Merge branch 'main' into feature/upload-multiple-files-at-once-to-bytes

minvws · Sep 10, 2024 · 7e250df · 7e250df
2 parents 698053e + a0c48c8
commit 7e250df
Show file tree

Hide file tree

Showing 14 changed files with 34 additions and 2 deletions.
diff --git a/boefjes/boefjes/models.py b/boefjes/boefjes/models.py
@@ -13,7 +13,7 @@ class Organisation(BaseModel):
 
 class Plugin(BaseModel):
     id: str
-    name: str | None = None
+    name: str
     version: str | None = None
     created: datetime.datetime | None = None
     description: str | None = None

diff --git a/boefjes/boefjes/plugins/kat_dns_version/normalizer.json b/boefjes/boefjes/plugins/kat_dns_version/normalizer.json
@@ -1,5 +1,6 @@
 {
   "id": "dns-bind-version-normalize",
+  "name": "DNS bind version normalizer",
   "consumes": [
     "boefje/dns-bind-version"
   ],

diff --git a/boefjes/boefjes/plugins/kat_green_hosting/normalizer.json b/boefjes/boefjes/plugins/kat_green_hosting/normalizer.json
@@ -1,6 +1,7 @@
 {
   "id": "kat_green_hosting_normalize",
   "description": "Parses the Green Hosting output into findings.",
+  "name": "Green Hosting",
   "consumes": [
     "boefje/green-hosting"
   ],

diff --git a/boefjes/boefjes/plugins/kat_kat_finding_types/kat_finding_types.json b/boefjes/boefjes/plugins/kat_kat_finding_types/kat_finding_types.json
@@ -486,5 +486,10 @@
     "source": "https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers",
     "impact": "Nonstandard headers may not be supported by all browsers and may not provide the security that is expected.",
     "recommendation": "Remove the nonstandard headers from the response."
+  },
+  "KAT-SOFTWARE-VERSION-NOT-FOUND": {
+    "description": "The version of the software is not found.",
+    "risk": "recommendation",
+    "recommendation": "There was no version found for this software but there are known vulnerabilities for this software."
   }
 }
diff --git a/boefjes/boefjes/plugins/kat_kat_finding_types/normalizer.json b/boefjes/boefjes/plugins/kat_kat_finding_types/normalizer.json
@@ -1,5 +1,6 @@
 {
   "id": "kat_kat_finding_types_normalize",
+  "name": "KAT finding types",
   "description": "Parses KAT finding types.",
   "consumes": [
     "boefje/kat-finding-types"

diff --git a/boefjes/boefjes/plugins/kat_manual/single_ooi/normalizer.json b/boefjes/boefjes/plugins/kat_manual/single_ooi/normalizer.json
@@ -1,5 +1,6 @@
 {
   "id": "kat_manual_ooi",
+  "name": "Manual OOI normalizer",
   "consumes": [
     "manual/ooi"
   ],

diff --git a/boefjes/boefjes/plugins/kat_snyk/normalize.py b/boefjes/boefjes/plugins/kat_snyk/normalize.py
@@ -23,7 +23,7 @@ def run(input_ooi: dict, raw: bytes) -> Iterable[NormalizerOutput]:
     elif not results["table_vulnerabilities"] and not results["cve_vulnerabilities"]:
         # no vulnerabilities found
         return
-    else:
+    if software_version:
         for vuln in results["table_vulnerabilities"]:
             snyk_ft = SnykFindingType(id=vuln.get("Vuln_href"))
             yield snyk_ft
@@ -40,6 +40,15 @@ def run(input_ooi: dict, raw: bytes) -> Iterable[NormalizerOutput]:
                 ooi=pk_ooi,
                 description=vuln.get("Vuln_text"),
             )
+    if not software_version and (results["table_vulnerabilities"] or results["cve_vulnerabilities"]):
+        kat_ooi = KATFindingType(id="KAT-SOFTWARE-VERSION-NOT-FOUND")
+        yield kat_ooi
+        yield Finding(
+            finding_type=kat_ooi.reference,
+            ooi=pk_ooi,
+            description="There was no version found for this software. "
+            "But there are known vulnerabilities for some versions.",
+        )
 
     # Check for latest version
     latest_version = ""

diff --git a/boefjes/tests/katalogus/boefjes_test_dir/kat_test/kat_test_2/kat_test_3/normalizer.json b/boefjes/tests/katalogus/boefjes_test_dir/kat_test/kat_test_2/kat_test_3/normalizer.json
@@ -1,5 +1,6 @@
 {
   "id": "kat_test_normalize_2",
+  "name": "Test normalizer 2",
   "description": "Testing KAT 2",
   "consumes": [
     "text/html"

diff --git a/boefjes/tests/katalogus/boefjes_test_dir/kat_test/normalizer.json b/boefjes/tests/katalogus/boefjes_test_dir/kat_test/normalizer.json
@@ -1,5 +1,6 @@
 {
   "id": "kat_test_normalize",
+  "name": "Test normalizer",
   "description": "Testing KAT",
   "consumes": [
     "text/html"

diff --git a/boefjes/tests/modules/dummy_bad_normalizer_dict_structure/normalizer.json b/boefjes/tests/modules/dummy_bad_normalizer_dict_structure/normalizer.json
@@ -1,5 +1,6 @@
 {
   "id": "dummy_bad_normalizer_dict_structure",
+  "name": "dummy_bad_normalizer_dict_structure",
   "description": "",
   "consumes": [],
   "produces": []

diff --git a/boefjes/tests/modules/dummy_bad_normalizer_return_type/normalizer.json b/boefjes/tests/modules/dummy_bad_normalizer_return_type/normalizer.json
@@ -1,5 +1,6 @@
 {
   "id": "dummy_bad_normalizer_return_type",
+  "name": "dummy_bad_normalizer_return_type",
   "description": "",
   "consumes": [],
   "produces": []

diff --git a/boefjes/tests/modules/dummy_normalizer/normalizer.json b/boefjes/tests/modules/dummy_normalizer/normalizer.json
@@ -1,5 +1,6 @@
 {
   "id": "dummy_normalizer",
+  "name": "dummy_normalizer",
   "description": "",
   "consumes": [],
   "produces": []

diff --git a/boefjes/tests/modules/dummy_normalizer_import_error/normalizer.json b/boefjes/tests/modules/dummy_normalizer_import_error/normalizer.json
@@ -1,5 +1,6 @@
 {
   "id": "dummy_normalizer",
+  "name": "dummy_normalizer",
   "description": "",
   "consumes": [],
   "produces": []

diff --git a/boefjes/tests/test_tasks.py b/boefjes/tests/test_tasks.py
@@ -22,46 +22,54 @@ def setUp(self) -> None:
         self.boefjes = [
             Boefje(
                 id="test-boefje-1",
+                name="test-boefje-1",
                 consumes={"SomeOOI"},
                 produces=["test-boef-1", "test/text"],
             ),
             Boefje(
                 id="test-boefje-2",
+                name="test-boefje-2",
                 consumes={"SomeOOI"},
                 produces=["test-boef-2", "test/text"],
             ),
             Boefje(
                 id="test-boefje-3",
+                name="test-boefje-3",
                 consumes={"SomeOOI"},
                 produces=["test-boef-3", "test/plain"],
             ),
             Boefje(
                 id="test-boefje-4",
+                name="test-boefje-4",
                 consumes={"SomeOOI"},
                 produces=["test-boef-4", "test/and-simple"],
             ),
         ]
         self.normalizers = [
             Normalizer(
                 id="test-normalizer-1",
+                name="test-normalizer-1",
                 consumes=["test-boef-3", "test/text"],
                 produces=["SomeOOI", "OtherOOI"],
             ),
             Normalizer(
                 id="test-normalizer-2",
+                name="test-normalizer-2",
                 consumes=["test/text"],
                 produces=["SomeOtherOOI"],
             ),
         ]
         self.bits = [
             Bit(
                 id="test-bit-1",
+                name="test-bit-1",
                 consumes="SomeOOI",
                 produces=["SomeOOI"],
                 parameters=[],
             ),
             Bit(
                 id="test-bit-2",
+                name="test-bit-2",
                 consumes="SomeOOI",
                 produces=["SomeOOI", "SomeOtherOOI"],
                 parameters=[],