[Owasp-o2-platform] Help with loading and consolidating data from AppScan 7.9

dinis cruz dinis.cruz at owasp.org
Sat Aug 28 18:31:40 EDT 2010


now ... on the on the topic of merging AppScan results ... is there any
guidance on how to do it?

I'm assuming most of those db keys are not unique on all assessments, and
when merging results one will need to fix a bunch of those XRefs

Any other side effects we should be aware?

I wonder if we can manipulate the db in real time and use it to communicate
with a running instance of AppScan 7.9?

Dinis Cruz

On 28 August 2010 23:23, dinis cruz <dinis.cruz at owasp.org> wrote:

> I just created a video (using O2 :)  ) with this script in action.
>
> You can see it on YouTube http://www.youtube.com/watch?v=BAp6M6FZda8 or in
> the script documentation page http://www.o2platform.com/index.php/AppSscan
> 7.9 - Results Viewer (FireBird Database).h2<http://www.o2platform.com/index.php/AppSscan%207.9%20-%20Results%20Viewer%20%28FireBird%20Database%29.h2>
>
> Dinis Cruz
>
>
> On 28 August 2010 23:05, dinis cruz <dinis.cruz at owasp.org> wrote:
>
>> OK, I just added support to O2 for reading FireBird databases and more
>> specifically for loading and viewing AppScan 7.9 *.ResultsDB.FBD file (which
>> is inside the *.scan file)
>>
>> Here is a documentation page with tons of screenshots (and the script I
>> just wrote):
>>
>>
>> http://www.o2platform.com/wiki/AppSscan_7.9_-_Results_Viewer_(FireBird_Database).h2<http://www.o2platform.com/wiki/AppSscan_7.9_-_Results_Viewer_%28FireBird_Database%29.h2>
>> .
>>
>> Here is a good example of how in O2, once we can 'read/consume the native
>> files, the rest is easy :)
>>
>> Dan, Thanks for the help
>>
>> Dinis Cruz
>>
>>
>>
>> On 28 August 2010 19:22, Dan Cornell <dan at denimgroup.com> wrote:
>>
>>>   An O2 user sent me this request:
>>>
>>>
>>>
>>> *"...I need some help writing an 02 script that will collect multiple
>>> IBM appscan projects and convert them into one big project combining all of
>>> the vulnerabilities.*
>>>
>>>
>>>
>>> *The use case is that I have a huge web site that has 40 seperate "mini
>>> website" branched off of the main url.  Some of them require credentials
>>> some of them don't.   I have 20 app scan files that I would like to combine
>>> into one big app scan file.   The version of IBM app scan is 7.9..."*
>>>
>>>
>>>
>>> I have a sample assessment file from a scan of http://demo.testfire.netin the form of an *.scan file. This file is a zip file and inside of it here
>>> are a bunch of *.PDB , *.FPT and *.DBF files which are clearly database
>>> files.
>>>
>>>
>>>
>>> Anybody as idea of what these are and where I can get an C#, Python or
>>> Java reader for it?
>>>
>>>
>>>
>>>
>>>
>>> There is some Java code to read XML AppScan files in VulnManager –
>>> http://vulnerabilitymanager.denimgroup.com/  I have an updated version
>>> of that in the upcoming release but that code isn’t quite ready for
>>> distribution yet.
>>>
>>>
>>>
>>> I can probably also dredge up some other Java code to read the .scan
>>> files.
>>>
>>>
>>>
>>> Those use what is basically a Firebird DB format:
>>>
>>> http://www.firebirdsql.org/
>>>
>>>
>>>
>>> If this is just a one-off you could probably take your .scan files, use
>>> the Firebird ODBC driver to set up each files as a database and do some
>>> goofy query/join-y stuff to lump them all together in one big DB.
>>>
>>>
>>>
>>> Or to integrate it into O2 you could use the Firebird .NET data provider
>>> and attach that to the .scan files.
>>>
>>>
>>>
>>> Thanks,
>>>
>>>
>>>
>>> Dan
>>>
>>>
>>>
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-o2-platform/attachments/20100828/7a21aff6/attachment.html 


More information about the Owasp-o2-platform mailing list