Skip to content

add export discovery assets to CSV format#14

Merged
poupas merged 2 commits intoProbely:masterfrom
suskind:export_asset_discovery_to_csv
Jul 17, 2024
Merged

add export discovery assets to CSV format#14
poupas merged 2 commits intoProbely:masterfrom
suskind:export_asset_discovery_to_csv

Conversation

@suskind
Copy link
Copy Markdown
Collaborator

@suskind suskind commented Jul 12, 2024

script to export discovery assets to a CSV file

@suskind suskind requested a review from poupas July 12, 2024 00:25
@dryrunsecurity
Copy link
Copy Markdown

dryrunsecurity Bot commented Jul 12, 2024
edited
Loading

DryRun Security Summary

The provided Python script exports discovery assets from the Probely API to a CSV file, incorporating security-relevant features such as JWT authentication, input validation, and error handling, while also addressing potential vulnerabilities like cross-site scripting and CSV injection.

Expand for full summary

Summary:

The provided code is a Python script that exports discovery assets from the Probely API to a CSV file. The script includes several security-relevant features, such as authentication with a JWT (JSON Web Token), input validation using the argparse library, and error handling with requests.get() and response.raise_for_status(). The script also extracts various fields from the API response and writes them to a CSV file, which requires careful handling to prevent potential issues like cross-site scripting (XSS) and CSV injection vulnerabilities.

Overall, the code appears to follow good security practices, but it's essential to thoroughly review the entire codebase and its integration with the Probely API to ensure that there are no additional security vulnerabilities or potential attack vectors. Proper handling of the JWT, input validation, API endpoint construction, and data extraction and sanitization are crucial to maintain the security of the application.

Files Changed:

  • discovery_assets_to_csv.py: This is a newly added Python script that exports discovery assets from the Probely API to a CSV file. The script accepts two optional command-line arguments: -s or --score to filter assets by a specific score, and -o or --output to specify the output CSV file path. The script uses the Probely API to retrieve the discovery assets and then writes the asset information to the specified CSV file.

Code Analysis

We ran 7 analyzers against 1 file and 0 analyzers had findings. 7 analyzers had no findings.

Riskiness

🟢 Risk threshold not exceeded.

View PR in the DryRun Dashboard.

@poupas poupas merged commit 1f01d3c into Probely:master Jul 17, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@poupas poupas poupas approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@suskind @poupas