Product
Pricing
Resources
Docs
Product
Pricing
Resources
Docs

Step 1 - Create a Script

This script conducts security checks. It could be calling other security tools, open source tools, calling APIs, it can be whatever you need it to be. As long as it can determine security issues, record them as vulnerability objects, and store them back into the system.

Let's dive into what the script does!

The script is going to take some inputs:

```python
arg_options = argparse.ArgumentParser(description="Runs a simple HTTPS redirection test")
arg_options.add_argument('--url', type=str)
arg_options.add_argument('--debug', type=str)
arg_options.add_argument('--output', type=str)
```

  • URL - the URL to be tested

  • Debug - takes a debug argument to print out additional information

  • Output - where we want the XML vulnerability file to be written to

The main body of the testing tool is very simple as follows where we're stripping out the 's' in 'https' of the URL and trying to find out if a redirect occurs.

```python
#Requests
s = requests.Session()
url_to_use = url.replace('https', 'http')
print(f"Accessing {url_to_use} \n")
Response = s.request("Get", url_to_use, allow_redirects=False)
code = Response.status_code
if code == 300 or code == 301 or code == 302 or code == 303 or code == 304 or code == 307 or code == 308:
print(f"Successfully received a redirect {code} for {url_to_use} \n")
else:
```

When we run the script we're looking for a vulnerability, which in this case is the absence of a redirect. When we find this, we want to create a vulnerability object as shown in the following code snippet.

```python
# Raise the issue
vuln = Vulnerability (title="No HTTP redirect to HTTPS",
summary="HTTP access to site does not redirect to an HTTPS location",
explanation="In testing, when a request for the HTTP protocol for the site was made, there was not a redirect for the HTTPS location",
recommendation="Update the server configuration to ensure non-secure requests for these pages result in a redirect.",
source=url_to_use,
severity=Severity.HIGH,
cvss='CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N',
md5="a9f54e2a88ede11530aa9d914fe2bbcc" )


To create vulnerability object we need to supply the following:

  • Title

  • Summary

  • Explanation

  • Recommendation

  • URL - the domain that's created the issue

  • Severity

  • CVSS - to understand severity at technical level of bug being returned

  • MD5 - doesn’t need to be returned, if not, Uleska will take amalgamation of first 4 fields to be definition of vulnerability. Allows Uleska to categorise multiple instances of the same bug as the same category.
We then add the vulnerability object into a dictionary, and we've also included a Debug flag - Print out extra information about information going through.

```python
issues_found.append( vuln )
if debug:print ("\n######################### DEBUG #################################")
print ("Issue added to list: Title [" + vuln.title + "], Summary [" + vuln.summary + "]")
print("###################################################################\n\n")
```

Use this function to take issues found and store them on local disk as XML file, and Uleska will use this to extract vulnerabilities into the platform.

```python
# Save the vulnerabilities to the XML file
save_vulns_to_file(issues_found, vulns_output_location, '1.2')
```

After you have created your custom tool, you will need to test it to make sure it works.

Run the Python file, give it a sample URL to see if it has an automatic redirect.

If an issue has been raised and you would like to see more information about it, run the same command with “--debug true”.

Confirm that it is able to produce the XML output file with “more ___.xml”, which will show you your title, summary, explanation etc.

You have now created a custom tool which finds issues/vulnerabilities.