Comments (4)
You can put the template in ~/.risu/templates and it will be loaded automatically. Templates are validated against a template and if they are not correct they are not loaded. Saves some trouble shooting issues.
Also take a look at template.rb in /usr/local/rvm/gems/ruby-1.9.2-p290/gems/risu-1.4.8/lib/risu/templates for an example of the template format. Its a lot like a metasploit module if you have seen those.
from risu.
Wow, that was somewhat painful. I see you changed the template format rather dramatically, especially the table output. I finally got my template "converted" to the new format and there are quite a few changes to account for.
But I still have a couple of items:
-
table output column widths are not working. Used to be
header_widths = {0 => 75, 1 => 125}
:column_widths = header_widths
But the table procedure does not recognize column_widths and my columns widths are formatted way wrong.
- I used to use Item.critical_risks.count and this seems to be missing. CVSS defines critical as a score of 10 and high as 7-9. Can I get this back so I can continue to report risks as I did last audit?
from risu.
The table stuff is related to Prawn the PDF generator used, Just something that happen to change while updating risu.
This is an example of using table widths
def top_10_table(output)
headers = ["Description", "Count"]
header_widths = {0 => (output.bounds.width - 50), 1 => 50}
data = top_10_sorted
output.table([headers] + data[0..9], :header => true, :column_widths => header_widths, :width => output.bounds.width) do
row(0).style(:font_style => :bold, :background_color => 'cccccc')
cells.borders = [:top, :bottom, :left, :right]
end
end
Item.critical_risks was incorrect. Nessus has High/Medium/Low/Info findings, Risu was fixed to be correct.
Item.critical_risks should be Item.high_risks.count now.
You can you the CVSS score of 10 to have something critical if you want but it is still a high finding from the Nessus standpoint.
1.4.9 adds a whole top 10 api for putting into reports. Not sure when I will have that done. Having a baby has cut my time down a lot.
from risu.
Thanks for the clarification. I will look at this and let you know if there are other items I need.
I still think that maybe the Critical will be wanted by my boss and the customer but I will go with high/med/low/info for now to match with Nessus. This ensures there is no compatibility issue between Nessus and the report which got me last audit and made us look bad when we found the bug in nessusdb and had to reclassify the finding categories.
Congrats on the baby; I have been there and understand.
from risu.
Related Issues (20)
- Unable to read font error HOT 2
- Data too long for column 'plugin_name' HOT 1
- SQL errors from most reports HOT 2
- SQL error when multiple OSs names are returned by Nessus for an host HOT 3
- VERY slow load speed HOT 16
- New XML elements HOT 3
- Trouble with Execute Summary template HOT 9
- risu's graphs template fails to generate, sqllite error HOT 3
- problem with risu in kali HOT 5
- New HostProperties attribute: UnsupportedProduct HOT 1
- Changing Risk Finding Colors HOT 32
- risu not installed in home directory HOT 2
- Risu won't stay installed on Kali HOT 13
- New XML element detected HOT 4
- New XML element: potential_vulnerability HOT 3
- New XML element. HOT 5
- Add support for attribute 'agent' HOT 7
- Support for multiple files and user-specified templates HOT 4
- Boolean fields stored as strings
- High instead of Critical items selected in findings_host.rb HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from risu.