Esempio n. 1
0
        private void deleteTest_Click(object sender, EventArgs e)
        {
            ProjectPOCO project = projectHelper.GetCurrentProject(ddlProjects.Text);

            if (null == project)
            {
                ShowError("No project found.");
                return;
            }
            if (penTesterDataView.SelectedRows.Count > 0)
            {
                DataGridViewSelectedRowCollection collection = penTesterDataView.SelectedRows;
                foreach (DataGridViewRow gvr in collection)
                {
                    DateTime            start  = (DateTime)gvr.Cells[0].Value;
                    DateTime            end    = (DateTime)gvr.Cells[1].Value;
                    string              tester = gvr.Cells[2].Value.ToString();
                    PenetrationTestPOCO obj    = new Business.PenetrationTestPOCO();
                    obj.TesterName = tester;
                    obj.StartDate  = start;
                    obj.EndDate    = end;
                    projectHelper.ModifyPenTestAnalysis(Business.ModTypes.Remove, project.Name, obj);
                }
                BindPenTest(project);
            }
            else
            {
                ShowError("No tests were selected to remove");
            }
        }
Esempio n. 2
0
        private static bool checkExists(ProjectPOCO p, PenetrationTestPOCO details)
        {
            if (null == p.PenetrationTests)
            {
                p.PenetrationTests = new List <PenetrationTestPOCO>();
            }
            IEnumerable <PenetrationTestPOCO> d = p.PenetrationTests.Where(x => x.StartDate == details.StartDate &&
                                                                           x.EndDate == details.EndDate &&
                                                                           x.TesterName == details.TesterName);

            if (0 == d.Count())
            {
                return(false);
            }
            else
            {
                return(true);
            }
        }
Esempio n. 3
0
        internal static void ModifyPenTestAnalysis(ModTypes _mod, string currentProject, PenetrationTestPOCO details)
        {
            ProjectPOCO p = GetCurrentProject(currentProject);

            if (ModTypes.Add == _mod)
            {
                if (!checkExists(p, details))
                {
                    p.PenetrationTests.Add(details);
                }
            }
            else if (ModTypes.Remove == _mod)
            {
                if (checkExists(p, details))
                {
                    PenetrationTestPOCO c = p.PenetrationTests.FirstOrDefault(x => x.EndDate == details.EndDate &&
                                                                              x.StartDate == details.StartDate && x.TesterName == details.TesterName);
                    if (null != c)
                    {
                        p.PenetrationTests.Remove(c);
                    }
                }
            }
        }
Esempio n. 4
0
        public static IList <ProjectPOCO> GetDataObjects(string file)
        {
            IList <ProjectPOCO> projects = new List <ProjectPOCO>();
            //TODO fix the crash on junk files.

            XElement projectData = XElement.Load(file);

            foreach (XElement x in projectData.Elements("project"))
            {
                ProjectPOCO p = new ProjectPOCO();
                p.Name = x.Element("name").Value;
                XElement contacts = x.Element("contacts");
                p.ISSO          = contacts.Element("isso").Value;
                p.DevLead       = contacts.Element("devLead").Value;
                p.ProductionURL = null == x.Element("productionURL") ? string.Empty : x.Element("productionURL").Value;
                XElement codeDetail                  = x.Element("codeDetail");
                XElement vulnerabilities             = x.Element("vulnerabilities");
                IEnumerable <XElement> codeLanguages = null == codeDetail.Element("languages") ? new List <XElement>() : codeDetail.Element("languages").Elements("language");
                if (codeLanguages.Count() > 0)
                {
                    foreach (XElement item in codeLanguages.ToList())
                    {
                        if (null == p.CodeLanguages)
                        {
                            p.CodeLanguages = new List <string>();
                        }
                        p.CodeLanguages.Add(item.Value);
                    }
                }
                else
                {
                    p.CodeLanguages = new List <string>();
                }

                bool isScanned = false;
                if (bool.TryParse(codeDetail.Attribute("isCurrentlyScanned").Value, out isScanned))
                {
                    p.isCurrentlyScanned = isScanned;
                }
                else
                {
                    p.isCurrentlyScanned = false;
                }
                //need to implement extension method for parsing enums
                p.ScanConfiguration = (CodeScanType)Enum.Parse(typeof(CodeScanType), codeDetail.Attribute("scanConfiguration").Value);
                p.Repository        = codeDetail.Element("repository").Value;
                IEnumerable <XElement> scanData = x.Element("codeAnalysis").Elements("scanDate");
                if (scanData.Count() > 0)
                {
                    foreach (XElement ele in scanData.ToList())
                    {
                        DateTime outDate = new DateTime();
                        if (DateTime.TryParse(ele.Value, out outDate))
                        {
                            if (null == p.StaticAnalysis)
                            {
                                p.StaticAnalysis = new List <StaticAnalysisPOCO>();
                            }
                            StaticAnalysisPOCO sa = new StaticAnalysisPOCO();
                            sa.AnalysisDate = outDate;
                            p.StaticAnalysis.Add(sa);
                        }
                    }
                }
                XElement penTests            = x.Element("penetrationTests");
                IEnumerable <XElement> scans = penTests.Elements("scan");
                if (scans.Count() > 0)
                {
                    foreach (XElement e1 in scans.ToList())
                    {
                        DateTime            outBegin = new DateTime();
                        DateTime            outEnd   = new DateTime();
                        PenetrationTestPOCO t        = new PenetrationTestPOCO();
                        if (DateTime.TryParse(e1.Element("startDate").Value, out outBegin))
                        {
                            t.StartDate = outBegin;
                        }
                        else
                        {
                            continue;
                        }
                        if (DateTime.TryParse(e1.Element("endDate").Value, out outEnd))
                        {
                            t.EndDate = outEnd;
                        }
                        else
                        {
                            continue;
                        }
                        t.TesterName = e1.Element("tester").Value;
                        if (null == p.PenetrationTests)
                        {
                            p.PenetrationTests = new List <PenetrationTestPOCO>();
                        }
                        p.PenetrationTests.Add(t);
                    }
                }
                XElement dx = x.Element("documentation");
                if (null != dx)
                {
                    IEnumerable <XElement> doco = dx.Elements("item");
                    if (doco.Count() > 0)
                    {
                        if (null == p.DocumentationItems)
                        {
                            p.DocumentationItems = new List <Documentation>();
                        }
                        foreach (XElement d in doco.ToList())
                        {
                            Documentation dxi = new Documentation();
                            dxi.Details = string.IsNullOrEmpty(d.Element("details").Value) ? string.Empty : d.Element("details").Value;
                            DateTime outDoI = new DateTime();
                            if (DateTime.TryParse(d.Element("dateOfIssue").Value, out outDoI))
                            {
                                dxi.DateOfIssue = outDoI;
                            }
                            else
                            {
                                continue;
                            }
                            dxi.Category = string.IsNullOrEmpty(d.Element("category").Value) ? string.Empty : d.Element("category").Value;
                            p.DocumentationItems.Add(dxi);
                        }
                    }
                }
                else
                {
                    p.DocumentationItems = new List <Documentation>();
                }
                try //LEGACY HELPER TRY
                {
                    IEnumerable <XElement> items = vulnerabilities.Elements("item");
                    IList <IVulnerability> list  = new List <IVulnerability>();
                    foreach (var item in items)
                    {
                        IVulnerability      v      = new Vulnerability();
                        string              date1  = item.Element("discoveredDate").Value;
                        string              date2  = item.Element("completedDate").Value;
                        Nullable <DateTime> nulled = null;
                        if (null != item.Element("title"))
                        {
                            v.Title = item.Element("title").Value;
                        }
                        v.DiscoveredDate   = string.IsNullOrEmpty(date1) ? nulled : Convert.ToDateTime(date1);
                        v.CompletedDate    = string.IsNullOrEmpty(date2) ? nulled : Convert.ToDateTime(date2);
                        v.Risk             = item.Element("risk").Value;
                        v.Status           = item.Element("status").Value;
                        v.Details          = HttpUtility.HtmlDecode(item.Element("vulnerability").Value);
                        v.Tester           = item.Element("tester").Value;
                        v.Identifier       = Guid.Parse(item.Element("identifier").Value);
                        v.VulnTypeReported = item.Element("type").Value;
                        if (null != item.Element("flagged"))
                        {
                            v.isWeeklyReportItem = bool.Parse(item.Element("flagged").Value);
                        }
                        else
                        {
                            v.isWeeklyReportItem = false;
                        }
                        if (null != item.Element("cvss2"))
                        {
                            decimal dec = new decimal();
                            if (decimal.TryParse(item.Element("cvss2").Value, out dec))
                            {
                                v.CVSS = dec;
                            }
                            else
                            {
                                v.CVSS = 0;
                            }
                        }
                        list.Add(v);
                    }
                    if (list.Count() > 0)
                    {
                        p.Vulnerabilities = list;
                    }
                }
                catch { }

                projects.Add(p);
            }
            return(projects);
        }