Monday, June 25, 2012

GUI Risk Stats

Code:
https://github.com/JasonMOliver/Java_Parsers/blob/master/XMLVulnStatsTab.java

-----

I have been playing with gnuplot for about a day and I have to say its a lot of fun and can be complex. So far I have been able to generate some decent pictures of data for reports and such but I hope in the future this idea will get far more complex.

As of now I have attached a beta stats file for outputting .nessus files into tab delimited summery data for parsing with gnuplot.

I started out with the following two graphs I thought I would share they are both vuln data for the top 20 hosts based on over all CVSS score.

To get the data from the tool output to a parsable format that is sorted I use the following commands

java XMLVulnStatsTab TestTab.out *.nessus

head -n 1 TestTab.out | awk -F '\t' '{print $1"\t"$3"\t"$4"\t"$5"\t"$6}' > TestDataWithTabs20Vuln.dat; awk -F '\t' '{print $2"\t"$1"\t"$3"\t"$4"\t"$5"\t"$6}' TestTab.out | sort -g -r | head -n 20 | awk -F '\t' '{print $2"\t"$3"\t"$4"\t"$5"\t"$6}' >> TestDataWithTabs20Vuln.dat

At this point you should have the Top 20 data to play with;

A side not at this point you can get gnuplot for Mac in Macports

port install gnuplot

After you have gnuplot all setup and running use the following command set for the reports

#Top 20 Cluster Chart

set style data histogram
set style histogram cluster gap 1
set xtics rotate
set style fill solid border rgb "black"
set auto x
set yrange [0:*]
plot "TestDataWithTabs20Vuln.dat" using 3:xticlabels(1) title col lc rgb "purple", "TestDataWithTabs20Vuln.dat" using 4:xticlabels(1) title col lc rgb "red", "TestDataWithTabs20Vuln.dat" using 5:xticlabels(1) title col lc rgb "yellow", "TestDataWithTabs20Vuln.dat" using 6:xticlabels(1) title col lc rgb "green"



or

#Top 20 Row Chart with CVSS Total Score  
set style data histogram 
set style histogram rows gap 1 
set xtics rotate 
set style fill solid border rgb "black" 
set auto x  
set yrange [0:*] 
plot "TestDataWithTabs20Vuln.dat" using 2:xticlabels(1) title col with linespoints pointtype 5, "TestDataWithTabs20Vuln.dat" using 6:xticlabels(1) title col lc rgb "green", "TestDataWithTabs20Vuln.dat" using 5:xticlabels(1) title col lc rgb "yellow", "TestDataWithTabs20Vuln.dat" using 4:xticlabels(1) title col lc rgb "red", "TestDataWithTabs20Vuln.dat" using 3:xticlabels(1) title col lc rgb "purple"



Any way, I expect this to get more complex as I start to get use to the tool but for one day of playing (and its been a lot of fun) this seems like it will be a handy way to put a nice spin on my report data and add some color.

If you have any reports you find interesting with this data - plz add them to the thread

cheers

JSN

No comments:

Post a Comment