class Risu::Parsers::Nessus::PostProcess::RiskScore
Public Class Methods
new()
click to toggle source
# File lib/risu/parsers/nessus/postprocess/risk_score.rb, line 29 def initialize @info = { :description => "RiskScore Calculator", :plugin_id => 0 } end
Public Instance Methods
calculate_host_risk_score()
click to toggle source
# File lib/risu/parsers/nessus/postprocess/risk_score.rb, line 76 def calculate_host_risk_score Host.all.each do |host| risk_score = 0.0 host.items.to_a.each do |item| risk_score = risk_score + item.risk_score end #@TODO weighting goes here host.risk_score = risk_score host.save end end
calculate_item_risk_score()
click to toggle source
Calculates the RiskScore
for a Item which is == to the Plugin's RiskScore
# File lib/risu/parsers/nessus/postprocess/risk_score.rb, line 40 def calculate_item_risk_score Item.all.each do |item| plugin = Plugin.where(:id => item.plugin_id).first risk_score = 0.0 cvss_base_score = plugin.cvss_base_score.to_f || 1.0 vuln_publication_date = plugin.vuln_publication_date vuln_pub_days = 1 vuln_pub_days = (DateTime.now.to_date - vuln_publication_date.to_date).to_i if vuln_publication_date != nil exploitable = plugin.exploit_available exploitable_factor = 1 if exploitable == "true" exploitable_factor = 0.6 end risk_score = (cvss_base_score * vuln_pub_days * 0.8) * exploitable_factor item.risk_score = risk_score item.save end end
calculate_plugin_risk_score()
click to toggle source
# File lib/risu/parsers/nessus/postprocess/risk_score.rb, line 66 def calculate_plugin_risk_score Plugin.all.each do |plugin| items = Item.where(:plugin_id => plugin.id).to_a plugin.risk_score = items.first.risk_score * items.count plugin.save end end
run()
click to toggle source
# File lib/risu/parsers/nessus/postprocess/risk_score.rb, line 92 def run calculate_item_risk_score() calculate_plugin_risk_score() calculate_host_risk_score() end