerable dependencies are tagged with `related` tag. + +### Sample Scan Data +Sample Dependency Check scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/dependency_check). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/dependency_track.md b/docs/content/en/integrations/parsers/file/dependency_track.md index 10e90f28e0..147d0afe4b 100644 --- a/docs/content/en/integrations/parsers/file/dependency_track.md +++ b/docs/content/en/integrations/parsers/file/dependency_track.md @@ -9,3 +9,6 @@ https://docs.dependencytrack.org/integrations/defectdojo/ Alternatively, the Finding Packaging Format (FPF) from OWASP Dependency Track can be imported in JSON format. See here for more info on this JSON format: + +### Sample Scan Data +Sample Dependency Track scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/dependency_track). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/detect_secrets.md b/docs/content/en/integrations/parsers/file/detect_secrets.md index 7d0f9ae2ff..b9a5419938 100644 --- a/docs/content/en/integrations/parsers/file/detect_secrets.md +++ b/docs/content/en/integrations/parsers/file/detect_secrets.md @@ -2,4 +2,7 @@ title: "Detect-secrets" toc_hide: true --- -Import of JSON report from \ No newline at end of file +Import of JSON report from + +### Sample Scan Data +Sample Detect-secrets scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/detect_secrets). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/dockerbench.md b/docs/content/en/integrations/parsers/file/dockerbench.md index 793850a1cb..f4f2840fa7 100644 --- a/docs/content/en/integrations/parsers/file/dockerbench.md +++ b/docs/content/en/integrations/parsers/file/dockerbench.md @@ -3,4 +3,7 @@ title: "docker-bench-security Scanner" toc_hide: true --- Import JSON reports of OWASP [docker-bench-security](https://github.com/docker/docker-bench-security). -docker-bench-security is a script that make tests based on [CIS Docker Benchmark](https://www.cisecurity.org/benchmark/docker/). \ No newline at end of file +docker-bench-security is a script that make tests based on [CIS Docker Benchmark](https://www.cisecurity.org/benchmark/docker/). + +### Sample Scan Data +Sample docker-bench-security Scanner scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/dockerbench). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/dockle.md b/docs/content/en/integrations/parsers/file/dockle.md index f3732f225e..b3944b174d 100644 --- a/docs/content/en/integrations/parsers/file/dockle.md +++ b/docs/content/en/integrations/parsers/file/dockle.md @@ -3,4 +3,7 @@ title: "Dockle Report" toc_hide: true --- Import JSON container image linter reports - \ No newline at end of file + + +### Sample Scan Data +Sample Dockle Report scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/dockle). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/drheader.md b/docs/content/en/integrations/parsers/file/drheader.md index b6c775ad2d..26789703c9 100644 --- a/docs/content/en/integrations/parsers/file/drheader.md +++ b/docs/content/en/integrations/parsers/file/drheader.md @@ -4,3 +4,6 @@ toc_hide: true --- Import of JSON report from + +### Sample Scan Data +Sample DrHeader scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/drheader). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/dsop.md b/docs/content/en/integrations/parsers/file/dsop.md index 0fe62eaf4d..cbee05be1b 100644 --- a/docs/content/en/integrations/parsers/file/dsop.md +++ b/docs/content/en/integrations/parsers/file/dsop.md @@ -2,4 +2,7 @@ title: "DSOP Scan" toc_hide: true --- -Import XLSX findings from DSOP vulnerability scan pipelines. \ No newline at end of file +Import XLSX findings from DSOP vulnerability scan pipelines. + +### Sample Scan Data +Sample DSOP Scan scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/dsop). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/edgescan.md b/docs/content/en/integrations/parsers/file/edgescan.md index a208320f37..aca05133a7 100644 --- a/docs/content/en/integrations/parsers/file/edgescan.md +++ b/docs/content/en/integrations/parsers/file/edgescan.md @@ -3,3 +3,4 @@ title: "Edgescan" toc_hide: true --- Import Edgescan vulnerabilities by JSON file or [API - no file required](../../api/edgescan.md) + diff --git a/docs/content/en/integrations/parsers/file/eslint.md b/docs/content/en/integrations/parsers/file/eslint.md index 27d5e6b845..8bf3dbcafa 100644 --- a/docs/content/en/integrations/parsers/file/eslint.md +++ b/docs/content/en/integrations/parsers/file/eslint.md @@ -3,3 +3,6 @@ title: "ESLint" toc_hide: true --- ESLint Json report format (-f json) + +### Sample Scan Data +Sample ESLint scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/eslint). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/fortify.md b/docs/content/en/integrations/parsers/file/fortify.md index 3f47bb64f3..bbd44f4fff 100644 --- a/docs/content/en/integrations/parsers/file/fortify.md +++ b/docs/content/en/integrations/parsers/file/fortify.md @@ -3,3 +3,6 @@ title: "Fortify" toc_hide: true --- Import Findings from XML file format. + +### Sample Scan Data +Sample Fortify scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/fortify). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/generic.md b/docs/content/en/integrations/parsers/file/generic.md index 062f96ba63..36e90ab655 100644 --- a/docs/content/en/integrations/parsers/file/generic.md +++ b/docs/content/en/integrations/parsers/file/generic.md @@ -110,3 +110,6 @@ Example: ] } ``` + +### Sample Scan Data +Sample Generic Findings Import scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/generic). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/ggshield.md b/docs/content/en/integrations/parsers/file/ggshield.md index 6552df96b8..4f106162e5 100644 --- a/docs/content/en/integrations/parsers/file/ggshield.md +++ b/docs/content/en/integrations/parsers/file/ggshield.md @@ -2,4 +2,7 @@ title: "Ggshield" toc_hide: true --- -Import [Ggshield](https://github.com/GitGuardian/ggshield) findings in JSON format. \ No newline at end of file +Import [Ggshield](https://github.com/GitGuardian/ggshield) findings in JSON format. + +### Sample Scan Data +Sample Ggshield scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/ggshield). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/github_vulnerability.md b/docs/content/en/integrations/parsers/file/github_vulnerability.md index fdde6cc3e0..8e4f3a8222 100644 --- a/docs/content/en/integrations/parsers/file/github_vulnerability.md +++ b/docs/content/en/integrations/parsers/file/github_vulnerability.md @@ -209,3 +209,6 @@ def get_dependabot_alerts_repository(repo, owner): ) return json.dumps(output_result, indent=2) ``` + +### Sample Scan Data +Sample Github Vulnerability scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/github_vulnerability). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/gitlab_api_fuzzing.md b/docs/content/en/integrations/parsers/file/gitlab_api_fuzzing.md index cfa8afbc4e..9ef8535dac 100644 --- a/docs/content/en/integrations/parsers/file/gitlab_api_fuzzing.md +++ b/docs/content/en/integrations/parsers/file/gitlab_api_fuzzing.md @@ -2,4 +2,7 @@ title: "GitLab API Fuzzing Report Scan" toc_hide: true --- -GitLab API Fuzzing Report report file can be imported in JSON format (option --json) \ No newline at end of file +GitLab API Fuzzing Report report file can be imported in JSON format (option --json) + +### Sample Scan Data +Sample GitLab API Fuzzing Report Scan scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/gitlab_api_fuzzing). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/gitlab_container_scan.md b/docs/content/en/integrations/parsers/file/gitlab_container_scan.md index 8d3a546f8f..5ff26c7573 100644 --- a/docs/content/en/integrations/parsers/file/gitlab_container_scan.md +++ b/docs/content/en/integrations/parsers/file/gitlab_container_scan.md @@ -2,4 +2,7 @@ title: "GitLab Container Scan" toc_hide: true --- -GitLab Container Scan report file can be imported in JSON format (option --json) \ No newline at end of file +GitLab Container Scan report file can be imported in JSON format (option --json) + +### Sample Scan Data +Sample GitLab Container Scan scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/gitlab_container_scan). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/gitlab_dast.md b/docs/content/en/integrations/parsers/file/gitlab_dast.md index 000ad7760d..b3abcfcc8a 100644 --- a/docs/content/en/integrations/parsers/file/gitlab_dast.md +++ b/docs/content/en/integrations/parsers/file/gitlab_dast.md @@ -2,4 +2,7 @@ title: "GitLab DAST Report" toc_hide: true --- -GitLab DAST Report in JSON format (option --json) \ No newline at end of file +GitLab DAST Report in JSON format (option --json) + +### Sample Scan Data +Sample GitLab DAST Report scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/gitlab_dast). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/gitlab_dep_scan.md b/docs/content/en/integrations/parsers/file/gitlab_dep_scan.md index 46179e96e8..bb5e9bfe30 100644 --- a/docs/content/en/integrations/parsers/file/gitlab_dep_scan.md +++ b/docs/content/en/integrations/parsers/file/gitlab_dep_scan.md @@ -2,4 +2,7 @@ title: "GitLab Dependency Scanning Report" toc_hide: true --- -Import Dependency Scanning Report vulnerabilities in JSON format: https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#reports-json-format \ No newline at end of file +Import Dependency Scanning Report vulnerabilities in JSON format: https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#reports-json-format + +### Sample Scan Data +Sample GitLab Dependency Scanning Report scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/gitlab_dep_scan). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/gitlab_sast.md b/docs/content/en/integrations/parsers/file/gitlab_sast.md index 926b62a204..e592da480a 100644 --- a/docs/content/en/integrations/parsers/file/gitlab_sast.md +++ b/docs/content/en/integrations/parsers/file/gitlab_sast.md @@ -2,4 +2,7 @@ title: "GitLab SAST Report" toc_hide: true --- -Import SAST Report vulnerabilities in JSON format: https://docs.gitlab.com/ee/user/application_security/sast/#reports-json-format \ No newline at end of file +Import SAST Report vulnerabilities in JSON format: https://docs.gitlab.com/ee/user/application_security/sast/#reports-json-format + +### Sample Scan Data +Sample GitLab SAST Report scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/gitlab_sast). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/gitlab_secret_detection_report.md b/docs/content/en/integrations/parsers/file/gitlab_secret_detection_report.md index 919227db94..f3a0d2dc99 100644 --- a/docs/content/en/integrations/parsers/file/gitlab_secret_detection_report.md +++ b/docs/content/en/integrations/parsers/file/gitlab_secret_detection_report.md @@ -2,4 +2,7 @@ title: "GitLab Secret Detection Report" toc_hide: true --- -GitLab Secret Detection Report file can be imported in JSON format (option --json). \ No newline at end of file +GitLab Secret Detection Report file can be imported in JSON format (option --json). + +### Sample Scan Data +Sample GitLab Secret Detection Report scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/gitlab_secret_detection_report). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/gitleaks.md b/docs/content/en/integrations/parsers/file/gitleaks.md index ed0555972e..00b067e467 100644 --- a/docs/content/en/integrations/parsers/file/gitleaks.md +++ b/docs/content/en/integrations/parsers/file/gitleaks.md @@ -3,3 +3,6 @@ title: "Gitleaks" toc_hide: true --- Import Gitleaks findings in JSON format. + +### Sample Scan Data +Sample Gitleaks scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/gitleaks). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/gosec.md b/docs/content/en/integrations/parsers/file/gosec.md index 5c4cec0be5..fbe5bcbf2e 100644 --- a/docs/content/en/integrations/parsers/file/gosec.md +++ b/docs/content/en/integrations/parsers/file/gosec.md @@ -3,3 +3,6 @@ title: "Gosec Scanner" toc_hide: true --- Import Gosec Scanner findings in JSON format. + +### Sample Scan Data +Sample Gosec Scanner scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/gosec). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/govulncheck.md b/docs/content/en/integrations/parsers/file/govulncheck.md index 47eb5df749..8637fc2a42 100644 --- a/docs/content/en/integrations/parsers/file/govulncheck.md +++ b/docs/content/en/integrations/parsers/file/govulncheck.md @@ -2,4 +2,7 @@ title: "Govulncheck" toc_hide: true --- -JSON vulnerability report generated by govulncheck tool, using a command like `govulncheck -json . >> report.json` \ No newline at end of file +JSON vulnerability report generated by govulncheck tool, using a command like `govulncheck -json . >> report.json` + +### Sample Scan Data +Sample Govulncheck scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/govulncheck). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/h1.md b/docs/content/en/integrations/parsers/file/h1.md index 3d93271a80..da01131f9c 100644 --- a/docs/content/en/integrations/parsers/file/h1.md +++ b/docs/content/en/integrations/parsers/file/h1.md @@ -2,4 +2,7 @@ title: "HackerOne Cases" toc_hide: true --- -Import HackerOne cases findings in JSON format \ No newline at end of file +Import HackerOne cases findings in JSON format + +### Sample Scan Data +Sample HackerOne Cases scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/h1). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/hadolint.md b/docs/content/en/integrations/parsers/file/hadolint.md index 0f884b58ec..ccc60f7b63 100644 --- a/docs/content/en/integrations/parsers/file/hadolint.md +++ b/docs/content/en/integrations/parsers/file/hadolint.md @@ -3,3 +3,6 @@ title: "Hadolint" toc_hide: true --- Hadolint Dockerfile scan in json format. + +### Sample Scan Data +Sample Hadolint scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/hadolint). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/harbor_vulnerability.md b/docs/content/en/integrations/parsers/file/harbor_vulnerability.md index 12ff2a1c6a..33878003bd 100644 --- a/docs/content/en/integrations/parsers/file/harbor_vulnerability.md +++ b/docs/content/en/integrations/parsers/file/harbor_vulnerability.md @@ -3,4 +3,7 @@ title: "Harbor Vulnerability" toc_hide: true --- Import findings from Harbor registry container scan: - \ No newline at end of file + + +### Sample Scan Data +Sample Harbor Vulnerability scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/harbor_vulnerability). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/hcl_appscan.md b/docs/content/en/integrations/parsers/file/hcl_appscan.md index ef2f68c599..aae796606f 100644 --- a/docs/content/en/integrations/parsers/file/hcl_appscan.md +++ b/docs/content/en/integrations/parsers/file/hcl_appscan.md @@ -3,3 +3,6 @@ title: "HCL Appscan" toc_hide: true --- The HCL Appscan has the possibiilty to export the results in PDF, XML and CSV formats within the portal. However, this parser only supports the import of XML generated from HCL Appscan on cloud. + +### Sample Scan Data +Sample HCL Appscan scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/hcl_appscan). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/horusec.md b/docs/content/en/integrations/parsers/file/horusec.md index 7a6a4fecd1..b347bef33e 100644 --- a/docs/content/en/integrations/parsers/file/horusec.md +++ b/docs/content/en/integrations/parsers/file/horusec.md @@ -10,4 +10,6 @@ Import findings from Horusec scan. References: * [GitHub repository](https://github.com/ZupIT/horusec) - \ No newline at end of file + +### Sample Scan Data +Sample Horusec scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/horusec). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/humble.md b/docs/content/en/integrations/parsers/file/humble.md index 56c3f73b52..e2e4faaec8 100644 --- a/docs/content/en/integrations/parsers/file/humble.md +++ b/docs/content/en/integrations/parsers/file/humble.md @@ -3,4 +3,7 @@ title: "Humble Report" toc_hide: true --- Import JSON report of the Humble scanner - \ No newline at end of file + + +### Sample Scan Data +Sample Humble Report scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/humble). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/huskyci.md b/docs/content/en/integrations/parsers/file/huskyci.md index 4ccdb31b57..660e00505b 100644 --- a/docs/content/en/integrations/parsers/file/huskyci.md +++ b/docs/content/en/integrations/parsers/file/huskyci.md @@ -3,4 +3,7 @@ title: "HuskyCI Report" toc_hide: true --- Import JSON reports from -[HuskyCI]() \ No newline at end of file +[HuskyCI]() + +### Sample Scan Data +Sample HuskyCI Report scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/huskyci). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/hydra.md b/docs/content/en/integrations/parsers/file/hydra.md index 701e8569a6..abd5a644d8 100644 --- a/docs/content/en/integrations/parsers/file/hydra.md +++ b/docs/content/en/integrations/parsers/file/hydra.md @@ -38,3 +38,6 @@ Sample JSON report: "success": false } ``` + +### Sample Scan Data +Sample Hydra scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/hydra). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/ibm_app.md b/docs/content/en/integrations/parsers/file/ibm_app.md index e97d9f785d..71ffd51815 100644 --- a/docs/content/en/integrations/parsers/file/ibm_app.md +++ b/docs/content/en/integrations/parsers/file/ibm_app.md @@ -3,3 +3,6 @@ title: "IBM AppScan DAST" toc_hide: true --- XML file from IBM App Scanner. + +### Sample Scan Data +Sample IBM AppScan DAST scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/ibm_app). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/immuniweb.md b/docs/content/en/integrations/parsers/file/immuniweb.md index 503bb8a713..6ab2cd139a 100644 --- a/docs/content/en/integrations/parsers/file/immuniweb.md +++ b/docs/content/en/integrations/parsers/file/immuniweb.md @@ -3,3 +3,6 @@ title: "Immuniweb Scan" toc_hide: true --- XML Scan Result File from Immuniweb Scan. + +### Sample Scan Data +Sample Immuniweb Scan scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/immuniweb). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/intsights.md b/docs/content/en/integrations/parsers/file/intsights.md index f6dd6cbba6..64b6e58860 100644 --- a/docs/content/en/integrations/parsers/file/intsights.md +++ b/docs/content/en/integrations/parsers/file/intsights.md @@ -60,3 +60,6 @@ Example: } ] } + +### Sample Scan Data +Sample IntSights Report scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/intsights). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/jfrog_xray_api_summary_artifact.md b/docs/content/en/integrations/parsers/file/jfrog_xray_api_summary_artifact.md index 609a0a4da0..748b77ea6a 100644 --- a/docs/content/en/integrations/parsers/file/jfrog_xray_api_summary_artifact.md +++ b/docs/content/en/integrations/parsers/file/jfrog_xray_api_summary_artifact.md @@ -10,4 +10,4 @@ Accepts a JSON File, generated from the JFrog Artifact Summary API Call. See unit test example: https://github.com/DefectDojo/django-DefectDojo/blob/master/unittests/scans/jfrog_xray_api_summary_artifact/one_vuln.json ### Link To Tool -See JFrog Documentation: https://jfrog.com/help/r/jfrog-rest-apis/summary +See JFrog Documentation: https://jfrog.com/help/r/jfrog-rest-apis/summary \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/jfrog_xray_on_demand_binary_scan.md b/docs/content/en/integrations/parsers/file/jfrog_xray_on_demand_binary_scan.md index 2b877b1b04..438bf065a3 100644 --- a/docs/content/en/integrations/parsers/file/jfrog_xray_on_demand_binary_scan.md +++ b/docs/content/en/integrations/parsers/file/jfrog_xray_on_demand_binary_scan.md @@ -3,7 +3,10 @@ title: "JFrog Xray On Demand Binary Scan" toc_hide: true --- Import the JSON format for the \"JFrog Xray On Demand Binary Scan\" file. Use this importer for Xray version 3.X --- - JFrog file documentation: + +JFrog file documentation: https://jfrog.com/help/r/jfrog-cli/on-demand-binary-scan + +### Sample Scan Data +Sample JFrog Xray On Demand Binary Scan scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/jfrog_xray_on_demand_binary_scan). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/jfrog_xray_unified.md b/docs/content/en/integrations/parsers/file/jfrog_xray_unified.md index cdc5708ff2..b8b55db0e7 100644 --- a/docs/content/en/integrations/parsers/file/jfrog_xray_unified.md +++ b/docs/content/en/integrations/parsers/file/jfrog_xray_unified.md @@ -3,3 +3,6 @@ title: "JFrog XRay Unified" toc_hide: true --- Import the JSON format for the \"Security & Compliance | Reports\" export. Jfrog's Xray tool is an add-on to their Artifactory repository that does Software Composition Analysis, see https://www.jfrog.com/confluence/display/JFROG/JFrog+Xray for more information. \"Xray Unified\" refers to Xray Version 3.0 and later. + +### Sample Scan Data +Sample JFrog XRay Unified scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/jfrog_xray_unified). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/jfrogxray.md b/docs/content/en/integrations/parsers/file/jfrogxray.md index 251c47dfb3..c3cb126fa2 100644 --- a/docs/content/en/integrations/parsers/file/jfrogxray.md +++ b/docs/content/en/integrations/parsers/file/jfrogxray.md @@ -3,3 +3,6 @@ title: "JFrogXRay" toc_hide: true --- Import the JSON format for the \"Security Export\" file. Use this importer for Xray version 2.X + +### Sample Scan Data +Sample JFrogXRay scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/jfrogxray). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/kics.md b/docs/content/en/integrations/parsers/file/kics.md index a0dbdd0b74..370421cce8 100644 --- a/docs/content/en/integrations/parsers/file/kics.md +++ b/docs/content/en/integrations/parsers/file/kics.md @@ -3,3 +3,6 @@ title: "KICS Scanner" toc_hide: true --- Import of JSON report from + +### Sample Scan Data +Sample KICS Scanner scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/kics). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/kiuwan.md b/docs/content/en/integrations/parsers/file/kiuwan.md index 6ba50c6dca..00189e8772 100644 --- a/docs/content/en/integrations/parsers/file/kiuwan.md +++ b/docs/content/en/integrations/parsers/file/kiuwan.md @@ -3,3 +3,6 @@ title: "Kiuwan Scanner" toc_hide: true --- Import Kiuwan Scan in CSV format. Export as CSV Results on Kiuwan. + +### Sample Scan Data +Sample Kiuwan Scanner scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/kiuwan). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/kubebench.md b/docs/content/en/integrations/parsers/file/kubebench.md index 38b865e593..89e1e3c3a6 100644 --- a/docs/content/en/integrations/parsers/file/kubebench.md +++ b/docs/content/en/integrations/parsers/file/kubebench.md @@ -3,3 +3,6 @@ title: "kube-bench Scanner" toc_hide: true --- Import JSON reports of Kubernetes CIS benchmark scans. + +### Sample Scan Data +Sample kube-bench Scanner scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/kubebench). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/kubehunter.md b/docs/content/en/integrations/parsers/file/kubehunter.md index 7b3de0a55b..08f932d5f8 100644 --- a/docs/content/en/integrations/parsers/file/kubehunter.md +++ b/docs/content/en/integrations/parsers/file/kubehunter.md @@ -3,3 +3,6 @@ title: "kubeHunter Scanner" toc_hide: true --- Import JSON reports of kube-hunter scans. Use "kube-hunter --report json" to produce the report in json format. + +### Sample Scan Data +Sample kubeHunter Scanner scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/kubehunter). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/meterian.md b/docs/content/en/integrations/parsers/file/meterian.md index f07d16dc0a..bf2d3bea8b 100644 --- a/docs/content/en/integrations/parsers/file/meterian.md +++ b/docs/content/en/integrations/parsers/file/meterian.md @@ -3,3 +3,6 @@ title: "Meterian Scanner" toc_hide: true --- The Meterian JSON report output file can be imported. + +### Sample Scan Data +Sample Meterian Scanner scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/meterian). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/microfocus_webinspect.md b/docs/content/en/integrations/parsers/file/microfocus_webinspect.md index 91fc0cf353..e087e4267e 100644 --- a/docs/content/en/integrations/parsers/file/microfocus_webinspect.md +++ b/docs/content/en/integrations/parsers/file/microfocus_webinspect.md @@ -3,3 +3,6 @@ title: "Microfocus Webinspect Scanner" toc_hide: true --- Import XML report + +### Sample Scan Data +Sample Microfocus Webinspect Scanner scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/microfocus_webinspect). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/mobsf.md b/docs/content/en/integrations/parsers/file/mobsf.md index 63dcf20564..44985929fd 100644 --- a/docs/content/en/integrations/parsers/file/mobsf.md +++ b/docs/content/en/integrations/parsers/file/mobsf.md @@ -3,3 +3,6 @@ title: "MobSF Scanner" toc_hide: true --- Export a JSON file using the API, api/v1/report\_json. + +### Sample Scan Data +Sample MobSF Scanner scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/mobsf). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/mobsfscan.md b/docs/content/en/integrations/parsers/file/mobsfscan.md index 626d90f294..7209f80b40 100644 --- a/docs/content/en/integrations/parsers/file/mobsfscan.md +++ b/docs/content/en/integrations/parsers/file/mobsfscan.md @@ -3,3 +3,6 @@ title: "Mobsfscan" toc_hide: true --- Import JSON report from + +### Sample Scan Data +Sample Mobsfscan scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/mobsfscan). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/mozilla_observatory.md b/docs/content/en/integrations/parsers/file/mozilla_observatory.md index c36ce869a8..3d1150821d 100644 --- a/docs/content/en/integrations/parsers/file/mozilla_observatory.md +++ b/docs/content/en/integrations/parsers/file/mozilla_observatory.md @@ -3,3 +3,6 @@ title: "Mozilla Observatory Scanner" toc_hide: true --- Import JSON report. + +### Sample Scan Data +Sample Mozilla Observatory Scanner scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/mozilla_observatory). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/ms_defender.md b/docs/content/en/integrations/parsers/file/ms_defender.md index 0a2f7b480f..2bf8c436ff 100644 --- a/docs/content/en/integrations/parsers/file/ms_defender.md +++ b/docs/content/en/integrations/parsers/file/ms_defender.md @@ -4,4 +4,7 @@ toc_hide: true --- This parser helps to parse Microsoft Defender Findings and supports two types of imports: - You can import a JSON output file from the api/vulnerabilities/machinesVulnerabilities endpoint of Microsoft defender. -- You can upload a custom zip file which include multiple JSON files from two Microsoft Defender Endpoints. For that you have to make your own zip file and include two folders (machines/ and vulnerabilities/) within the zip file. For vulnerabilities/ you can attach multiple JSON files from the api/vulnerabilities/machinesVulnerabilities REST API endpoint of Microsoft Defender. Furthermore, in machines/ you can attach the JSON output from the api/machines REST API endpoint of Microsoft Defender. Then, the parser uses the information in both folders to add more specific information like the affected IP Address to the finding. \ No newline at end of file +- You can upload a custom zip file which include multiple JSON files from two Microsoft Defender Endpoints. For that you have to make your own zip file and include two folders (machines/ and vulnerabilities/) within the zip file. For vulnerabilities/ you can attach multiple JSON files from the api/vulnerabilities/machinesVulnerabilities REST API endpoint of Microsoft Defender. Furthermore, in machines/ you can attach the JSON output from the api/machines REST API endpoint of Microsoft Defender. Then, the parser uses the information in both folders to add more specific information like the affected IP Address to the finding. + +### Sample Scan Data +Sample MS Defender Parser scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/ms_defender). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/netsparker.md b/docs/content/en/integrations/parsers/file/netsparker.md index 255f7ef975..7e46af07b1 100644 --- a/docs/content/en/integrations/parsers/file/netsparker.md +++ b/docs/content/en/integrations/parsers/file/netsparker.md @@ -3,3 +3,6 @@ title: "Netsparker" toc_hide: true --- Vulnerabilities List - JSON report + +### Sample Scan Data +Sample Netsparker scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/netsparker). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/neuvector.md b/docs/content/en/integrations/parsers/file/neuvector.md index 083adf707f..5acf03267a 100644 --- a/docs/content/en/integrations/parsers/file/neuvector.md +++ b/docs/content/en/integrations/parsers/file/neuvector.md @@ -2,4 +2,7 @@ title: "NeuVector (compliance)" toc_hide: true --- -Imports compliance scans returned by REST API. \ No newline at end of file +Imports compliance scans returned by REST API. + +### Sample Scan Data +Sample NeuVector (compliance) scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/neuvector). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/neuvector_compliance.md b/docs/content/en/integrations/parsers/file/neuvector_compliance.md index 0a6e8cac66..cce614b2f9 100644 --- a/docs/content/en/integrations/parsers/file/neuvector_compliance.md +++ b/docs/content/en/integrations/parsers/file/neuvector_compliance.md @@ -2,4 +2,7 @@ title: "NeuVector (REST)" toc_hide: true --- -JSON output of /v1/scan/{entity}/{id} endpoint \ No newline at end of file +JSON output of /v1/scan/{entity}/{id} endpoint + +### Sample Scan Data +Sample NeuVector (REST) scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/neuvector_compliance). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/nexpose.md b/docs/content/en/integrations/parsers/file/nexpose.md index d85810d926..f2380a3666 100644 --- a/docs/content/en/integrations/parsers/file/nexpose.md +++ b/docs/content/en/integrations/parsers/file/nexpose.md @@ -3,3 +3,6 @@ title: "Nexpose XML 2.0 (Rapid7)" toc_hide: true --- Use the full XML export template from Nexpose. + +### Sample Scan Data +Sample Nexpose XML 2.0 (Rapid7) scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/nexpose). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/nikto.md b/docs/content/en/integrations/parsers/file/nikto.md index 3389e3d401..09bcce9c10 100644 --- a/docs/content/en/integrations/parsers/file/nikto.md +++ b/docs/content/en/integrations/parsers/file/nikto.md @@ -9,4 +9,7 @@ The current parser support 3 sources: - new XML output (with nxvmlversion=\"1.2\" type) - JSON output -See: https://github.com/sullo/nikto \ No newline at end of file +See: https://github.com/sullo/nikto + +### Sample Scan Data +Sample Nikto scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/nikto). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/nmap.md b/docs/content/en/integrations/parsers/file/nmap.md index 9404d70acd..cada9ad2d3 100644 --- a/docs/content/en/integrations/parsers/file/nmap.md +++ b/docs/content/en/integrations/parsers/file/nmap.md @@ -3,3 +3,6 @@ title: "Nmap" toc_hide: true --- XML output (use -oX) + +### Sample Scan Data +Sample Nmap scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/nmap). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/npm_audit.md b/docs/content/en/integrations/parsers/file/npm_audit.md index 44de32b6ab..ebf280da96 100644 --- a/docs/content/en/integrations/parsers/file/npm_audit.md +++ b/docs/content/en/integrations/parsers/file/npm_audit.md @@ -4,3 +4,6 @@ toc_hide: true --- Node Package Manager (NPM) Audit plugin output file can be imported in JSON format. Only imports the \'advisories\' subtree. + +### Sample Scan Data +Sample NPM Audit scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/npm_audit). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/nsp.md b/docs/content/en/integrations/parsers/file/nsp.md index ab7fdf54e1..916495ecdf 100644 --- a/docs/content/en/integrations/parsers/file/nsp.md +++ b/docs/content/en/integrations/parsers/file/nsp.md @@ -3,3 +3,6 @@ title: "Node Security Platform" toc_hide: true --- Node Security Platform (NSP) output file can be imported in JSON format. + +### Sample Scan Data +Sample Node Security Platform scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/nsp). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/nuclei.md b/docs/content/en/integrations/parsers/file/nuclei.md index edf1f76587..3e63a2b942 100644 --- a/docs/content/en/integrations/parsers/file/nuclei.md +++ b/docs/content/en/integrations/parsers/file/nuclei.md @@ -3,3 +3,6 @@ title: "Nuclei" toc_hide: true --- Import JSON output of nuclei scan report + +### Sample Scan Data +Sample Nuclei scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/nuclei). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/openscap.md b/docs/content/en/integrations/parsers/file/openscap.md index 7bab7e5335..220f27d66e 100644 --- a/docs/content/en/integrations/parsers/file/openscap.md +++ b/docs/content/en/integrations/parsers/file/openscap.md @@ -3,3 +3,6 @@ title: "Openscap Vulnerability Scan" toc_hide: true --- Import Openscap Vulnerability Scan in XML formats. + +### Sample Scan Data +Sample Openscap Vulnerability Scan scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/openscap). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/ort.md b/docs/content/en/integrations/parsers/file/ort.md index e12181ade4..2aac161efd 100644 --- a/docs/content/en/integrations/parsers/file/ort.md +++ b/docs/content/en/integrations/parsers/file/ort.md @@ -2,4 +2,7 @@ title: "ORT evaluated model Importer" toc_hide: true --- -Import Outpost24 endpoint vulnerability scan in XML format. \ No newline at end of file +Import Outpost24 endpoint vulnerability scan in XML format. + +### Sample Scan Data +Sample ORT evaluated model Importer scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/ort). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/ossindex_devaudit.md b/docs/content/en/integrations/parsers/file/ossindex_devaudit.md index f21c5f20e3..cb007e5a3e 100644 --- a/docs/content/en/integrations/parsers/file/ossindex_devaudit.md +++ b/docs/content/en/integrations/parsers/file/ossindex_devaudit.md @@ -3,4 +3,7 @@ title: "OssIndex Devaudit" toc_hide: true --- Import JSON formatted output from \[OSSIndex -Devaudit\](). \ No newline at end of file +Devaudit\](). + +### Sample Scan Data +Sample OssIndex Devaudit scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/ossindex_devaudit). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/outpost24.md b/docs/content/en/integrations/parsers/file/outpost24.md index e87ce61530..2c0f974f02 100644 --- a/docs/content/en/integrations/parsers/file/outpost24.md +++ b/docs/content/en/integrations/parsers/file/outpost24.md @@ -2,4 +2,7 @@ title: "Outpost24 Scan" toc_hide: true --- -Import Outpost24 endpoint vulnerability scan in XML format. \ No newline at end of file +Import Outpost24 endpoint vulnerability scan in XML format. + +### Sample Scan Data +Sample Outpost24 Scan scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/outpost24). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/php_security_audit_v2.md b/docs/content/en/integrations/parsers/file/php_security_audit_v2.md index 33760aec45..1abcb0e741 100644 --- a/docs/content/en/integrations/parsers/file/php_security_audit_v2.md +++ b/docs/content/en/integrations/parsers/file/php_security_audit_v2.md @@ -3,3 +3,6 @@ title: "PHP Security Audit v2" toc_hide: true --- Import PHP Security Audit v2 Scan in JSON format. + +### Sample Scan Data +Sample PHP Security Audit v2 scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/php_security_audit_v2). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/php_symfony_security_check.md b/docs/content/en/integrations/parsers/file/php_symfony_security_check.md index 912522e83d..27552cb839 100644 --- a/docs/content/en/integrations/parsers/file/php_symfony_security_check.md +++ b/docs/content/en/integrations/parsers/file/php_symfony_security_check.md @@ -3,3 +3,6 @@ title: "PHP Symfony Security Checker" toc_hide: true --- Import results from the PHP Symfony Security Checker. + +### Sample Scan Data +Sample PHP Symfony Security Checker scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/php_symfony_security_check). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/pip_audit.md b/docs/content/en/integrations/parsers/file/pip_audit.md index 50156ee1ac..df24cdbe7a 100644 --- a/docs/content/en/integrations/parsers/file/pip_audit.md +++ b/docs/content/en/integrations/parsers/file/pip_audit.md @@ -2,4 +2,7 @@ title: "pip-audit Scan" toc_hide: true --- -Import pip-audit JSON scan report \ No newline at end of file +Import pip-audit JSON scan report + +### Sample Scan Data +Sample pip-audit Scan scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/pip_audit). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/pmd.md b/docs/content/en/integrations/parsers/file/pmd.md index aea80c507a..ebb4d95176 100644 --- a/docs/content/en/integrations/parsers/file/pmd.md +++ b/docs/content/en/integrations/parsers/file/pmd.md @@ -2,4 +2,7 @@ title: "PMD Scan" toc_hide: true --- -CSV Report \ No newline at end of file +CSV Report + +### Sample Scan Data +Sample PMD Scan scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/pmd). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/popeye.md b/docs/content/en/integrations/parsers/file/popeye.md index f36e62cddc..82dbdd8958 100644 --- a/docs/content/en/integrations/parsers/file/popeye.md +++ b/docs/content/en/integrations/parsers/file/popeye.md @@ -64,3 +64,5 @@ To match it to DefectDojo severity formula, Secerity 0 (Ok) findings from Popeye - Severity 2 (Warning) Popeye findings will be created as Severity "Low" findings in DefectDojo. - Severity 3 (Errors) Popeye findings will be created as Severity "High" findingsi in DefectDojo. +### Sample Scan Data +Sample Popeye scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/popeye). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/pwn_sast.md b/docs/content/en/integrations/parsers/file/pwn_sast.md index 7de6b3e713..241f2c0ca6 100644 --- a/docs/content/en/integrations/parsers/file/pwn_sast.md +++ b/docs/content/en/integrations/parsers/file/pwn_sast.md @@ -4,4 +4,7 @@ toc_hide: true --- - (Main Page)\[\] - pwn_sast: Import the JSON results generated by the pwn_sast Driver. This driver scans source code repositories for security anti-patterns that may result in vulnerability identification. -- More driver results coming soon... \ No newline at end of file +- More driver results coming soon... + +### Sample Scan Data +Sample PWN Security Automation Framework scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/pwn_sast). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/qualys.md b/docs/content/en/integrations/parsers/file/qualys.md index 870f463375..7fd532c79a 100644 --- a/docs/content/en/integrations/parsers/file/qualys.md +++ b/docs/content/en/integrations/parsers/file/qualys.md @@ -16,3 +16,6 @@ A CSV formatted Qualys Scan Report can also be used. Ensure the following values * Patches and Workarounds * Virtual Patches and Mitigating Controls * Results + +### Sample Scan Data +Sample Qualys Scan scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/qualys). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/qualys_infrascan_webgui.md b/docs/content/en/integrations/parsers/file/qualys_infrascan_webgui.md index 67e8c8a44f..bba44904df 100644 --- a/docs/content/en/integrations/parsers/file/qualys_infrascan_webgui.md +++ b/docs/content/en/integrations/parsers/file/qualys_infrascan_webgui.md @@ -2,4 +2,7 @@ title: "Qualys Infrastructure Scan (WebGUI XML)" toc_hide: true --- -Qualys WebGUI output files can be imported in XML format. \ No newline at end of file +Qualys WebGUI output files can be imported in XML format. + +### Sample Scan Data +Sample Qualys Infrastructure Scan (WebGUI XML) scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/qualys_infrascan_webgui). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/qualys_webapp.md b/docs/content/en/integrations/parsers/file/qualys_webapp.md index 44ce03d98b..b8a4017b11 100644 --- a/docs/content/en/integrations/parsers/file/qualys_webapp.md +++ b/docs/content/en/integrations/parsers/file/qualys_webapp.md @@ -3,3 +3,6 @@ title: "Qualys Webapp Scan" toc_hide: true --- Qualys WebScan output files can be imported in XML format. + +### Sample Scan Data +Sample Qualys Webapp Scan scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/qualys_webapp). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/retirejs.md b/docs/content/en/integrations/parsers/file/retirejs.md index cc9e626a8b..b975aa7b60 100644 --- a/docs/content/en/integrations/parsers/file/retirejs.md +++ b/docs/content/en/integrations/parsers/file/retirejs.md @@ -3,3 +3,6 @@ title: "Retire.js" toc_hide: true --- Retire.js JavaScript scan (\--js) output file can be imported in JSON format. + +### Sample Scan Data +Sample Retire.js scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/retirejs). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/risk_recon.md b/docs/content/en/integrations/parsers/file/risk_recon.md index 79231f3c80..917b7ed3bc 100644 --- a/docs/content/en/integrations/parsers/file/risk_recon.md +++ b/docs/content/en/integrations/parsers/file/risk_recon.md @@ -55,3 +55,6 @@ Import findings from Risk Recon via the API. Configure your own JSON report as f the \"companies\" field. - Removing both fields will allow retrieval of all findings in the Risk Recon instance. + +### Sample Scan Data +Sample Risk Recon API Importer scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/risk_recon). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/rubocop.md b/docs/content/en/integrations/parsers/file/rubocop.md index 1faf68d861..8a90bd8eda 100644 --- a/docs/content/en/integrations/parsers/file/rubocop.md +++ b/docs/content/en/integrations/parsers/file/rubocop.md @@ -3,3 +3,6 @@ title: "Rubocop Scan" toc_hide: true --- Import Rubocop JSON scan report (with option -f json). + +### Sample Scan Data +Sample Rubocop Scan scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/rubocop). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/rusty_hog.md b/docs/content/en/integrations/parsers/file/rusty_hog.md index ee10c565e8..52849c8d99 100644 --- a/docs/content/en/integrations/parsers/file/rusty_hog.md +++ b/docs/content/en/integrations/parsers/file/rusty_hog.md @@ -12,4 +12,7 @@ DefectDojo currently supports the parsing of the following Rusty Hog JSON output - Essex Hog: Scans for secrets in a Confluence page. RustyHog scans only one target at a time. This is not efficient if you want to scan all targets (e.g. all JIRA tickets) and upload each single report to DefectDojo. -[Rusty-Hog-Wrapper](https://github.com/manuel-sommer/Rusty-Hog-Wrapper) deals with this and scans a whole JIRA Project or Confluence Space, merges the findings into a valid file which can be uploaded to DefectDojo. (This is no official recommendation from DefectDojo, but rather a pointer in a direction on how to use this vulnerability scanner in a more efficient way.) \ No newline at end of file +[Rusty-Hog-Wrapper](https://github.com/manuel-sommer/Rusty-Hog-Wrapper) deals with this and scans a whole JIRA Project or Confluence Space, merges the findings into a valid file which can be uploaded to DefectDojo. (This is no official recommendation from DefectDojo, but rather a pointer in a direction on how to use this vulnerability scanner in a more efficient way.) + +### Sample Scan Data +Sample Rusty Hog parser scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/rusty_hog). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/sarif.md b/docs/content/en/integrations/parsers/file/sarif.md index b3b189f2a7..2b7f2d1009 100644 --- a/docs/content/en/integrations/parsers/file/sarif.md +++ b/docs/content/en/integrations/parsers/file/sarif.md @@ -24,3 +24,6 @@ It's possible to activate de-duplication based on this data by customizing setti # in your settings.py file DEDUPLICATION_ALGORITHM_PER_PARSER["SARIF"] = DEDUPE_ALGO_UNIQUE_ID_FROM_TOOL_OR_HASH_CODE ``` + +### Sample Scan Data +Sample SARIF scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/sarif). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/scantist.md b/docs/content/en/integrations/parsers/file/scantist.md index b0894ac9eb..a29f1392d5 100644 --- a/docs/content/en/integrations/parsers/file/scantist.md +++ b/docs/content/en/integrations/parsers/file/scantist.md @@ -3,4 +3,7 @@ title: "Scantist Scan" toc_hide: true --- Scantist is an open source management platform. Scan and remediate open source security, licensing and compliance risks across your software development lifecycle. -Here you can find more information: \ No newline at end of file +Here you can find more information: + +### Sample Scan Data +Sample Scantist Scan scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/scantist). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/scout_suite.md b/docs/content/en/integrations/parsers/file/scout_suite.md index d68c20089f..7e97dbfd30 100644 --- a/docs/content/en/integrations/parsers/file/scout_suite.md +++ b/docs/content/en/integrations/parsers/file/scout_suite.md @@ -6,4 +6,7 @@ Multi-Cloud security auditing tool. It uses APIs exposed by cloud providers. Scan results are located at `scan-reports/scoutsuite-results/scoutsuite\_\*.json` files. Multiple scans will create multiple files if they are runing agains -different Cloud projects. See \ No newline at end of file +different Cloud projects. See + +### Sample Scan Data +Sample ScoutSuite scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/scout_suite). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/semgrep.md b/docs/content/en/integrations/parsers/file/semgrep.md index f174f130a0..b88c8ed9d6 100644 --- a/docs/content/en/integrations/parsers/file/semgrep.md +++ b/docs/content/en/integrations/parsers/file/semgrep.md @@ -3,3 +3,6 @@ title: "Semgrep JSON Report" toc_hide: true --- Import Semgrep output (--json) + +### Sample Scan Data +Sample Semgrep JSON Report scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/semgrep). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/skf.md b/docs/content/en/integrations/parsers/file/skf.md index c3b3faa941..c2fcfa2741 100644 --- a/docs/content/en/integrations/parsers/file/skf.md +++ b/docs/content/en/integrations/parsers/file/skf.md @@ -3,3 +3,6 @@ title: "SKF Scan" toc_hide: true --- Output of SKF Sprint summary export. + +### Sample Scan Data +Sample SKF Scan scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/skf). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/snyk.md b/docs/content/en/integrations/parsers/file/snyk.md index 21dcff4d8e..f8cc746378 100644 --- a/docs/content/en/integrations/parsers/file/snyk.md +++ b/docs/content/en/integrations/parsers/file/snyk.md @@ -4,3 +4,6 @@ toc_hide: true --- Snyk output file (snyk test \--json \> snyk.json) can be imported in JSON format. Only SCA (Software Composition Analysis) report is supported (SAST report not supported yet). + +### Sample Scan Data +Sample Snyk scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/snyk). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/solar_appscreener.md b/docs/content/en/integrations/parsers/file/solar_appscreener.md index 1fe049b3a7..80ab6a894d 100644 --- a/docs/content/en/integrations/parsers/file/solar_appscreener.md +++ b/docs/content/en/integrations/parsers/file/solar_appscreener.md @@ -2,4 +2,7 @@ title: "Solar Appscreener Scan" toc_hide: true --- -Solar Appscreener report file can be imported in CSV format from Detailed_Results.csv \ No newline at end of file +Solar Appscreener report file can be imported in CSV format from Detailed_Results.csv + +### Sample Scan Data +Sample Solar Appscreener Scan scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/solar_appscreener). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/sonarqube.md b/docs/content/en/integrations/parsers/file/sonarqube.md index 5b5ae90e92..9e4da8c6f9 100644 --- a/docs/content/en/integrations/parsers/file/sonarqube.md +++ b/docs/content/en/integrations/parsers/file/sonarqube.md @@ -19,3 +19,6 @@ To generate the report, see Version: \>= 1.1.0 + +### Sample Scan Data +Sample SonarQube scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/sonarqube). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/sonatype.md b/docs/content/en/integrations/parsers/file/sonatype.md index aa317c00aa..c993fdd3f1 100644 --- a/docs/content/en/integrations/parsers/file/sonatype.md +++ b/docs/content/en/integrations/parsers/file/sonatype.md @@ -3,3 +3,6 @@ title: "Sonatype" toc_hide: true --- JSON output. + +### Sample Scan Data +Sample Sonatype scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/sonatype). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/spotbugs.md b/docs/content/en/integrations/parsers/file/spotbugs.md index 049d1b7837..69a288e5b5 100644 --- a/docs/content/en/integrations/parsers/file/spotbugs.md +++ b/docs/content/en/integrations/parsers/file/spotbugs.md @@ -3,3 +3,6 @@ title: "SpotBugs" toc_hide: true --- XML report of textui cli. + +### Sample Scan Data +Sample SpotBugs scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/spotbugs). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/ssh_audit.md b/docs/content/en/integrations/parsers/file/ssh_audit.md index e5877f7938..29f95a8226 100644 --- a/docs/content/en/integrations/parsers/file/ssh_audit.md +++ b/docs/content/en/integrations/parsers/file/ssh_audit.md @@ -2,4 +2,7 @@ title: "SSH Audit" toc_hide: true --- -Import JSON output of ssh_audit report. See \ No newline at end of file +Import JSON output of ssh_audit report. See + +### Sample Scan Data +Sample SSH Audit scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/ssh_audit). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/ssl_labs.md b/docs/content/en/integrations/parsers/file/ssl_labs.md index 4154435765..cd5972e126 100644 --- a/docs/content/en/integrations/parsers/file/ssl_labs.md +++ b/docs/content/en/integrations/parsers/file/ssl_labs.md @@ -3,3 +3,6 @@ title: "SSL Labs" toc_hide: true --- JSON Output of ssllabs-scan cli. + +### Sample Scan Data +Sample SSL Labs scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/ssl_labs). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/sslscan.md b/docs/content/en/integrations/parsers/file/sslscan.md index 056c7ebcda..0255e5858a 100644 --- a/docs/content/en/integrations/parsers/file/sslscan.md +++ b/docs/content/en/integrations/parsers/file/sslscan.md @@ -3,3 +3,6 @@ title: "Sslscan" toc_hide: true --- Import XML output of sslscan report. + +### Sample Scan Data +Sample Sslscan scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/sslscan). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/sslyze.md b/docs/content/en/integrations/parsers/file/sslyze.md index c46209e11f..8abfd44b8f 100644 --- a/docs/content/en/integrations/parsers/file/sslyze.md +++ b/docs/content/en/integrations/parsers/file/sslyze.md @@ -3,9 +3,10 @@ title: "Sslyze Scan" toc_hide: true --- ## Sslyze Scan - XML report of SSLyze version 2 scan ## SSLyze 3 Scan (JSON) +JSON report of SSLyze version 3 scan -JSON report of SSLyze version 3 scan \ No newline at end of file +### Sample Scan Data +Sample Sslyze Scan scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/sslyze). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/stackhawk.md b/docs/content/en/integrations/parsers/file/stackhawk.md index 281f5dde89..4f66fb5a82 100644 --- a/docs/content/en/integrations/parsers/file/stackhawk.md +++ b/docs/content/en/integrations/parsers/file/stackhawk.md @@ -3,4 +3,7 @@ title: "StackHawk HawkScan" toc_hide: true --- Import the JSON webhook event from StackHawk. -For more information, check out our [docs on hooking up StackHawk to Defect Dojo](https://docs.stackhawk.com/workflow-integrations/defect-dojo.html) \ No newline at end of file +For more information, check out our [docs on hooking up StackHawk to Defect Dojo](https://docs.stackhawk.com/workflow-integrations/defect-dojo.html) + +### Sample Scan Data +Sample StackHawk HawkScan scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/stackhawk). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/sysdig_reports.md b/docs/content/en/integrations/parsers/file/sysdig_reports.md index 39037ad806..1560f445ce 100644 --- a/docs/content/en/integrations/parsers/file/sysdig_reports.md +++ b/docs/content/en/integrations/parsers/file/sysdig_reports.md @@ -5,4 +5,7 @@ toc_hide: true Import CSV report files from Sysdig. Parser will accept Pipeline, Registry and Runtime reports created from the UI -More information available at [our reporting docs page](https://docs.sysdig.com/en/docs/sysdig-secure/vulnerabilities/reporting) \ No newline at end of file +More information available at [our reporting docs page](https://docs.sysdig.com/en/docs/sysdig-secure/vulnerabilities/reporting) + +### Sample Scan Data +Sample Sysdig Vulnerability Reports scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/sysdig_reports). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/talisman.md b/docs/content/en/integrations/parsers/file/talisman.md index 851618dcd8..c542a1f0f2 100644 --- a/docs/content/en/integrations/parsers/file/talisman.md +++ b/docs/content/en/integrations/parsers/file/talisman.md @@ -38,4 +38,7 @@ else # If talisman did not find any issues, exit with a zero status code exit 0 fi -``` \ No newline at end of file +``` + +### Sample Scan Data +Sample Talisman scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/talisman). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/tenable.md b/docs/content/en/integrations/parsers/file/tenable.md index d4666ee901..a4f0ad5903 100644 --- a/docs/content/en/integrations/parsers/file/tenable.md +++ b/docs/content/en/integrations/parsers/file/tenable.md @@ -3,5 +3,7 @@ title: "Tenable" toc_hide: true --- Reports can be imported in the CSV, and .nessus (XML) report formats. - Legacy Nessus and Nessus WAS reports are supported + +### Sample Scan Data +Sample Tenable scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/tenable). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/terrascan.md b/docs/content/en/integrations/parsers/file/terrascan.md index 8f900e7b32..c5d6016c5a 100644 --- a/docs/content/en/integrations/parsers/file/terrascan.md +++ b/docs/content/en/integrations/parsers/file/terrascan.md @@ -3,3 +3,6 @@ title: "Terrascan" toc_hide: true --- Import JSON output of terrascan scan report + +### Sample Scan Data +Sample Terrascan scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/terrascan). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/testssl.md b/docs/content/en/integrations/parsers/file/testssl.md index 0cec96fc11..501cb8b8a7 100644 --- a/docs/content/en/integrations/parsers/file/testssl.md +++ b/docs/content/en/integrations/parsers/file/testssl.md @@ -3,3 +3,6 @@ title: "Testssl Scan" toc_hide: true --- Import CSV output of testssl scan report. + +### Sample Scan Data +Sample Testssl Scan scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/testssl). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/tfsec.md b/docs/content/en/integrations/parsers/file/tfsec.md index 256a291b62..7a0aca9d57 100644 --- a/docs/content/en/integrations/parsers/file/tfsec.md +++ b/docs/content/en/integrations/parsers/file/tfsec.md @@ -3,3 +3,6 @@ title: "TFSec" toc_hide: true --- Import of JSON report from + +### Sample Scan Data +Sample TFSec scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/tfsec). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/trivy.md b/docs/content/en/integrations/parsers/file/trivy.md index 78a6aef1be..01823598b7 100644 --- a/docs/content/en/integrations/parsers/file/trivy.md +++ b/docs/content/en/integrations/parsers/file/trivy.md @@ -3,3 +3,6 @@ title: "Trivy" toc_hide: true --- JSON report of [trivy scanner](https://github.com/aquasecurity/trivy). + +### Sample Scan Data +Sample Trivy scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/trivy). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/trivy_operator.md b/docs/content/en/integrations/parsers/file/trivy_operator.md index 47a93f7ebd..1433b8231f 100644 --- a/docs/content/en/integrations/parsers/file/trivy_operator.md +++ b/docs/content/en/integrations/parsers/file/trivy_operator.md @@ -5,3 +5,6 @@ toc_hide: true JSON report of [trivy operator scanner](https://github.com/aquasecurity/trivy-operator). To import the generated Vulnerability Reports, you can also use the [trivy-dojo-report-operator](https://github.com/telekom-mms/trivy-dojo-report-operator). + +### Sample Scan Data +Sample Trivy Operator scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/trivy_operator). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/trufflehog.md b/docs/content/en/integrations/parsers/file/trufflehog.md index 14673a7214..c787e8e810 100644 --- a/docs/content/en/integrations/parsers/file/trufflehog.md +++ b/docs/content/en/integrations/parsers/file/trufflehog.md @@ -3,3 +3,6 @@ title: "Trufflehog" toc_hide: true --- JSON Output of Trufflehog. Supports version 2 and 3 of https://github.com/trufflesecurity/trufflehog + +### Sample Scan Data +Sample Trufflehog scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/trufflehog). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/trufflehog3.md b/docs/content/en/integrations/parsers/file/trufflehog3.md index 58f1811f25..44fd436d54 100644 --- a/docs/content/en/integrations/parsers/file/trufflehog3.md +++ b/docs/content/en/integrations/parsers/file/trufflehog3.md @@ -3,3 +3,6 @@ title: "Trufflehog3" toc_hide: true --- JSON Output of Trufflehog3, a fork of TruffleHog located at https://github.com/feeltheajf/truffleHog3 + +### Sample Scan Data +Sample Trufflehog3 scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/trufflehog3). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/trustwave.md b/docs/content/en/integrations/parsers/file/trustwave.md index 0b463123b3..e5c6305ea7 100644 --- a/docs/content/en/integrations/parsers/file/trustwave.md +++ b/docs/content/en/integrations/parsers/file/trustwave.md @@ -3,3 +3,6 @@ title: "Trustwave" toc_hide: true --- CSV output of Trustwave vulnerability scan. + +### Sample Scan Data +Sample Trustwave scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/trustwave). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/trustwave_fusion_api.md b/docs/content/en/integrations/parsers/file/trustwave_fusion_api.md index 4796727653..d4f61fd057 100644 --- a/docs/content/en/integrations/parsers/file/trustwave_fusion_api.md +++ b/docs/content/en/integrations/parsers/file/trustwave_fusion_api.md @@ -2,4 +2,7 @@ title: "Trustwave Fusion API Scan" toc_hide: true --- -Trustwave Fusion API report file can be imported in JSON format \ No newline at end of file +Trustwave Fusion API report file can be imported in JSON format + +### Sample Scan Data +Sample Trustwave Fusion API Scan scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/trustwave_fusion_api). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/twistlock.md b/docs/content/en/integrations/parsers/file/twistlock.md index 027e931ff9..e682da7402 100644 --- a/docs/content/en/integrations/parsers/file/twistlock.md +++ b/docs/content/en/integrations/parsers/file/twistlock.md @@ -9,3 +9,6 @@ JSON output of the `twistcli` tool. Example: {{< /highlight >}} The CSV output from the UI is now also accepted. + +### Sample Scan Data +Sample Twistlock scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/twistlock). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/vcg.md b/docs/content/en/integrations/parsers/file/vcg.md index ed44be99d6..568b57bffd 100644 --- a/docs/content/en/integrations/parsers/file/vcg.md +++ b/docs/content/en/integrations/parsers/file/vcg.md @@ -3,3 +3,4 @@ title: "Visual Code Grepper (VCG)" toc_hide: true --- VCG output can be imported in CSV or Xml formats. + diff --git a/docs/content/en/integrations/parsers/file/veracode.md b/docs/content/en/integrations/parsers/file/veracode.md index 54978e2305..7723786041 100644 --- a/docs/content/en/integrations/parsers/file/veracode.md +++ b/docs/content/en/integrations/parsers/file/veracode.md @@ -46,3 +46,6 @@ Veracode reports can be ingested in either XML or JSON Format } } ``` + +### Sample Scan Data +Sample Veracode scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/veracode). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/veracode_sca.md b/docs/content/en/integrations/parsers/file/veracode_sca.md index fd855d5269..59db59d2a3 100644 --- a/docs/content/en/integrations/parsers/file/veracode_sca.md +++ b/docs/content/en/integrations/parsers/file/veracode_sca.md @@ -3,3 +3,6 @@ title: "Veracode SourceClear" toc_hide: true --- Import Project CSV or JSON report + +### Sample Scan Data +Sample Veracode SourceClear scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/veracode_sca). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/wapiti.md b/docs/content/en/integrations/parsers/file/wapiti.md index d15d6581e4..53a4cd619b 100644 --- a/docs/content/en/integrations/parsers/file/wapiti.md +++ b/docs/content/en/integrations/parsers/file/wapiti.md @@ -3,3 +3,6 @@ title: "Wapiti Scan" toc_hide: true --- Import XML report. + +### Sample Scan Data +Sample Wapiti Scan scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/wapiti). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/wazuh.md b/docs/content/en/integrations/parsers/file/wazuh.md index bbf191840a..01bb0a0aa7 100644 --- a/docs/content/en/integrations/parsers/file/wazuh.md +++ b/docs/content/en/integrations/parsers/file/wazuh.md @@ -3,3 +3,6 @@ title: "Wazuh Scanner" toc_hide: true --- Import JSON report. + +### Sample Scan Data +Sample Wazuh Scanner scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/wazuh). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/wfuzz.md b/docs/content/en/integrations/parsers/file/wfuzz.md index c7a198d87e..2aa4add793 100644 --- a/docs/content/en/integrations/parsers/file/wfuzz.md +++ b/docs/content/en/integrations/parsers/file/wfuzz.md @@ -12,4 +12,7 @@ HTTP Return Code | Severity 401 | Medium 403 | Medium 407 | Medium -500 | Low \ No newline at end of file +500 | Low + +### Sample Scan Data +Sample Wfuzz JSON importer scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/wfuzz). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/whispers.md b/docs/content/en/integrations/parsers/file/whispers.md index 7da1946550..dfa5b104ef 100644 --- a/docs/content/en/integrations/parsers/file/whispers.md +++ b/docs/content/en/integrations/parsers/file/whispers.md @@ -3,5 +3,7 @@ title: "Whispers" toc_hide: true --- Import Whispers JSON results. +https://github.com/adeptex/whispers -https://github.com/adeptex/whispers \ No newline at end of file +### Sample Scan Data +Sample Whispers scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/whispers). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/whitehat_sentinel.md b/docs/content/en/integrations/parsers/file/whitehat_sentinel.md index 61a79fd7b0..756fac5069 100644 --- a/docs/content/en/integrations/parsers/file/whitehat_sentinel.md +++ b/docs/content/en/integrations/parsers/file/whitehat_sentinel.md @@ -2,4 +2,7 @@ title: "WhiteHat Sentinel" toc_hide: true --- -WhiteHat Sentinel output from api/vuln/query_site can be imported in JSON format. \ No newline at end of file +WhiteHat Sentinel output from api/vuln/query_site can be imported in JSON format. + +### Sample Scan Data +Sample WhiteHat Sentinel scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/whitehat_sentinel). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/whitesource.md b/docs/content/en/integrations/parsers/file/whitesource.md index d647d7cc96..62b9a4b842 100644 --- a/docs/content/en/integrations/parsers/file/whitesource.md +++ b/docs/content/en/integrations/parsers/file/whitesource.md @@ -3,3 +3,6 @@ title: "Whitesource Scan" toc_hide: true --- Import JSON report + +### Sample Scan Data +Sample Whitesource Scan scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/whitesource). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/wpscan.md b/docs/content/en/integrations/parsers/file/wpscan.md index 7a26c51cbb..3e47e2bc6f 100644 --- a/docs/content/en/integrations/parsers/file/wpscan.md +++ b/docs/content/en/integrations/parsers/file/wpscan.md @@ -3,3 +3,6 @@ title: "Wpscan Scanner" toc_hide: true --- Import JSON report. + +### Sample Scan Data +Sample Wpscan Scanner scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/wpscan). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/xanitizer.md b/docs/content/en/integrations/parsers/file/xanitizer.md index 705f0aa869..553292b592 100644 --- a/docs/content/en/integrations/parsers/file/xanitizer.md +++ b/docs/content/en/integrations/parsers/file/xanitizer.md @@ -3,4 +3,7 @@ title: "Xanitizer" toc_hide: true --- Import XML findings list report, preferably with parameter -\'generateDetailsInFindingsListReport=true\'. \ No newline at end of file +\'generateDetailsInFindingsListReport=true\'. + +### Sample Scan Data +Sample Xanitizer scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/xanitizer). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/yarn_audit.md b/docs/content/en/integrations/parsers/file/yarn_audit.md index 7e8e4f6efc..e7de450a75 100644 --- a/docs/content/en/integrations/parsers/file/yarn_audit.md +++ b/docs/content/en/integrations/parsers/file/yarn_audit.md @@ -3,3 +3,6 @@ title: "Yarn Audit" toc_hide: true --- Import Yarn Audit scan report in JSON format. Use something like `yarn audit --json > yarn_report.json`. + +### Sample Scan Data +Sample Yarn Audit scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/yarn_audit). \ No newline at end of file diff --git a/docs/content/en/integrations/parsers/file/zap.md b/docs/content/en/integrations/parsers/file/zap.md index e31268b16c..43fd58e05c 100644 --- a/docs/content/en/integrations/parsers/file/zap.md +++ b/docs/content/en/integrations/parsers/file/zap.md @@ -3,3 +3,6 @@ title: "Zed Attack Proxy" toc_hide: true --- ZAP XML report format (with or without requests and responses). + +### Sample Scan Data +Sample Zed Attack Proxy scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/zap). \ No newline at end of file