stevemcgrath / pysecuritycenter Goto Github PK
View Code? Open in Web Editor NEWLicense: BSD 3-Clause "New" or "Revised" License
License: BSD 3-Clause "New" or "Revised" License
Objective:
Log in to Tenable Security Center 5.3.2
Using Python 3.4
Start a Nessus Scan
Python Script:
from securitycenter import SecurityCenter
sc = securitycenter.SecurityCenter('https://777.777.7.77:8834','goat','start^&*+fGh--!end')
print('Finish')
Run python script
File "E:\tenable\sc.py", line 8, in
from securitycenter import SecurityCenter
File "C:\Python34\lib\site-packages\securitycenter__init__.py", line 1, in
from .sc4 import SecurityCenter4 as SecurityCenter
File "C:\Python34\lib\site-packages\securitycenter\sc4.py", line 6, in
import os, sys, ssl, random, httplib, logging, mimetypes, urllib2, calendar
ImportError: No module named 'httplib'
What do I need to correct in this script?
And do I need to add mod: from nessrest import ness6rest to start a Nessus Scan after I log into Security Center?
Thank You
I'm having trouble passing in a pair of strings as the username, password combo. I am using variables I read in from a file so I do not have to store the password in the script. A snippet of my code:
sc = SecurityCenter5('fullyqualified.domain.name')
with open('/Users/<username>/security_center_automation/scManager.txt') as f:
credentials=f.readlines()
user = (credentials[0])
passwd = (credentials[1])
sc.login(user, passwd)
I am getting for an error:
Traceback (most recent call last):
File "/Users//security_center_automation/importAssets.py", line 23, in
sc.login(user, passwd)
File "/Library/Python/2.7/site-packages/securitycenter/sc5.py", line 44, in login
resp = self.post('token', json={'username': user, 'password': passwd})
File "/Library/Python/2.7/site-packages/securitycenter/base.py", line 91, in post
return self._resp_error_check(resp)
File "/Library/Python/2.7/site-packages/securitycenter/sc5.py", line 31, in _resp_error_check
raise APIError(d['error_code'], d['error_msg'])
securitycenter.base.APIError: u'[161]: Invalid login credentials\n'
[Finished in 1.0s with exit code 1]
[shell_cmd: python -u "/Users//security_center_automation/importAssets.py"]
[dir: /Users//security_center_automation]
[path: /usr/bin:/bin:/usr/sbin:/sbin]
Edit: Security Center 5.3.2. And yes these credentials are correct and are of type string
Python 2.6 and 2.7 return sys.version_info in different formats, this leads sc4.py to fail at line 285
if v.major == 2 and v.minor >= 7 and v.micro >= 9:
AttributeError: 'tuple' object has no attribute 'major'
Looking at 2.6.6
>>> import sys
>>> sys.version_info
(2, 6, 6, 'final', 0)
and now with 2.7.9
>>> sys.version_info
sys.version_info(major=2, minor=7, micro=9, releaselevel='final', serial=0)
First off, great tool! Best security center API client I've come across.
Have you considered making csv_gen its own module/project? It would be nice to be able to clone just the csv_gen and use that as a 'front-end' to pySecurityCenter
I am attempting to build some custom asset lists based on the vulntext of an audit file plugin. Error below. Other calls execute fine.
Traceback (most recent call last):
File "./asset_redux.py", line 7, in
response = sc.analysis(('pluginID', '=', '1006879'), tool='vulndetails')
File "/usr/local/lib/python2.7/dist-packages/securitycenter/sc5.py", line 136, in analysis
resp = self.post('analysis', json=kwargs)
File "/usr/local/lib/python2.7/dist-packages/securitycenter/base.py", line 96, in post
return self._resp_error_check(resp)
File "/usr/local/lib/python2.7/dist-packages/securitycenter/sc5.py", line 31, in _resp_error_check
raise APIError(d['error_code'], d['error_msg'])
securitycenter.base.APIError: u'[143]: Unable to process Vuln Query.\nSecurityCenter could not process the vulnerability filter string (SC_ROOT=/opt/sc /opt/sc/bin/showvulns +orgid "1" +groupid "0" +tool 'vulndetails' +sourcetype 'cumulative' +startoffset '0' +endoffset '1000' +pluginid '1006879' +repository "15,16,18,22,23,24,25,26" -acceptRisk).\nNo response from showvulns\n'
To the point:
Using sc.analysis to down load large amounts (30 gigs) of json data requires you to use the "page" feature.
What is not documented by Tenable, but which I was told by Tenable premier (paid) support is:
SecurityCenter5 has no capability to issue the second call.
What is not documented by Tenable is the quirky way in which the filter parameter works is:
lastSeen=n:m
where n, m are positive integer values and n must be less than m and they represent the number of days prior as a range. What is not well known or documented by Tenable is that these numbers represent the number of 24 hour periods from the wall clock time at which you submit your API call, not a calendar day, starting at midnight.
So, if you want to "pull" an entire 7 day period, you must specify 0:8 and throw out days 0 and 8. Yes, it is true. This make no sense and a very unworkable API.
So repeatably calling the /analysis with page 2 through n will cause you to miss some vulnerabilities in the json output. Let's say it takes 3 minutes to pull a page. If you call /analysis 500 time, you have 500 * 3 minute gaps that might cause you to loose/skip data.
There is no documentation on the web, that I can find anywhere, about the requirement to first call /analysis and then analysis/download n times. No doc, no examples, nothing.
Otherwise you'll get an ImportError on httplib and urllib2.
Having issues logging into SC5 with pySecurityCenter. Here is an issue when running example ips_in_asset_lists.py.
Traceback (most recent call last):
File "ips_in_asset_lists.py", line 41, in
sc.login(username, password)
File "/Library/Python/2.7/site-packages/securitycenter/sc5.py", line 45, in login
self._token = resp.json()['response']['token']
KeyError: 'token'
Python 2.7.12
Security Center 5.3.2
from securitycenter import SecurityCenter5
fails for python3. Any reasons why?
How can the script be modified to pipe the scan result directly to a zip file on disk without staging in memory. We have scan result files exceeding 1 GB zipped and the script blows memory even with 16GB RAM.
Steve,
I am working on a new Windows 7 PC with python 2.7 and installed the latest version of the pySC module, 3.3.1. I have version 0.8.1 of poster installed and setuptools 0.6c11 for python 2.7. I am getting this error:
sc = securitycenter.SecurityCenter(host,user,passwd)
Traceback (most recent call last):
File "", line 1, in
File "securitycenter.py", line 48, in init
self.login(user, passwd)
File "securitycenter.py", line 310, in login
self._token = data['response']['token']
TypeError: list indices must be integers, not str
I have tried deleting the .py files from C:\Python27\Lib\site-packages and reinstalling via python setup.py install. I am not sure how to fix this. thanks.
To: Paragbaxi
Thank you for taking the time and giving me a reply.
I’m still new to python and I’m having a problem figuring out how to solve this problem.
So I will take a guess.
Error message below:
File "C:\Python34\lib\site-packages\securitycenter__init__.py", line 1, in
File "C:\Python34\lib\site-packages\securitycenter\sc4.py", line 6, in
ImportError: No module named 'httplib'
So, I went to GitHub: pySecurityCenter / securitycenter / sc4.py
On line 6 I found:
import os, sys, ssl, random, httplib, logging, mimetypes, urllib2, calendar
Does this mean I have to remove httplib from the mod?
Do I copy and paste all of: sc4.py into my program below?
Then copy all of: init.py?
++++++++++++Program Below+++++++++++++++++++++++
from securitycenter import SecurityCenter5
import http.client
sc = securitycenter.SecurityCenter('https://128.102.2.36:8834','swtest','P@ssw0rd!')
print('Finish')
++++++++++++Program End+++++++++++++++++++++++
Objected: Login to Tenable Security Center and run a Nessus Scan
Running: Python 3.4 and Security Center 5.3.2
I’m not sure what to do to solve this problem.
Thanks for your help
Pythoncode17
I'm having trouble just getting started. Please advise.
$ cat sc5apitool
#!/usr/bin/env python
from securitycenter import SecurityCenter5
sc = SecurityCenter5('')
sc.login('','')
response = sc.get('status')
print response
$ ./sc5apitool
Traceback (most recent call last):
File "./sc5apitool", line 7, in
response = sc.get('status')
File "/home/ec2-user/sc5apitool/.venv/local/lib64/python2.7/site-packages/securitycenter/base.py", line 79, in get
resp = self._session.get(self._url(path), **self._builder(**kwargs))
File "/home/ec2-user/sc5apitool/.venv/local/lib/python2.7/site-packages/requests/sessions.py", line 488, in get
return self.request('GET', url, **kwargs)
File "/home/ec2-user/sc5apitool/.venv/local/lib/python2.7/site-packages/requests/sessions.py", line 461, in request
prep = self.prepare_request(req)
File "/home/ec2-user/sc5apitool/.venv/local/lib/python2.7/site-packages/requests/sessions.py", line 394, in prepare_request
hooks=merge_hooks(request.hooks, self.hooks),
File "/home/ec2-user/sc5apitool/.venv/local/lib/python2.7/site-packages/requests/models.py", line 295, in prepare
self.prepare_headers(headers)
File "/home/ec2-user/sc5apitool/.venv/local/lib/python2.7/site-packages/requests/models.py", line 409, in prepare_headers
check_header_validity(header)
File "/home/ec2-user/sc5apitool/.venv/local/lib/python2.7/site-packages/requests/utils.py", line 800, in check_header_validity
"not %s" % (value, type(value)))
requests.exceptions.InvalidHeader: Header value 1913645890 must be of type str or bytes, not <type 'int'>
To: Paragbaxi
Thank you for taking the time and giving me a reply.
I’m still new to python and I’m having a problem figuring out how to solve this problem.
So I will take a guess.
Error message below:
File "C:\Python34\lib\site-packages\securitycenter__init__.py", line 1, in
File "C:\Python34\lib\site-packages\securitycenter\sc4.py", line 6, in
ImportError: No module named 'httplib'
So, I went to GitHub: pySecurityCenter / securitycenter / sc4.py
On line 6 I found:
import os, sys, ssl, random, httplib, logging, mimetypes, urllib2, calendar
Does this mean I have to remove httplib from the mod?
Do I copy and paste all of: sc4.py into my program below?
Then copy all of: init.py?
Do I import: import http.client
++++++++++++Program Below+++++++++++++++++++++++
from securitycenter import SecurityCenter5
import http.client
sc = securitycenter.SecurityCenter('https://128.102.2.36:8834','swtest','P@ssw0rd!')
print('Finish')
++++++++++++Program End+++++++++++++++++++++++
Objected: Login to Tenable Security Center and run a Nessus Scan
Running: Python 3.4 and Security Center 5.3.2
I’m not sure what to do to solve this problem.
Thanks for your help
Pythoncode17
Per the Tenable forum post, I am hoping for a rewrite of this for python 3.2.
I think this never passes additional arguments from the Reports section to the def download function.. I.e. specifying "Name" doesn't filter out reports properly.
download(sc,
age=config.getint('Reports', 'age'),
path=config.get('Reports', 'path')
)
Then the def has
def download(sc, age=0, path='reports', name='name', **args):
And args is never populated with lists, so the "name" check following it doesn't ever match
if 'name' in args and args['name'] not in report['name']:
continue
Looks like the fix is just adding "name=config.get('Reports', 'name')" to the download call? Maybe Reports, type too?
I am running into an issue trying to update assets that already exist.
Using the sc.post() method I get:
Traceback (most recent call last):
File "/Users/<username>/security_center_automation/importAssets.py", line 74, in <module>
assetUpdateFunction(scan, str_asset_scan_list)
File "/Users/<username>/security_center_automation/importAssets.py", line 35, in assetUpdateFunction
'tags': name,
File "/Library/Python/2.7/site-packages/securitycenter/base.py", line 91, in post
return self._resp_error_check(resp)
File "/Library/Python/2.7/site-packages/securitycenter/sc5.py", line 31, in _resp_error_check
raise APIError(d['error_code'], d['error_msg'])
securitycenter.base.APIError: u"[144]: Adding Asset 'a' failed.\nAsset name already exists.\n"
[Finished in 1.3s with exit code 1]
[shell_cmd: python -u "/Users/<username>/security_center_automation/importAssets.py"]
[dir: /Users/<username>/security_center_automation]
[path: /usr/bin:/bin:/usr/sbin:/sbin]
Which makes sense that sc.post() would give that result. Looking under the nessus api documentation it looks like sc.post() needs to be able to create a new asset.
However it looks like sc.patch() should allow for editing of existing assets. and according to the documentation, it takes the same arguments as sc.post(). So I tried mostly the same parameters and recieved this error:
Traceback (most recent call last):
File "/Users/<username>/security_center_automation/importAssets.py", line 75, in <module>
assetPatchFunction(scan, str_asset_scan_list)
File "/Users/<username>/security_center_automation/importAssets.py", line 49, in assetPatchFunction
'tags': name,
File "/Library/Python/2.7/site-packages/securitycenter/base.py", line 107, in patch
return self._resp_error_check(resp)
File "/Library/Python/2.7/site-packages/securitycenter/sc5.py", line 31, in _resp_error_check
raise APIError(d['error_code'], d['error_msg'])
securitycenter.base.APIError: u'[11]: Resource does not support this method.'
[Finished in 1.0s with exit code 1]
[shell_cmd: python -u "/Users/<username>/security_center_automation/importAssets.py"]
[dir: /Users/<username>/security_center_automation]
[path: /usr/bin:/bin:/usr/sbin:/sbin]
Is this a mistake on my part? Or has patch not been implemented as a feature?
I recently took over a Nessus Manager Suite that the client is trying to integrate Nessus info into Remedy for ticketing. When we run the python script that tenable installed it generates an error
ERROR - 'module' object has no attribute 'SecurityCenter5' . Just wondering if you have ever came across this issue.
line 1153, in risk_rule
securitycenter/sc4.py NameError: global name 'comments' is not defined
def risk_rule(self, rule_type, rule_value, port, proto, plugin_id,
repo_ids, comment='', expires='-1', severity=None):
should read
def risk_rule(self, rule_type, rule_value, port, proto, plugin_id,
repo_ids, comments='', expires='-1', severity=None):
Steve - your code and contributions for Security Center are awesome. I am running 5.4.0 on a standalone with no internet connection. I have tried to save the package from the cheeseshop, import into my system and installed via running the setup.py file. I installed pySecurityCenter 3.0.2 and I'm trying to test out the functionality for the downloader.py file. When trying to execute, I'm getting the error:
ImportError: cannot import name SecurityCenter5
Any ideas?
Thanks,
Dom
SC4
Python 2.6.6
pySecurityCenter-2.1.7
Receiving the following module object errors:
Traceback (most recent call last):
File "runcsv.py", line 30, in
port=conf.getint('Settings', 'port'))
File "build/bdist.linux-x86_64/egg/securitycenter/sc4.py", line 112, in init
File "build/bdist.linux-x86_64/egg/securitycenter/sc4.py", line 920, in _system
File "build/bdist.linux-x86_64/egg/securitycenter/sc4.py", line 338, in raw_query
File "build/bdist.linux-x86_64/egg/securitycenter/sc4.py", line 296, in _request
AttributeError: 'module' object has no attribute 'SSLContext'
Traceback (most recent call last):
File "example.py", line 11, in
sc = securitycenter.SecurityCenter(host, username, password)
File "build/bdist.linux-x86_64/egg/securitycenter/sc4.py", line 112, in init
File "build/bdist.linux-x86_64/egg/securitycenter/sc4.py", line 920, in _system
File "build/bdist.linux-x86_64/egg/securitycenter/sc4.py", line 338, in raw_query
File "build/bdist.linux-x86_64/egg/securitycenter/sc4.py", line 296, in _request
AttributeError: 'module' object has no attribute 'SSLContext'
Traceback (most recent call last):
File "dns_populate.py", line 28, in
sc = SecurityCenter(host, username, password)
File "build/bdist.linux-x86_64/egg/securitycenter/sc4.py", line 112, in init
File "build/bdist.linux-x86_64/egg/securitycenter/sc4.py", line 920, in _system
File "build/bdist.linux-x86_64/egg/securitycenter/sc4.py", line 338, in raw_query
File "build/bdist.linux-x86_64/egg/securitycenter/sc4.py", line 296, in _request
AttributeError: 'module' object has no attribute 'SSLContext'
Reading through the help module for securitycenter.sc5, it lists the following URL for Tenable's official API documenation:
This site is down, and now api docs are located here:
Would be nice since many SC customers also have NC/Tenable.io that they are made aware of the official SDK you are working on.
Ive been playing around with your downloader example and it seems there is an issue when attempting multiple logins. Is there a way to logout after the work has been completed rather than leave the session running (im hitting session limits).
Steve,
I am getting this error:
Updating asset list...
Traceback (most recent call last):
File "SC4_Duplicate_IP_Remover_SCM_SS.py", line 201, in
sc.asset_update(assetlistid,ips=final_list)
File "C:\Python27\lib\site-packages\securitycenter.py", line 398, in asset_update
return self.raw_query('asset', 'edit', data=payload)
File "C:\Python27\lib\site-packages\securitycenter.py", line 190, in raw_query
data = self.request(module, action, data, headers, dejson, filename)
File "C:\Python27\lib\site-packages\securitycenter.py", line 175, in request
return json.loads(data)
File "C:\Python27\lib\site-packages\simplejson__init.py", line 451, in loads
return _default_decoder.decode(s)
File "C:\Python27\lib\site-packages\simplejson\decoder.py", line 402, in decode
obj, end = self.raw_decode(s, idx=_w(s, 0).end())
File "C:\Python27\lib\site-packages\simplejson\decoder.py", line 420, in raw_decode
raise JSONDecodeError("No JSON object could be decoded", s, idx)
simplejson.decoder.JSONDecodeError: No JSON object could be decoded: line 1 column 0 (char 0)
My script is trying to update a SC asset list and the python list contains 146,747 individual IPs. I have been successful with large numbers of IPs and updating asset lists in the past, but this is the largest so far. This is the first time getting this error.
Any ideas? Thanks
I am trying to migrate some code from using SecurityCenter 1.0.5 to pySecurityCenter 2.1.4. Unfortunately both install themselves as securitycenter.
It would really be a good thing if I could get pySecurityCenter to install someplace else but my setup.py knowledge is limited to running the script.
Any pointers to the appropriate documentation or suggestion on how to proceed will be appreciated.
I realize that this is more than likely an issue with how I am formatting and using your tool more so than a bug with your code. However, i am having an issue and I thought you might be able to help me if you have the time.
I currently have a CSV document of about 400 DNS names and IPs. I was following your example under SC5 "asset_list_batch.py". This works great if you want to add all of the assets directly into the asset list, but I was hoping to add them to a group. I have tried editing the json data and tagging it with a group name, but over all doesn't work. I then tried to add the type dynamic which allows for group tagging, but I keep getting "Please specify rules for this dynamic asset". Not sure where I am going wrong. If you could offer any assistance or point me to a resource that I can read I would be greatly appreciative.
#This did not work for me.
#I believe the fix should be:
#%s should be %d
resp = sc.get('scanResult', params={
'startTime': findate.strftime('%d'),
'fields': 'name,finishTime,downloadAvailable,repository',
})
if 'generator' in kwargs: kwargs['page_obj'] = return_generator
I believe you mean
if 'generator' in kwargs: kwargs['generator'] = return_generator
While trying the basic example (or any other example) in SC4 (https://github.com/SteveMcGrath/pySecurityCenter/tree/master/examples/sc4/basic_example) receving the following error:
Traceback (most recent call last):
File "example.py", line 13, in
sc = SecurityCenter(host,username,password)
File "/opt/python/lib/python2.7/site-packages/securitycenter/sc4.py", line 100, in init
self.system = self._system()
File "/opt/python/lib/python2.7/site-packages/securitycenter/sc4.py", line 914, in _system
return self.raw_query('system', 'init')
File "/opt/python/lib/python2.7/site-packages/securitycenter/sc4.py", line 332, in raw_query
data = self._request(module, action, data, headers, dejson, filename)
File "/opt/python/lib/python2.7/site-packages/securitycenter/sc4.py", line 288, in _request
resp = urlopen(Request(self._url, payload, headers), context=ssl.SSLContext(ssl.PROTOCOL_TLSv1))
File "/opt/python/lib/python2.7/urllib2.py", line 154, in urlopen
return opener.open(url, data, timeout)
File "/opt/python/lib/python2.7/urllib2.py", line 431, in open
response = self._open(req, data)
File "/opt/python/lib/python2.7/urllib2.py", line 449, in _open
'_open', req)
File "/opt/python/lib/python2.7/urllib2.py", line 409, in _call_chain
result = func(*args)
File "/opt/python/lib/python2.7/urllib2.py", line 1240, in https_open
context=self._context)
File "/opt/python/lib/python2.7/urllib2.py", line 1197, in do_open
raise URLError(err)
urllib2.URLError: urlopen error [Errno -2] Name or service not known
I believe this is due to the SSL certificate on our SC instance. For our own scripts we have been using the below to get past the SSL issue:
ctx = ssl.create_default_context()
ctx.check_hostname = False
ctx.verify_mode = ssl.CERT_NONE
An option needs to be present to set the SSL vertification mode in the module.
Hi, I'm having trouble with the downloader.py file. I'm using python 2.7. I'm not receiving any error messages however nothing appears to be downloading. I've looked at my access log and see numerous requests for files, but the sub-folder isn't even getting created. My logon looks successful according to the tenable logs. Any thoughts?
Hi,
I was just trying to to use the new SC5 API and are failing on the first step:
from securitycenter import SecurityCenter5
xxxx\site-packages\securitycenter__init__.py", line 1, in
from sc4 import SecurityCenter4 as SecurityCenter
ImportError: No module named 'sc4'
I am running version 2.1.11 installed via pip and python 3.5.
This seems to be related to http://python-notes.curiousefficiency.org/en/latest/python_concepts/import_traps.html and can be fixed easily in securitycenter__init__.py by using a dot in front of sc4, sc5 and nessus in the imports.
On the other hand, this leads to many more issues because of python 3.5 not having urrlib2 (merged to urllib) and StringIO. It is probably possible to comment out the sc4 imports in init.py and not use this code at all.
I receive the following error when attempting to install this library. The biggest issue that stands out to me is the last line (ImportError: No module named requests.packages.urllib3.exceptions
)
Any thoughts on how to proceed forward with this error?
STDOUT: Downloading/unpacking pysecuritycenter==2.1
Downloading pySecurityCenter-2.1.tar.gz
Running setup.py (path:/tmp/pip-build-Wfk05K/pysecuritycenter/setup.py) egg_info for package pysecuritycenter
Traceback (most recent call last):
File "<string>", line 17, in <module>
File "/tmp/pip-build-Wfk05K/pysecuritycenter/setup.py", line 3, in <module>
import securitycenter
File "securitycenter/__init__.py", line 1, in <module>
from base import SecurityCenter4 as SecurityCenter
File "securitycenter/base.py", line 1, in <module>
from requests.packages.urllib3.exceptions import InsecureRequestWarning
ImportError: No module named requests.packages.urllib3.exceptions
Complete output from command python setup.py egg_info:
Traceback (most recent call last):
File "<string>", line 17, in <module>
File "/tmp/pip-build-Wfk05K/pysecuritycenter/setup.py", line 3, in <module>
import securitycenter
File "securitycenter/__init__.py", line 1, in <module>
from base import SecurityCenter4 as SecurityCenter
File "securitycenter/base.py", line 1, in <module>
from requests.packages.urllib3.exceptions import InsecureRequestWarning
ImportError: No module named requests.packages.urllib3.exceptions
Hi,
I'd like to use the request timeout feature which isn't released on PyPI yet. Would you mind publishing a new release?
Thanks for maintaining!
Hey Steve,
I have imported securitycenter and did pip install too, but while calling securitycenter.SecurityCenter('ADDRESS','username','password') I am getting the error:
sc = securitycenter.SecurityCenter(server,username,password)
AttributeError: 'module' object has no attribute 'SecurityCenter'
further from securitycenter import SecurityCenter4 gives error :
ImportError: cannot import name SecurityCenter4
Can you please help me figure out what is going wrong.
Hi,
Currently trying to using your wrapper and every time I try to test it with the downloader.py example, I receive a connection error with the remote IP I'm trying to connect to right now. Not sure, if it's due to our self signed certificate for the page or something else.
Currently using Python 3.6.1.
Output:
[Removed]
I'm going to be writing hundreds of unittest for all of the capability that exists in securitycenter, so that i can test against changes as new releases are made.
using the api functions that you have is a good starting point for me. I just need a little guidance on updating settings.
I'm attempting to turn on or set the classification banner. should i be using post or put?
self.sc.post('configSection/3', json={"LoginMaxAttempts":100,"PasswordMinLength":3,"ServerClassification":"UNCLASSIFIED//FOR OFFICIAL USE ONLY","SessionLimit":15} )
i just need to figure out the pattern to use so that i can create test to update sections, add scanners and repositories, user, etc.
So, this is awesome, even for a python rookie. My question is, do you have a way to clean up the data that is returning from using sc.analysis? For instance, if I'm requesting all vulns from an IP address, I'm getting a ton of unnecessary data back with the good data such as MAC address, Protocol, netbios name, etc. Is there a way to clean it up so that I see something like:
Plugin ID: 72704
Plugin Name: .Net Framework Unsupported
Severity: Critical
Plugin ID: 12104
Plugin Name: McAfee something
Severity: Critical
And so on..?
First of all, great tool! Thanks so much!
From the documentation:
"...sc.upload() function that accepts a file object. It will return with the relevant information (including things like the temporary filename you will need in the subsequent calls)."
When I use sc.upload() to upload a file, I get a 200 response, but no other details.
from securitycenter import SecurityCenter5
sc = SecurityCenter5('###')
sc.login('###','###')
sc.upload('/Users/test/test.txt')
<Response [200]>
I'm trying to import assets from these uploaded files, but I need the temporary upload name to reference.
Any Ideas?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.