-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathscanner.py
90 lines (71 loc) · 2.96 KB
/
scanner.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
from abc import ABC, abstractmethod
import sys
import logging
import hashlib
import docker
from common.logging_setup import setup_logger
from common.target_type import TargetType
from typing import List, Dict
class Scanner(ABC):
"""Inherit from this class to integrate a specific scanner. Scanners are tipically based on docker and rely on the run_container method."""
def __init__(self, target_type, log_level=logging.INFO):
self.report_path = ""
self.logger = setup_logger(self.NAME, '🔍', level=log_level)
self.target_type=target_type
if target_type not in self.ACCEPTED_TARGET_TYPES:
self.logger.error("Scanner %s doesn't accept target type %s", self.NAME, target_type)
sys.exit(1)
self.logger.debug("Scanner initialized.")
@property
@abstractmethod
def NAME(self):
"""Scanner name. This constant must be defined in all subclasses. """
@property
@abstractmethod
def DOCKER_IMAGE(self):
"""Scanner name. This constant must be defined in all subclasses. """
@property
@abstractmethod
def ACCEPTED_TARGET_TYPES(self):
"""This constant must be defined in all subclasses. Contains the list of target types that can be scanned with an implemented scanner"""
@property
@abstractmethod
def DEFECTDOJO_IMPORT_FORMAT(self):
"""This constant must be defined in all subclasses.
Reference formats: https://documentation.defectdojo.com/dev/integrations/parsers/file/"""
@abstractmethod
def scan(self, target, working_dir, show_stdout=False, network="") -> List[Dict[str, str]]:
"""This method must be overriden in all subclasses and must return
the path to the report file
Returns:
A json list with details of outputs generated during the scans
e.g.
"""
@abstractmethod
def get_aux_args(self) -> str:
"""This method must be overriden in all subclasses and must return
a json string containing necessary variables to be used from output modules"""
def get_accepted_types(self) -> List[TargetType]:
"""This method must be overriden in all subclasses and must return
the list of accepted target types of the implemented scanner"""
def run_container(self, image, command, volumes={}, environment={}, user='', network=''):
client = docker.from_env()
container = client.containers.run(
image,
command=command,
volumes=volumes,
environment=environment,
user=user,
network=network,
detach=True,
stdout=True,
stderr=False
)
container.wait()
logs = container.logs().decode("utf-8")
container.remove()
return logs
def get_target_id(self, s, length=8):
hash_object = hashlib.sha256(s.encode('utf-8'))
hash_id = hash_object.hexdigest()
return hash_id[:length]