public string checkIf_loadMultipleOzasmtFiles_Worked() { var o2Findings = XUtils_Findings_v0_1.loadMultipleOzasmtFiles(pathToOzastmFilesToLoad); Assert.That(o2Findings.Count > 0); return(string.Format("There were {0} findings loaded", o2Findings.Count)); }
public List <IO2Finding> takeDirectoryAndLoadAllAssessmentsWithStringInName() { var targetDirectory = pathToOzastmFilesToLoad; var filter = "*webgoat*.ozasmt"; var recursiveSearch = true; return(XUtils_Findings_v0_1.loadMultipleOzasmtFiles(targetDirectory, filter, recursiveSearch)); }
public static List <IO2Finding> getAllTraces_LostSinks(string targetFolder) { var folderWith_LostSinks = Path.Combine(targetFolder, "FindingsWith_Traces_LostSinks"); Assert.That(Directory.Exists(folderWith_LostSinks), "directory folderWith_LostSinks did not exist: " + folderWith_LostSinks); var o2Findings = XUtils_Findings_v0_1.loadMultipleOzasmtFiles(folderWith_LostSinks); O2Cmd.log.write("Findings with Lost Sinks: {0}", o2Findings.Count); return(o2Findings); }
public List <IO2Finding> invokeMultipleXRules() { // executing findings from pathToOzastmFilesToLoad var o2Findings = XUtils_Findings_v0_1.loadMultipleOzasmtFiles(pathToOzastmFilesToLoad); // run filter that gets only Traces var onlyTraces = new XRule_Findings_Filter().onlyTraces(o2Findings); // which have getParameter as source var results = new XRule_Findings_Filter().whereSource_Contains(onlyTraces, "getParameter"); return(results); }
// PHASE 5 : TASKS public void task1_createFinalAssessmentFile() { var o2Findings = XUtils_Findings_v0_1.loadMultipleOzasmtFiles(folderWithArtifacts_Phase4); O2Cmd.log.write("There are {0} findings for final assessment file", o2Findings.Count); // make them compatible with OSA OzasmtCompatibility.makeCompatibleWithOunceV6(o2Findings); finalAssessmentFile = Path.Combine(folderWithArtifacts_Phase5, "Final Set of Findings.ozasmt"); XUtils_Findings_v0_1.saveFindings(o2Findings, finalAssessmentFile); O2Cmd.log.write("Final assessment file created: {0}", finalAssessmentFile); copyFinalAssessmentFileToWorkflowFolder(); }
// PHASE 3 : TASKS // since there are lot a lot of known sinks move them all into one file public void task1_handleKnownSinks() { // for now save these findings in the root of folderWithArtifacts_Phase3 var folderWithAssessmentFiles = Path.Combine(folderWithArtifacts_Phase2, "FindingsWith_Traces_KnownSinks"); Assert.That(Directory.Exists(folderWithAssessmentFiles), "Directory folderWithAssessmentFiles does not exist: " + folderWithAssessmentFiles); var o2Findings_WithKnownSinks = XUtils_Findings_v0_1.loadMultipleOzasmtFiles(folderWithAssessmentFiles); // save as 1 ozasmt file with all findings var targetFile = Path.Combine(folderWithArtifacts_Phase3, "Findings with Known Sinks.ozasmt"); XUtils_Findings_v0_1.saveFindings(o2Findings_WithKnownSinks, targetFile); // save as 1 ozasmt file per VulnType var targetFolder = Path.Combine(folderWithArtifacts_Phase3, "Findings with KnownSinks (by VulnType)"); var mappedFindings = XUtils_Analysis.getDictionaryWithFindingsMappedBy_VulType(o2Findings_WithKnownSinks); XUtils_Analysis.saveDictionaryWithMappedFindingsToFolder(mappedFindings, targetFolder); }