DeforaNetworks/pentext
3
0
Fork 0
Code Releases Activity

Finetuned some retest features

Browse Source
This commit is contained in:
skyanth
2017-06-07 17:13:28 +02:00
parent e5a6dbfb13
commit bbb22f3a62
3 changed files with 78 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
xml/RELEASE_NOTES.md
View File

@@ -1,6 +1,16 @@
RELEASE NOTES RELEASE NOTES
============= =============
June 7th
--------
### Finetuned some retest features
Specifically for retests, we now have the following nuggets of fun:
- The `@status` attribute of the findings and recommendations tables can now take a space-separated list instead of a single status value, which means you can now generate a table for multiple statuses at once. Example: `<generate_recommendations status="new unresolved"/>`
- Finding's statuses are now colour-coded in the PDF: Resolved = green, New & Unresolved = Red, Not retested = Orange. It's not tacky at all, trust me. Very understated and classy. :)
March 29th, 2017 March 29th, 2017
---------------- ----------------

69
xml/xslt/auto.xslt
View File

@@ -33,9 +33,44 @@
</fo:list-block> </fo:list-block>
</xsl:template> </xsl:template>
<xsl:template match="generate_teammembers">
<xsl:call-template name="generate_teammembers_xslt"/>
</xsl:template>
<xsl:template name="generate_teammembers_xslt">
<fo:list-block xsl:use-attribute-sets="list" provisional-distance-between-starts="0.75cm"
provisional-label-separation="2.5mm" space-after="12pt" start-indent="1cm">
<xsl:for-each select="//activityinfo//team/member">
<fo:list-item>
<!-- insert a bullet -->
<fo:list-item-label end-indent="label-end()">
<fo:block>
<fo:inline>&#8226;</fo:inline>
</fo:block>
</fo:list-item-label>
<!-- list text -->
<fo:list-item-body start-indent="body-start()">
<fo:block>
<fo:inline xsl:use-attribute-sets="bold"><xsl:apply-templates
select="name"/>: </fo:inline>
<xsl:apply-templates select="expertise"/>
</fo:block>
</fo:list-item-body>
</fo:list-item>
</xsl:for-each>
</fo:list-block>
</xsl:template>
<xsl:template match="generate_findings"> <xsl:template match="generate_findings">
<xsl:variable name="Ref" select="@Ref"/> <xsl:variable name="Ref" select="@Ref"/>
<xsl:variable name="status" select="@status"/> <xsl:variable name="statusSequence" as="item()*">
<xsl:for-each select="@status">
<xsl:for-each select="tokenize(., ' ')">
<xsl:value-of select="."/>
</xsl:for-each>
</xsl:for-each>
</xsl:variable>
<xsl:variable name="unsortedFindingSummaryTable"> <xsl:variable name="unsortedFindingSummaryTable">
<xsl:for-each-group select="//finding" group-by="@threatLevel"> <xsl:for-each-group select="//finding" group-by="@threatLevel">
<xsl:for-each select="current-group()"> <xsl:for-each select="current-group()">
@@ -85,14 +120,14 @@
+ (number(findingThreatLevel = 'N/A') * 1)"/> + (number(findingThreatLevel = 'N/A') * 1)"/>
<findingEntry> <findingEntry>
<xsl:attribute name="Ref"> <xsl:attribute name="Ref">
<xsl:value-of select="@Ref"/> <xsl:value-of select="@Ref"/>
</xsl:attribute> </xsl:attribute>
<xsl:attribute name="status"> <xsl:attribute name="status">
<xsl:value-of select="@status"/> <xsl:value-of select="@status"/>
</xsl:attribute> </xsl:attribute>
<xsl:attribute name="findingId"> <xsl:attribute name="findingId">
<xsl:value-of select="@findingId"/> <xsl:value-of select="@findingId"/>
</xsl:attribute> </xsl:attribute>
<!-- add an id for the first entry of each type so that we can link to it --> <!-- add an id for the first entry of each type so that we can link to it -->
<xsl:if <xsl:if
test="not(preceding-sibling::findingEntry/findingThreatLevel = findingThreatLevel)"> test="not(preceding-sibling::findingEntry/findingThreatLevel = findingThreatLevel)">
@@ -144,14 +179,14 @@
<xsl:when test="@status and @Ref"> <xsl:when test="@status and @Ref">
<!-- Only generate a table for findings in the section with this status AND this Ref --> <!-- Only generate a table for findings in the section with this status AND this Ref -->
<xsl:for-each <xsl:for-each
select="$findingSummaryTable/findingEntry[@status = $status][ancestor::*[@id = $Ref]]"> select="$findingSummaryTable/findingEntry[@status = $statusSequence][ancestor::*[@id = $Ref]]">
<xsl:call-template name="findingsSummaryContent"/> <xsl:call-template name="findingsSummaryContent"/>
</xsl:for-each> </xsl:for-each>
</xsl:when> </xsl:when>
<xsl:when test="@status and not(@Ref)"> <xsl:when test="@status and not(@Ref)">
<!-- Only generate a table for findings in the section with this status --> <!-- Only generate a table for findings in the section with this status -->
<xsl:for-each <xsl:for-each
select="$findingSummaryTable/findingEntry[@status = $status]"> select="$findingSummaryTable/findingEntry[@status = $statusSequence]">
<xsl:call-template name="findingsSummaryContent"/> <xsl:call-template name="findingsSummaryContent"/>
</xsl:for-each> </xsl:for-each>
</xsl:when> </xsl:when>
@@ -208,7 +243,13 @@
<xsl:template match="generate_recommendations"> <xsl:template match="generate_recommendations">
<xsl:variable name="Ref" select="@Ref"/> <xsl:variable name="Ref" select="@Ref"/>
<xsl:variable name="status" select="@status"/> <xsl:variable name="statusSequence" as="item()*">
<xsl:for-each select="@status">
<xsl:for-each select="tokenize(., ' ')">
<xsl:value-of select="."/>
</xsl:for-each>
</xsl:for-each>
</xsl:variable>
<fo:block> <fo:block>
<fo:table width="100%" table-layout="fixed" xsl:use-attribute-sets="table borders"> <fo:table width="100%" table-layout="fixed" xsl:use-attribute-sets="table borders">
<xsl:call-template name="checkIfLast"/> <xsl:call-template name="checkIfLast"/>
@@ -234,14 +275,14 @@
<xsl:when test="@status and @Ref"> <xsl:when test="@status and @Ref">
<!-- Only generate a table for findings in the section with this status AND this Ref --> <!-- Only generate a table for findings in the section with this status AND this Ref -->
<xsl:for-each <xsl:for-each
select="/pentest_report/descendant::finding[@status = $status][ancestor::*[@id = $Ref]]"> select="/pentest_report/descendant::finding[@status = $statusSequence][ancestor::*[@id = $Ref]]">
<xsl:call-template name="recommendationsSummaryContent"/> <xsl:call-template name="recommendationsSummaryContent"/>
</xsl:for-each> </xsl:for-each>
</xsl:when> </xsl:when>
<xsl:when test="@status and not(@Ref)"> <xsl:when test="@status and not(@Ref)">
<!-- Only generate a table for findings in the section with this status --> <!-- Only generate a table for findings in the section with this status -->
<xsl:for-each <xsl:for-each
select="/pentest_report/descendant::finding[@status = $status]"> select="/pentest_report/descendant::finding[@status = $statusSequence]">
<xsl:call-template name="recommendationsSummaryContent"/> <xsl:call-template name="recommendationsSummaryContent"/>
</xsl:for-each> </xsl:for-each>
</xsl:when> </xsl:when>

14
xml/xslt/findings.xslt
View File

@@ -4,6 +4,7 @@
xmlns:fo="http://www.w3.org/1999/XSL/Format" version="2.0"> xmlns:fo="http://www.w3.org/1999/XSL/Format" version="2.0">
<xsl:template match="finding" mode="meta"> <xsl:template match="finding" mode="meta">
<xsl:variable name="status" select="@status"/>
<fo:table width="100%" table-layout="fixed" xsl:use-attribute-sets="table" margin-bottom="{$large-space}"> <fo:table width="100%" table-layout="fixed" xsl:use-attribute-sets="table" margin-bottom="{$large-space}">
<fo:table-column column-width="proportional-column-width(70)"/> <fo:table-column column-width="proportional-column-width(70)"/>
<fo:table-column column-width="proportional-column-width(30)"/> <fo:table-column column-width="proportional-column-width(30)"/>
@@ -20,7 +21,18 @@
<fo:table-cell xsl:use-attribute-sets="td"> <fo:table-cell xsl:use-attribute-sets="td">
<fo:block xsl:use-attribute-sets="finding-meta"> <fo:block xsl:use-attribute-sets="finding-meta">
<fo:inline xsl:use-attribute-sets="bold">Retest status: </fo:inline> <fo:inline xsl:use-attribute-sets="bold">Retest status: </fo:inline>
<xsl:value-of select="@status"/> <xsl:choose>
<xsl:when test="@status = 'new' or @status = 'unresolved'">
<fo:inline xsl:use-attribute-sets="status-new"><xsl:value-of select="@status"/></fo:inline>
</xsl:when>
<xsl:when test="@status = 'not-retested'">
<fo:inline xsl:use-attribute-sets="status-not-retested"><xsl:value-of select="@status"/></fo:inline>
</xsl:when>
<xsl:when test="@status = 'resolved'">
<fo:inline xsl:use-attribute-sets="status-resolved"><xsl:value-of select="@status"/></fo:inline>
</xsl:when>
</xsl:choose>
</fo:block> </fo:block>
</fo:table-cell> </fo:table-cell>
</xsl:if> </xsl:if>