first commit

.github/workflows/ci.yaml

@@ -0,0 +1,58 @@
+name: Go
+
+on:
+  push:
+    branches: [master]
+  pull_request:
+    branches: [master]
+
+jobs:
+  build:
+    name: Build
+    runs-on: ubuntu-latest
+    steps:
+      - name: Set up Go 1.x
+        uses: actions/setup-go@v2
+        with:
+          go-version: 1.15.x
+
+      - name: Check out source code
+        uses: actions/checkout@v2
+
+      - name: Build
+        run: go build
+
+      # - name: Test
+      #   run: go test -v ./...
+
+  pre-commit:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        python-version: [3.6, 3.7, 3.8]
+
+    steps:
+      - name: Check out source code
+        uses: actions/checkout@v2
+
+      - name: Set up Go 1.x
+        uses: actions/setup-go@v2
+        with:
+          go-version: 1.15.x
+
+      - name: Set up python environment for pre-commit
+        uses: actions/setup-python@v2
+        with:
+          python-version: ${{ matrix.python-version }}
+
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip
+          pip install pre-commit
+      - name: Run pre-commit
+        run: |
+          go get -u golang.org/x/lint/golint
+          go get github.com/fzipp/gocyclo/cmd/gocyclo
+          go get github.com/golangci/golangci-lint/cmd/golangci-lint@v1.33.0
+          go get -v -u github.com/go-critic/go-critic/cmd/gocritic
+          pre-commit run --all-files

.github/workflows/release.yaml

@@ -0,0 +1,26 @@
+name: release
+
+on:
+  push:
+    branches-ignore:
+      - "**"
+    tags:
+      - "v*.*.*"
+
+jobs:
+  goreleaser:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+      - name: Set up Go
+        uses: actions/setup-go@v2
+        with:
+          go-version: 1.15.x
+      - name: Run GoReleaser
+        uses: goreleaser/goreleaser-action@v2
+        with:
+          version: latest
+          args: release --rm-dist
+        env:
+          GITHUB_TOKEN: ${{ secrets.GORELEASER_GITHUB_TOKEN }}

.gitignore

@@ -0,0 +1,26 @@
+# Binaries for programs and plugins
+*.exe
+*.exe~
+*.dll
+*.so
+*.dylib
+
+# Test binary, built with `go test -c`
+*.test
+
+# Output of the go coverage tool, specifically when used with LiteIDE
+*.out
+
+# Dependency directories (remove the comment below to include it)
+# vendor/
+
+test
+bin
+dist
+tfc-helper
+.vscode
+qualys_parser
+*.json
+test.csv
+real.csv
+real_2.csv

.goreleaser.yml

@@ -0,0 +1,39 @@
+# This is an example goreleaser.yaml file with some sane defaults.
+# Make sure to check the documentation at http://goreleaser.com
+before:
+  hooks:
+    # You may remove this if you don't use go modules.
+    - go mod download
+    # you may remove this if you don't need go generate
+    - go generate ./...
+builds:
+  - env:
+      - CGO_ENABLED=0
+    goos:
+      - linux
+      - windows
+      - darwin
+    goarch:
+      - amd64
+      - "386"
+    ldflags:
+      - -s -w -X main.version={{.Version}}
+archives:
+  - format: tar.gz
+    name_template: "{{ .Binary }}_{{ .Os }}_{{ .Arch }}{{ if .Arm }}v{{ .Arm }}{{ end }}"
+    files:
+      - LICENSE*
+      - README*
+
+checksum:
+  name_template: "{{ .ProjectName }}_checksums.txt"
+
+snapshot:
+  name_template: "{{ .Tag }}-next"
+
+changelog:
+  sort: asc
+  filters:
+    exclude:
+      - "^docs:"
+      - "^test:"

.pre-commit-config.yaml

@@ -0,0 +1,25 @@
+exclude: test
+repos:
+  - repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: v3.4.0
+    hooks:
+      - id: check-json
+      - id: check-yaml
+      - id: trailing-whitespace
+      - id: end-of-file-fixer
+  - repo: git://github.com/dnephin/pre-commit-golang
+    rev: master
+    hooks:
+      - id: go-fmt
+      - id: go-vet
+      - id: go-lint
+      - id: go-imports
+      - id: go-cyclo
+        args: [-over=15]
+      - id: validate-toml
+      - id: no-go-testing
+      - id: golangci-lint
+        args: [--skip-dirs=test]
+      - id: go-critic
+      - id: go-unit-tests
+      - id: go-build

README.md

@@ -0,0 +1,175 @@
+# `qualys_parser`
+
+qualys_parser is a CLI tool that parses the csv report from Qualys and gives quick result
+
+The tool is only tested on scanning report of ubuntu machines
+
+## Installing
+
+`git clone https://github.com/eRaMvn/qualys_parser.git`
+
+Build executable
+
+```bash
+#!/bin/bash
+go build
+```
+
+Or you can grab one of the executables under `Releases`
+
+## Example Commands
+
+The following examples were executed on the `samples/reports.csv` file
+
+1. Generate a report of all vulnerable packages found along with where the packages can be found
+
+`
+qualys_parser -i report.csv
+`
+
+Sample output:
+
+```json
+{
+	"OpenSSH_7.2p2": {
+		"csv_title": "OpenSSH Information Disclosure Vulnerability",
+		"severity": "Medium",
+		"solution": "OpenSSH team committed a partial mitigation of this issue which is included in openssh 8.4. \nRefer to OpenSSH 8.4 (https://www.openssh.com/) for details.",
+		"count": 1,
+		"ip_list": ["172.30.1.6"]
+	},
+	"git-man": {
+		"csv_title": "Ubuntu Security Notification for Git Vulnerabilities (USN-4220-1)",
+		"severity": "Medium",
+		"solution": "Refer to Ubuntu advisory USN-4220-1 (https://lists.ubuntu.com/archives/ubuntu-security-announce/2019-December/005244.html)...",
+		"count": 2,
+		"ip_list": ["172.30.1.1", "172.30.1.2"]
+	},
+	"linux-image-aws": {
+		"csv_title": "Ubuntu Security Notification for Linux, Linux-aws, Linux-kvm, Linux-raspi2, Linux-snapdragon (USN-4211-1)",
+		"severity": "Medium",
+		"solution": "Refer to Ubuntu advisory USN-4211-1 (https://lists.ubuntu.com/archives/ubuntu-security-announce/2019-December/005229.html) ",
+		"count": 3,
+		"ip_list": ["172.30.1.3", "172.30.1.4", "172.30.1.5"]
+	},
+	"linux-libc-dev": {
+		"csv_title": "Ubuntu Security Notification for Linux, Linux-aws, Linux-kvm, Linux-raspi2, Linux-snapdragon (USN-4211-1)",
+		"severity": "Medium",
+		"solution": "Refer to Ubuntu advisory USN-4211-1 (https://lists.ubuntu.com/archives/ubuntu-security-announce/2019-December/005229.html)",
+		"count": 3,
+		"ip_list": ["172.30.1.3", "172.30.1.4", "172.30.1.5"]
+	}
+}
+```
+
+2. Generate a report of all vulnerable packages found along with where the packages can be found but with more details
+
+`
+qualys_parser -i report.csv -d
+`
+
+Sample output:
+
+```json
+
+{
+	"OpenSSH_7.2p2 | Ubuntu-4ubuntu2.10, | OpenSSL": {
+		"csv_title": "OpenSSH Information Disclosure Vulnerability",
+		"severity": "Medium",
+		"solution": "OpenSSH team committed a partial mitigation of this issue which is included in openssh 8.4. \nRefer to OpenSSH 8.4 (https://www.openssh.com/) for details.",
+		"count": 1,
+		"ip_list": ["10.235.110.8"]
+	}
+}
+```
+
+3. Generate a report of all ips with vulnerable packages
+
+`
+qualys_parser -i report.csv --ip
+`
+
+Sample output:
+
+```json
+{
+	"172.30.1.1": ["git-man"],
+	"172.30.1.2": ["git-man"],
+	"172.30.1.3": ["linux-image-aws", "linux-libc-dev"],
+	"172.30.1.4": ["linux-image-aws", "linux-libc-dev"],
+	"172.30.1.5": ["linux-image-aws", "linux-libc-dev"],
+	"172.30.1.6": ["OpenSSH_7.2p2"]
+}
+```
+
+With more details
+
+`
+qualys_parser -i report.csv --ip -d
+`
+
+Sample output:
+
+```json
+{
+	"172.30.1.1": ["git-man | 1:2.7.4-0ubuntu1.6 | 1:2.7.4-0ubuntu1.7#"],
+	"172.30.1.2": ["git-man | 1:2.7.4-0ubuntu1.6 | 1:2.7.4-0ubuntu1.7#"],
+	"172.30.1.3": [
+		"linux-image-aws | 4.4.0.1048.50 | 4.4.0.1099.103",
+		"linux-libc-dev | 4.4.0-109.132 | 4.4.0-170.199#"
+	],
+	"172.30.1.4": [
+		"linux-image-aws | 4.4.0.1048.50 | 4.4.0.1099.103",
+		"linux-libc-dev | 4.4.0-109.132 | 4.4.0-170.199#"
+	],
+	"172.30.1.5": [
+		"linux-image-aws | 4.4.0.1048.50 | 4.4.0.1099.103",
+		"linux-libc-dev | 4.4.0-109.132 | 4.4.0-170.199#"
+	],
+	"172.30.1.6": ["OpenSSH_7.2p2 | Ubuntu-4ubuntu2.10, | OpenSSL"]
+}
+```
+
+4. Quickly grab the vulnerable packages for a certain ip
+
+`
+qualys_parser -i report.csv --host 172.30.1.2 --ip
+`
+
+Sample output:
+
+```bash
+The vulnerable package(s) found for the host 172.30.1.2 are:
+git-man
+```
+
+5. Quickly grab the ips a vulnerable package can be found in
+
+`
+qualys_parser -i report.csv --pkg git-man
+`
+
+Sample output:
+
+```bash
+The ip(s) found for the package git-man are:
+172.30.1.1
+172.30.1.2
+```
+
+6. List just the packages or ips without further info
+
+`
+qualys_parser -i real.csv -l
+`
+
+Sample output:
+
+```bash
+The vulnerable packages found :
+git-man
+linux-image-aws
+linux-libc-dev
+OpenSSH_7.2p2
+There are a total of 4 of package(s) found
+```