secureCodeBox
diff --git a/‎scanners/whatweb/parser/__testFiles__/example.com.json‎
Lines changed: 4 additions & 0 deletions b/‎scanners/whatweb/parser/__testFiles__/example.com.json‎
Lines changed: 4 additions & 0 deletions
diff --git a/‎scanners/whatweb/parser/__testFiles__/example.com.xml‎
Lines changed: 0 additions & 32 deletions b/‎scanners/whatweb/parser/__testFiles__/example.com.xml‎
Lines changed: 0 additions & 32 deletions
diff --git a/‎scanners/whatweb/parser/__testFiles__/no-address.com.json‎
Lines changed: 3 additions & 0 deletions b/‎scanners/whatweb/parser/__testFiles__/no-address.com.json‎
Lines changed: 3 additions & 0 deletions
diff --git a/‎scanners/whatweb/parser/__testFiles__/securecodebox.io.json‎
Lines changed: 6 additions & 0 deletions b/‎scanners/whatweb/parser/__testFiles__/securecodebox.io.json‎
Lines changed: 6 additions & 0 deletions
diff --git a/‎scanners/whatweb/parser/__testFiles__/securecodebox.io.xml‎
Lines changed: 0 additions & 87 deletions b/‎scanners/whatweb/parser/__testFiles__/securecodebox.io.xml‎
Lines changed: 0 additions & 87 deletions
diff --git a/‎scanners/whatweb/parser/__testFiles__/somedomain.com.xml‎
Lines changed: 0 additions & 36 deletions b/‎scanners/whatweb/parser/__testFiles__/somedomain.com.xml‎
Lines changed: 0 additions & 36 deletions
diff --git a/‎scanners/whatweb/parser/__testFiles__/two-domains.json‎
Lines changed: 5 additions & 0 deletions b/‎scanners/whatweb/parser/__testFiles__/two-domains.json‎
Lines changed: 5 additions & 0 deletions
diff --git a/‎scanners/whatweb/parser/__testFiles__/two-domains.xml‎
Lines changed: 0 additions & 62 deletions b/‎scanners/whatweb/parser/__testFiles__/two-domains.xml‎
Lines changed: 0 additions & 62 deletions
diff --git a/‎scanners/whatweb/parser/parser.js‎
Lines changed: 45 additions & 61 deletions b/‎scanners/whatweb/parser/parser.js‎
Lines changed: 45 additions & 61 deletions
@@ -0,0 +1,4 @@
+[
+{"target":"http://example.com","http_status":200,"request_config":{"headers":{"User-Agent":"WhatWeb/0.5.0"}},"plugins":{"IP":{"string":["93.184.216.34"]},"Title":{"string":["Example Domain"]},"HTML5":{},"HTTPServer":{"string":["ECS (dcb/7EA7)"]},"Country":{"string":["EUROPEAN UNION"],"module":["EU"]}}},
+{}
+]
@@ -0,0 +1,3 @@
+[
+{}
+]
@@ -0,0 +1,6 @@
+[
+{"target":"http://securecodebox.io","http_status":301,"request_config":{"headers":{"User-Agent":"WhatWeb/0.5.0"}},"plugins":{"IP":{"string":["185.199.110.153"]},"Title":{"string":["301 Moved Permanently"]},"HTTPServer":{"string":["GitHub.com"]},"Via-Proxy":{"string":["1.1 varnish"]},"UncommonHeaders":{"string":["x-github-request-id,x-served-by,x-cache-hits,x-timer,x-fastly-request-id"]},"RedirectLocation":{"string":["https://www.securecodebox.io/"]}}},
+{"target":"https://www.securecodebox.io/","http_status":200,"request_config":{"headers":{"User-Agent":"WhatWeb/0.5.0"}},"plugins":{"IP":{"string":["185.199.110.153"]},"Title":{"string":["secureCodeBox – Testing your Software Security"]},"Meta-Refresh-Redirect":{"string":["https://docs.securecodebox.io/"]},"HTML5":{},"Strict-Transport-Security":{"string":["max-age=31556952"]},"HTTPServer":{"string":["GitHub.com"]},"Via-Proxy":{"string":["1.1 varnish"]},"UncommonHeaders":{"string":["access-control-allow-origin,x-proxy-cache,x-github-request-id,x-served-by,x-cache-hits,x-timer,x-fastly-request-id"]}}},
+{"target":"https://docs.securecodebox.io/","http_status":200,"request_config":{"headers":{"User-Agent":"WhatWeb/0.5.0"}},"plugins":{"IP":{"string":["206.189.58.26"]},"Script":{},"Open-Graph-Protocol":{},"HTML5":{},"Strict-Transport-Security":{"string":["max-age=31536000"]},"HTTPServer":{"string":["Netlify"]},"UncommonHeaders":{"string":["x-nf-request-id"]},"Country":{"string":["UNITED STATES"],"module":["US"]},"MetaGenerator":{"string":["Docusaurus v2.0.0-beta.3"]}}},
+{}
+]
@@ -0,0 +1,5 @@
+[
+{"target":"http://example.com","http_status":200,"request_config":{"headers":{"User-Agent":"WhatWeb/0.5.0"}},"plugins":{"IP":{"string":["93.184.216.34"]},"Title":{"string":["Example Domain"]},"HTML5":{},"HTTPServer":{"string":["ECS (dcb/7F14)"]},"Country":{"string":["EUROPEAN UNION"],"module":["EU"]}}},
+{"target":"http://scanme.nmap.org/","http_status":200,"request_config":{"headers":{"User-Agent":"WhatWeb/0.5.0"}},"plugins":{"IP":{"string":["45.33.32.156"]},"Script":{"string":["text/javascript"]},"Google-Analytics":{"version":["Universal"],"account":["UA-11009417-1"]},"Title":{"string":["Go ahead and ScanMe!"]},"HTTPServer":{"os":["Ubuntu Linux"],"string":["Apache/2.4.7 (Ubuntu)"]},"Country":{"string":["RESERVED"],"module":["ZZ"]},"Apache":{"version":["2.4.7"]}}},
+{}
+]
@@ -2,17 +2,15 @@
 //
 // SPDX-License-Identifier: Apache-2.0
 
-const xml2js = require('xml2js');
-
 async function parse(fileContent) {
-  const hosts = await parseResultFile(fileContent);
-  return transformToFindings(hosts);
+  const targets = await parseResultFile(fileContent);
+  return transformToFindings(targets);
 }
 
 function transformToFindings(targets) {
 
   const targetFindings = targets.map(target => {
-    let tempFinding = {
+    let finding = {
       name: target.uri,
       category: "WEB APPLICATION",
       description: target.title,
@@ -21,80 +19,66 @@ function transformToFindings(targets) {
       severity: 'INFORMATIONAL',
       attributes: {
         requestConfig: target.requestConfig,
-        ipAddress: target.ipAddress
+        ipAddress: target.ipAddress,
+        country: target.country,
+        HTML5: target.html5
       }
     };
 
     target.additional.forEach(additional => {
-      if (!tempFinding.attributes[additional.name[0]]) {
-        tempFinding.attributes[additional.name[0]] =
-          (("string" in additional) ? additional.string[0] : "") + (("module" in additional) ? " " + additional.module[0] : "");
+      if (!finding.attributes[additional[0]]) { //Check if key already exists
+        finding.attributes[additional[0]] =
+          (("string" in additional[1]) ? additional[1].string[0] : "") +
+          (("module" in additional[1]) ? "/" + additional[1].module[0] : "");
       }
     });
 
-    return tempFinding;
+    if (!finding.attributes.HTML5) //Do not show in findings if undefined
+      delete finding.attributes.HTML5;
+
+    return finding;
   });
 
   return [...targetFindings];
 }
 
 /**
- * Parses a given NMAP XML file to a smaller JSON represenation with the following object:
- * {
- *   hostname: null,
- *   ip: null,
- *   mac: null,
- *   openPorts: null,
- *   osNmap: null,
- *   scripts: null
- * }
- * @param {*} fileContent 
+ * Parses a given Whatweb JSON file and extracts all targets
+ * @param {*} fileContent
  */
 function parseResultFile(fileContent) {
-  return new Promise((resolve, reject) => {
-    xml2js.parseString(fileContent, (err, xmlInput) => {
-      if (err) {
-        reject(new Error('Error converting XML to JSON in xml2js: ' + err));
-      } else {
-        let tempTargetList = [];
-        if (!xmlInput.log.target) {
-          resolve([]);
-          return;
+    console.log(fileContent);
+    let targetList = [];
+    for(const rawTarget of fileContent) {
+      if (rawTarget.target) { //Check for empty target
+        let newTarget = {
+          uri: rawTarget.target,
+          httpStatus: rawTarget.http_status,
+          requestConfig: rawTarget.request_config.headers["User-Agent"],
+          ipAddress: null,
+          title: null,
+          html5: null,
+          country: null,
+          additional: []
         }
-
-        xmlInput = xmlInput.log.target;
-
-        tempTargetList = xmlInput.map(target => {
-          let newTarget = {
-            uri: target.uri[0],
-            httpStatus: target['http-status'][0],
-            requestConfig: {
-                headerName: target['request-config'][0].header[0]["header-name"][0],
-                headerValue: target['request-config'][0].header[0]["header-value"][0]
-            },
-            ipAddress: null,
-            title: null,
-            additional: []
-          };
-
-          if(target.plugin) {
-            for(const plugin of target.plugin) {
-              if (plugin.name[0] === "IP")
-              newTarget.ipAddress = plugin.string[0];
-              else if (plugin.name[0] === "Title")
-              newTarget.title = plugin.string[0];
-              else
-              newTarget.additional.push(plugin)
-            }
+        if(rawTarget.plugins) {
+          for(const [key, value] of Object.entries(rawTarget.plugins)) {
+            if (key === "IP")
+              newTarget.ipAddress = value.string[0];
+            else if (key === "Title")
+              newTarget.title = value.string[0];
+            else if (key === "HTML5")
+              newTarget.html5 = true;
+            else if (key === "Country")
+              newTarget.country = value.string[0] + "/" + value.module[0];
+            else
+              newTarget.additional.push([key, value])
           }
-            
-          return newTarget;
-        });
-
-        resolve(tempTargetList);
+        }
+        targetList.push(newTarget);
       }
-    });
-  });
+    }
+    return targetList;
 }
 
 module.exports.parse = parse;
-Original file line number
+Diff line change
@@ @@ -0,0 +1,4 @@ @@
 +[
 +{"target":"http://example.com","http_status":200,"request_config":{"headers":{"User-Agent":"WhatWeb/0.5.0"}},"plugins":{"IP":{"string":["93.184.216.34"]},"Title":{"string":["Example Domain"]},"HTML5":{},"HTTPServer":{"string":["ECS (dcb/7EA7)"]},"Country":{"string":["EUROPEAN UNION"],"module":["EU"]}}},
 +{}
 +]