-
Notifications
You must be signed in to change notification settings - Fork 0
/
qualysCVEPairing.py
87 lines (73 loc) · 2.87 KB
/
qualysCVEPairing.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
import csv
import lxml.etree as ET
import os
import requests
# IMPORTANT: this program needs about 150mb of space in the directory the script is kept in throughout it's runtime,
# from start to end, the space will be given back after the process has completed.
# I realize this isn't the most efficient way to handle this but I wrote this with legacy Python2 systems
# without the ability to install modules in mind. If you'd like to make a fork using pandas, feel free. :)
if os.path.exists('config.ini'):
configFile = {}
with open('config.ini', 'r') as file:
for line in file:
(key, val) = line.split('=')
configFile[str(key)] = val.rstrip("\n").rstrip("\r").replace('"','')
double = configFile['loginInfo'].split(':')
username = double[0]
password = double[1]
else:
print("Please refer to the readme on how to curate a config")
quit()
# Qualys API for knowledgebase
QualysURL = 'https://qualysapi.qualys.com/api/2.0/fo/knowledge_base/vuln/'
# CSV format CVE listing.
CVE_CSV = 'https://cve.mitre.org/data/downloads/allitems.csv'
headers = {
'X-Requested-With': 'curl',
}
params = (
('action', 'list'),
('details', 'All'),
)
# Download Qualys XML
with requests.Session() as s:
download = s.get(QualysURL, headers=headers, params=params, auth=(username, password))
open('vulnTrash.xml', 'w+').write(download.content)
dom = ET.parse('vulnTrash.xml')
xslt = ET.parse('kb_v2-cve2csv.xsl')
transform = ET.XSLT(xslt)
newdom = transform(dom)
csvWrite = open("kb_v2-cve.csv", "w")
csvWrite.write(newdom)
csvWrite.close()
# Download Latest CVE Listing.
with requests.Session() as s:
download = s.get(CVE_CSV)
open('trashsoon.csv', 'w+').write(download.content)
# Convert CVE CSV into list for comparison.
with open('trashsoon.csv', 'rb') as f:
reader = csv.reader(f)
cve_list = list(reader)
# Convert Qualys QID CSV into list for comparison.
with open('kb_v2-cve.csv', 'rb') as f:
reader = csv.reader(f)
qid_list = list(reader)
# Delete trash files.
os.remove('trashsoon.csv')
os.remove('vulnTrash.xml')
# Curate a list of QIDs to CVEs and write to a CSV of it's own.
with open('qualysCVEPairs.csv', 'wb') as csvfile:
csvWriter = csv.writer(csvfile, delimiter=',', quotechar='|', quoting=csv.QUOTE_MINIMAL)
csvWriter.writerow(['QID', 'CVE-ID', 'CVE-URL', 'CVE-DESC'])
for row in cve_list:
cveNum = row[0]
desCVE = row[2].replace(',', '')
if "CVE-" in cveNum:
for row in qid_list:
QID = None
url = None
if row[1] == cveNum:
QID = row[0]
url = row[2]
if QID != None:
csvWriter.writerow([QID, cveNum, url, desCVE])