Skip to content
Snippets Groups Projects
Commit d39a672e authored by Nadin El-Yabroudi's avatar Nadin El-Yabroudi
Browse files

Latex report with summary and readme with image of report

parent 3c841c64
Branches
Tags
No related merge requests found
...@@ -32,6 +32,11 @@ $ make start ...@@ -32,6 +32,11 @@ $ make start
When the scan finishes you will find a Latex report of the summarizing the scan in `shared/results`. You can also see the raw XML output from Nmap in `shared/xml_files`. When the scan finishes you will find a Latex report of the summarizing the scan in `shared/results`. You can also see the raw XML output from Nmap in `shared/xml_files`.
<figure class="image">
<img src="https://cfsecuritycdn.infosec.workers.dev/img/flan_scan_report1.png"/>
<figcaption>Sample Flan Scan Report</figcaption>
</figure>
Custom Nmap Configuration Custom Nmap Configuration
------------------------- -------------------------
By default Flan Scan runs the following Nmap command: By default Flan Scan runs the following Nmap command:
...@@ -96,7 +101,7 @@ docker run --name <container-name> \ ...@@ -96,7 +101,7 @@ docker run --name <container-name> \
Deploying on Kubernetes Deploying on Kubernetes
----------------------- -----------------------
When deploying Flan Scan to a container orchestration system, such as Kubernetes, you must ensure that the container has access to a file called `ips.txt` at the directory `/`. In Kubernetes this can be done with a ConfigMap which will mount a file on your local filesystem as a volume that the container can access once deployed. The `kustomization.yaml` file has an example of how to create a ConfigMap called `shared-files`. This ConfigMap is then mounted as a volume in the `deployment.yaml` file. When deploying Flan Scan to a container orchestration system, such as Kubernetes, you must ensure that the container has access to a file called `ips.txt` at the directory `/`. In Kubernetes, this can be done with a ConfigMap which will mount a file on your local filesystem as a volume that the container can access once deployed. The `kustomization.yaml` file has an example of how to create a ConfigMap called `shared-files`. This ConfigMap is then mounted as a volume in the `deployment.yaml` file.
Here are some easy steps to deploy Flan Scan on Kubernetes: Here are some easy steps to deploy Flan Scan on Kubernetes:
1. To create the the ConfigMap add a path to a local `ips.txt` file in `kustomization.yaml` and then run `kubectl apply -k .`. 1. To create the the ConfigMap add a path to a local `ips.txt` file in `kustomization.yaml` and then run `kubectl apply -k .`.
......
...@@ -6,7 +6,13 @@ ...@@ -6,7 +6,13 @@
\usepackage{placeins} \usepackage{placeins}
\usepackage{hyperref} \usepackage{hyperref}
\usepackage{fontawesome} \usepackage{fontawesome}
\title{Flan Network Vulnerability Scan Report\\} \usepackage{listings}
\lstset{
basicstyle=\small\ttfamily,
columns=flexible,
breaklines=true
}
\title{Flan Scan Report\\}
\date{\today} \date{\today}
\begin{document} \begin{document}
...@@ -14,6 +20,3 @@ ...@@ -14,6 +20,3 @@
\maketitle \maketitle
\section*{Summary} \section*{Summary}
\section*{Services with Vulnerabilities}
...@@ -124,14 +124,20 @@ def get_description(vuln, type): ...@@ -124,14 +124,20 @@ def get_description(vuln, type):
return '' return ''
def create_latex(): def create_latex(nmap_command, start_date):
f = open('./latex_header.tex') f = open('./latex_header.tex')
write_buffer = f.read() write_buffer = f.read()
f.close() f.close()
output_file = sys.argv[2] output_file = sys.argv[2]
ip_file = sys.argv[3] ip_file = sys.argv[3]
write_buffer += "Flan Scan ran a network vulnerability scan with the following Nmap command on" \
+ start_date \
+ "UTC.\n\\begin{lstlisting}\n" \
+ nmap_command \
+ "\n\end{lstlisting}\nTo find out what IPs were scanned see the end of this report.\n"
write_buffer += "\section*{Services with Vulnerabilities}"
write_buffer += """\\begin{enumerate}[wide, labelwidth=!, labelindent=0pt, write_buffer += """\\begin{enumerate}[wide, labelwidth=!, labelindent=0pt,
label=\\textbf{\large \\arabic{enumi} \large}]\n""" label=\\textbf{\large \\arabic{enumi} \large}]\n"""
for s in vulnerable_services: for s in vulnerable_services:
...@@ -194,14 +200,17 @@ def create_latex(): ...@@ -194,14 +200,17 @@ def create_latex():
def main(): def main():
dirname = sys.argv[1] dirname = sys.argv[1]
for filename in os.listdir(dirname): for i, filename in enumerate(os.listdir(dirname)):
f = open(dirname + "/" + filename) f = open(dirname + "/" + filename)
xml_content = f.read() xml_content = f.read()
f.close() f.close()
data = xmltodict.parse(xml_content) data = xmltodict.parse(xml_content)
parse_results(data) parse_results(data)
if i == 0:
nmap_command = data['nmaprun']['@args'].rsplit(' ', 1)[0]
start_date = data['nmaprun']['@startstr']
create_latex() create_latex(nmap_command, start_date)
if __name__ == "__main__": if __name__ == "__main__":
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment