From 5efa46279cb2e3d00058f39d32e36f27e4028a2d Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Wed, 15 Sep 2021 12:57:59 +0200 Subject: [PATCH] Use proper DefectDojo importer for nuclei and wpscan scans Signed-off-by: Jannik Hollenbach --- hooks/persistence-defectdojo/hook/build.gradle | 2 +- .../io/securecodebox/persistence/util/ScanNameMapping.java | 4 +++- .../mapping/DefectDojoFindingToSecureCodeBoxMapperTest.java | 2 +- .../strategies/VersionedEngagementsStrategyTest.java | 2 +- 4 files changed, 6 insertions(+), 4 deletions(-) diff --git a/hooks/persistence-defectdojo/hook/build.gradle b/hooks/persistence-defectdojo/hook/build.gradle index 403270147d..2b737b5bab 100644 --- a/hooks/persistence-defectdojo/hook/build.gradle +++ b/hooks/persistence-defectdojo/hook/build.gradle @@ -22,7 +22,7 @@ repositories { dependencies { implementation 'io.kubernetes:client-java:12.0.0' - implementation 'io.securecodebox:defectdojo-client:0.0.19-SNAPSHOT' + implementation 'io.securecodebox:defectdojo-client:0.0.20-SNAPSHOT' implementation group: 'org.springframework', name: 'spring-web', version: '5.3.9' implementation 'com.fasterxml.jackson.core:jackson-core:2.12.4' diff --git a/hooks/persistence-defectdojo/hook/src/main/java/io/securecodebox/persistence/util/ScanNameMapping.java b/hooks/persistence-defectdojo/hook/src/main/java/io/securecodebox/persistence/util/ScanNameMapping.java index 25f0299d29..b6d97219b8 100644 --- a/hooks/persistence-defectdojo/hook/src/main/java/io/securecodebox/persistence/util/ScanNameMapping.java +++ b/hooks/persistence-defectdojo/hook/src/main/java/io/securecodebox/persistence/util/ScanNameMapping.java @@ -15,7 +15,9 @@ public enum ScanNameMapping { SSLYZE("sslyze", ScanType.SSLYZE_3_JSON_SCAN), TRIVY("trivy", ScanType.TRIVY_SCAN), GITLEAKS("gitleaks", ScanType.GITLEAKS_SCAN), - NIKTO("nikto", ScanType.NIKTO_SCAN), + NIKTO("nikto", ScanType.NIKTO_SCAN), + NUCLEI("nuclei", ScanType.NUCLEI_SCAN), + WPSCAN("wpscan", ScanType.WPSCAN), GENERIC(null, ScanType.GENERIC_FINDINGS_IMPORT) ; diff --git a/hooks/persistence-defectdojo/hook/src/test/java/io/securecodebox/persistence/mapping/DefectDojoFindingToSecureCodeBoxMapperTest.java b/hooks/persistence-defectdojo/hook/src/test/java/io/securecodebox/persistence/mapping/DefectDojoFindingToSecureCodeBoxMapperTest.java index 9b5b936421..f5684aaefd 100644 --- a/hooks/persistence-defectdojo/hook/src/test/java/io/securecodebox/persistence/mapping/DefectDojoFindingToSecureCodeBoxMapperTest.java +++ b/hooks/persistence-defectdojo/hook/src/test/java/io/securecodebox/persistence/mapping/DefectDojoFindingToSecureCodeBoxMapperTest.java @@ -33,7 +33,7 @@ class DefectDojoFindingToSecureCodeBoxMapperTest { @BeforeEach public void setup(){ - var config = new DefectDojoConfig("http://example.defectdojo.com", "placeholder", "placeholder"); + var config = new DefectDojoConfig("http://example.defectdojo.com", "placeholder", "placeholder", 1000); this.mapper = new DefectDojoFindingToSecureCodeBoxMapper(config, endpointService); } diff --git a/hooks/persistence-defectdojo/hook/src/test/java/io/securecodebox/persistence/strategies/VersionedEngagementsStrategyTest.java b/hooks/persistence-defectdojo/hook/src/test/java/io/securecodebox/persistence/strategies/VersionedEngagementsStrategyTest.java index 2d4b28df31..bfd7c63884 100644 --- a/hooks/persistence-defectdojo/hook/src/test/java/io/securecodebox/persistence/strategies/VersionedEngagementsStrategyTest.java +++ b/hooks/persistence-defectdojo/hook/src/test/java/io/securecodebox/persistence/strategies/VersionedEngagementsStrategyTest.java @@ -54,7 +54,7 @@ public class VersionedEngagementsStrategyTest { @BeforeEach public void setup() throws Exception { - versionedEngagementsStrategy.config = new DefectDojoConfig("https://defectdojo.example.com", "", "foobar"); + versionedEngagementsStrategy.config = new DefectDojoConfig("https://defectdojo.example.com", "", "foobar", 1000); scan = new Scan(); scan.setApiVersion("execution.securecodebox.io/v1");