defectdojo / sample-scan-files Goto Github PK
View Code? Open in Web Editor NEWSample scan files for testing DefectDojo imports
License: MIT License
Sample scan files for testing DefectDojo imports
License: MIT License
File to import: veracode/veracode.Sample_Static_and_Dynamic.xml
Issue: DD reports Server Error (500)
Logs:
Internal Server Error: /product/2/import_scan_results
Traceback (most recent call last):
File "/usr/local/lib/python2.7/site-packages/django/core/handlers/exception.py", line 41, in inner
response = get_response(request)
File "/usr/local/lib/python2.7/site-packages/django/core/handlers/base.py", line 249, in _legacy_get_response
response = self._get_response(request)
File "/usr/local/lib/python2.7/site-packages/django/core/handlers/base.py", line 187, in _get_response
response = self.process_exception_by_middleware(e, request)
File "/usr/local/lib/python2.7/site-packages/django/core/handlers/base.py", line 185, in _get_response
response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "/usr/local/lib/python2.7/site-packages/django/contrib/auth/decorators.py", line 23, in _wrapped_view
return view_func(request, *args, **kwargs)
File "./dojo/product/views.py", line 382, in import_scan_results_prod
return import_scan_results(request, pid=pid)
File "/usr/local/lib/python2.7/site-packages/django/contrib/auth/decorators.py", line 23, in _wrapped_view
return view_func(request, *args, **kwargs)
File "./dojo/engagement/views.py", line 519, in import_scan_results
parser = import_parser_factory(file, t)
File "./dojo/tools/factory.py", line 69, in import_parser_factory
parser = VeracodeXMLParser(file, test)
File "./dojo/tools/veracode/parser.py", line 59, in __init__
dupe_key = sev + flaw.attrib['cweid'] + flaw.attrib['module'] + flaw.attrib['type'] + flaw.attrib['line'] + flaw.attrib['issueid']
KeyError: 'line'
Hello @aaronweaver @mtesauro
I and @Maffooch are working on implementing Unit Test for Import Scanners on the DefectDojo Project.
In order to complete this task, we need to store on this repo all sample scan files of all scanners in https://github.com/DefectDojo/django-DefectDojo/tree/master/dojo/tools
we have been able to get some of the missing sample scan files but the following underlisted are no where to be found.
[ ] appspider
[ ] aws_prowler
[ ] aws_scout2
[ ] fortify
[ ] mobsf
[ ] openvas_csv
[ ] qualys (In repo already : https://github.com/DefectDojo/sample-scan-files/tree/master/qualys)
[x] retirejs (In repo now : Maffooch)
[ ] skf
[ ] spotbugs
[ ] trustwave
[ ] vcg
Is there any way their sample scan files can be fetched and uploaded here so they can be added to the repo.
Trying to import the sample Veracode static and dynamic scan fails with an import error. "An error has occurred in the parser, please see error log for details." I believe this sample may be out of date as existing Veracode scans that I get directly from Veracode parse without problem.
This is also true for sample Veracode scan
I am running DefectDojo-Django in Docker.
v. 1.12.0 ( release mode )
DD fails when ssllabs report file doesn't contain suites
for any of the scanned hosts.
Internal Server Error: /engagement/38/import_scan_results
Traceback (most recent call last):
File "/usr/local/lib/python2.7/site-packages/django/core/handlers/exception.py", line 41, in inner
response = get_response(request)
File "/usr/local/lib/python2.7/site-packages/django/core/handlers/base.py", line 249, in _legacy_get_response
response = self._get_response(request)
File "/usr/local/lib/python2.7/site-packages/django/core/handlers/base.py", line 187, in _get_response
response = self.process_exception_by_middleware(e, request)
File "/usr/local/lib/python2.7/site-packages/django/core/handlers/base.py", line 185, in _get_response
response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "/usr/local/lib/python2.7/site-packages/django/contrib/auth/decorators.py", line 23, in _wrapped_view
return view_func(request, *args, **kwargs)
File "./dojo/engagement/views.py", line 519, in import_scan_results
parser = import_parser_factory(file, t)
File "./dojo/tools/factory.py", line 107, in import_parser_factory
parser = SSLlabsParser(file, test)
File "./dojo/tools/ssllabs/parser.py", line 76, in __init__
if "list" in endpoints["details"]["suites"]:
KeyError: 'suites'
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.