[Owasp-o2-platform] Help with loading and consolidating data from AppScan 7.9

Aaron Clark noyesterday at gmail.com
Sat Aug 28 18:59:54 EDT 2010


For programmatically dealing with a running instance of AppScan (the dynamic
versions of the tool, not Source) there's an extension SDK and a python
programmatic interface called pyscan.
http://www.ibm.com/developerworks/rational/downloads/08/appscan_ext_framework/#N1017C

There's a separate api for working with Source too, but Dinis already knows
all about it.

Thanks,
Aaron

Just as a disclaimer, I work on the AppScan Source team (and Ounce befor the
acquisition)

On Sat, Aug 28, 2010 at 3:31 PM, dinis cruz <dinis.cruz at owasp.org> wrote:

> now ... on the on the topic of merging AppScan results ... is there any
> guidance on how to do it?
>
> I'm assuming most of those db keys are not unique on all assessments, and
> when merging results one will need to fix a bunch of those XRefs
>
> Any other side effects we should be aware?
>
> I wonder if we can manipulate the db in real time and use it to communicate
> with a running instance of AppScan 7.9?
>
> Dinis Cruz
>
>
> On 28 August 2010 23:23, dinis cruz <dinis.cruz at owasp.org> wrote:
>
>> I just created a video (using O2 :)  ) with this script in action.
>>
>> You can see it on YouTube http://www.youtube.com/watch?v=BAp6M6FZda8 or
>> in the script documentation page http://www.o2platform.com/index.php/AppSscan
>> 7.9 - Results Viewer (FireBird Database).h2<http://www.o2platform.com/index.php/AppSscan%207.9%20-%20Results%20Viewer%20%28FireBird%20Database%29.h2>
>>
>> Dinis Cruz
>>
>>
>> On 28 August 2010 23:05, dinis cruz <dinis.cruz at owasp.org> wrote:
>>
>>> OK, I just added support to O2 for reading FireBird databases and more
>>> specifically for loading and viewing AppScan 7.9 *.ResultsDB.FBD file (which
>>> is inside the *.scan file)
>>>
>>> Here is a documentation page with tons of screenshots (and the script I
>>> just wrote):
>>>
>>>
>>> http://www.o2platform.com/wiki/AppSscan_7.9_-_Results_Viewer_(FireBird_Database).h2<http://www.o2platform.com/wiki/AppSscan_7.9_-_Results_Viewer_%28FireBird_Database%29.h2>
>>> .
>>>
>>> Here is a good example of how in O2, once we can 'read/consume the native
>>> files, the rest is easy :)
>>>
>>> Dan, Thanks for the help
>>>
>>> Dinis Cruz
>>>
>>>
>>>
>>> On 28 August 2010 19:22, Dan Cornell <dan at denimgroup.com> wrote:
>>>
>>>>   An O2 user sent me this request:
>>>>
>>>>
>>>>
>>>> *"...I need some help writing an 02 script that will collect multiple
>>>> IBM appscan projects and convert them into one big project combining all of
>>>> the vulnerabilities.*
>>>>
>>>>
>>>>
>>>> *The use case is that I have a huge web site that has 40 seperate "mini
>>>> website" branched off of the main url.  Some of them require credentials
>>>> some of them don't.   I have 20 app scan files that I would like to combine
>>>> into one big app scan file.   The version of IBM app scan is 7.9..."*
>>>>
>>>>
>>>>
>>>> I have a sample assessment file from a scan of http://demo.testfire.netin the form of an *.scan file. This file is a zip file and inside of it here
>>>> are a bunch of *.PDB , *.FPT and *.DBF files which are clearly database
>>>> files.
>>>>
>>>>
>>>>
>>>> Anybody as idea of what these are and where I can get an C#, Python or
>>>> Java reader for it?
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> There is some Java code to read XML AppScan files in VulnManager –
>>>> http://vulnerabilitymanager.denimgroup.com/  I have an updated version
>>>> of that in the upcoming release but that code isn’t quite ready for
>>>> distribution yet.
>>>>
>>>>
>>>>
>>>> I can probably also dredge up some other Java code to read the .scan
>>>> files.
>>>>
>>>>
>>>>
>>>> Those use what is basically a Firebird DB format:
>>>>
>>>> http://www.firebirdsql.org/
>>>>
>>>>
>>>>
>>>> If this is just a one-off you could probably take your .scan files, use
>>>> the Firebird ODBC driver to set up each files as a database and do some
>>>> goofy query/join-y stuff to lump them all together in one big DB.
>>>>
>>>>
>>>>
>>>> Or to integrate it into O2 you could use the Firebird .NET data provider
>>>> and attach that to the .scan files.
>>>>
>>>>
>>>>
>>>> Thanks,
>>>>
>>>>
>>>>
>>>> Dan
>>>>
>>>>
>>>>
>>>
>>>
>>
>
> _______________________________________________
> Owasp-o2-platform mailing list
> Owasp-o2-platform at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-o2-platform
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-o2-platform/attachments/20100828/4e788e2c/attachment-0001.html 


More information about the Owasp-o2-platform mailing list