imsahil007's Blog

Week 6: Intermediate Severity Trace Table in PDF Reports

imsahil007
Published: 07/14/2021

What did you do this week?
I have added a severity trace table in PDF reports when output is generated using intermediate scans.
Severity Trace You can check an example here


What is coming up next?
I will be working on the NVD API to retreive incremental updates. This means, that you user won't have to update the whole database everytime. This will also act as backup in case the current CVE Retreival stops working. I am going to dive deep into the documentation this week.

Did you get stuck anywhere?
No

View Blog Post

Week 5: Update HTML Reports Triage based on Multiple Intermediate Reports

imsahil007
Published: 07/06/2021

What did you do this week?
I am done with improving the HTML Reports when output is generated using intermediate reports.
I have added 4 Ploltly based graphs in the report. Including a severity trace for different severity types i.e. (High, Low, Medium, Critical, Unknown)
Severity Trace You can check an example here I have also updated the print_mode in the same reports with a new intermediate based table showing some necessary metadata which will be useful while comparing the triage trends.
Intermediate Table

What is coming up next?
I am going to add a similar table representation in the PDF reports. And then I will start working on updating the documentation and some html report related tests.

Did you get stuck anywhere?
No

View Blog Post

Week 4:Improve HTML Reports based on Multiple Intermediate Reports

imsahil007
Published: 06/28/2021

What did you do this week?
I improved the MergeReport by adding new fields in `merge.py`. Now, we do not require to save a temporary file while merging multiple intermediate reports.
I have also started working on improving the reports when generated using the Intermediate report's utility. As a result, I was able to add a graph to the HTML report.
HTML Report

What is coming up next?
I am going to improving the HTML and PDF utility. And add some other data to the HTML reports to represent the triage in a meaninful way.
Note: Most of the merging will happen via Javascript rather than Python.

Did you get stuck anywhere?
Yes. I got stuck while running the Long tests. They were failing for some reason. It turned out that NVD downloads wasn't working for some hours.

View Blog Post

Week 3: Tests and Documentation for MergeReports

imsahil007
Published: 06/21/2021

What did you do this week?
I worked on the documentation and added one how-to guide which contains a step-wise guide on how to use intermediate reports. I tweaked the code related to merging reports and also added some tests related to MergeReports in `test_merge.py`

What is coming up next?
I am going to work on the webpage based merging tool utility which will help users while handling multiple intermediate reports. This can take a little more than a week depending on what features/filters we might need to add. And deciding the UI/ CSS part.

Did you get stuck anywhere?
Not yet. But I am not sure what features we might need in the above mentioned HTML utility. We have to also decide the tech-stack related to above tool.

View Blog Post

Week 2: Merging Intermediate Reports using cli

imsahil007
Published: 06/17/2021

What did you do this week?
I worked on saving intermediate reports along with some metadata and later merge them. This will improve the triage and tracking of reports from different end-users. The strucutre of these new intermediate reports look like this:
{
    "metadata": {
        "timestamp": "2021-06-17.00-00-30",
        "tag": "backend",
        "scanned_dir": "/home/path/",
        "products_with_cve": 139,
        "products_without_cve": 2,
        "total_files": 49
    },
    "report": [
        {
            "vendor": "gnu",
            "product": "gcc",
            "version": "9.0.1",
            "cve_number": "CVE-2019-15847",
            "severity": "HIGH",
            "score": "7.5",
            "cvss_version": "3",
            "paths": "/home/path/glib.tar.gz,/home/path/gcc.tar.gz",
            "remarks": "NewFound",
            "comments": ""
        },
    ]
}
I have added 3 parameters in cve-bin-tool cli for same:
  • -a INTERMEDIATE_PATH, --append INTERMEDIATE_PATH : This will create intermediate reports on current scans and save them in `INTERMEDIATE_PATH`
  • -t TAG, --tag TAG : This will add a unique tag in intermediate reports so that users can differentiate between mulitple intermediate reports.
  • -m INTERMEDIATE_REPORTS, --merge INTERMEDIATE_REPORTS : This will take a list of comma-separated paths and merge them. Users can use this along with `-f --format` and `-o --output-file` to get output in other formats


  • What is coming up next?
    I am going to work on the documentation and testing of above-added features in the upcoming weeks.
    Possible addition of some filters while using `-m --merge` argument.
    A wepage based utitlity to merge these intermediate reports rather than using `-m --merge`.

    Did you get stuck anywhere?
    No

    View Blog Post