search

dradis / dradis-ce

Dradis Framework: Collaboration and reporting for IT Security teams
https://dradis.com/ce/
GNU General Public License v2.0
673 stars 190 forks source link

Merge service-related scanner output #118

Closed leesoh closed 6 years ago

leesoh commented 7 years ago

Steps to reproduce

I've tested this with Nessus and Qualys. Import scanner output into Dradis.

Expected behavior

Both of the above scanners include an issue that describes the results of the port scan. In a perfect world, Dradis would treat all port-scan related issues as the same and parse this data into a node service entry.

Actual behavior

Qualys port scans are removed from All Issues and imported as expected. 2017-05-02-image-003

Nessus port scans are treated as an issue. 2017-05-02-image-004

The output of both scanners is combined at the node level, but is duplicated. 2017-05-02-image-002

System configuration

Dradis version: Dradis Pro 2.6

Ruby version:

OS version:

leesoh commented 7 years ago

I believe the Qualys strangeness will be resolved with https://github.com/dradis/dradis-qualys/pull/7 but will still need the deduplication by port + protocol.

etdsoft commented 6 years ago

Implemented, ships in the next release.

See https://github.com/dradis/dradis-ce/pull/222