Git Product home page Git Product logo

community's Introduction

community

Important

This directory contains Qualys community open source scripts. The sample code demonstrates the functionality of the QualysGuard API. Several sample scripts are provided to show how to use API features to perform network security audits and vulnerability management.

These scripts are unsupported and are provided as proof-of-concept only.Scripts options and details are availalable via --help.

Note, that if you account is setup on a different platform you may need to edit the script and change the FQDN via hard coded variables or via a run time parameter (e.g. --serverurl=) from qualsapi.qualys.com to one of the following:

Platform URI
QualysGuard US Platform 1 https://qualysapi.qualys.com
QualysGuard US Platform 2 https://qualysapi.qg2.apps.qualys.com
QualysGuard EU Platform https://qualysapi.qualys.eu
QualysGuard @Customer https://qualysapi.<customer_base_url>

Scripts summary

Returns the version ID strings for the QualysGuard MSP API, the web application, scanner software, and vulnerability signatures.

This script demonstrates how to accept the Qualys Service End User License Agreement (EULA) on behalf of a customer.

This script adds asset IP addresses to a QualysGuard subscription by importing the assets from a CSV file.

Performs synchronization (of sorts) with Active Directory.

This script totals the severity levels for vulnerabilities detected by a QualysGuard scan and calculates a total score. This score can be calculated from an existing scan, or from running a scan. This base score is compared to the most recent score for the same IP address range, if one exists, and the difference is reported.

A script to get a CSV of all the CVEs currently covered in our KB.

Download a QualysGuard report based on a report template.

Demonstrates how to interact with the QualysGuard network map functions including: Launch a map, launch a map and save the report on the QualysGuard server, list saved map reports, retrieve a saved map report, list maps in progress, and cancel a running map.

Demonstrates how to interact with the QualysGuard scan functions including: Launch a scan, launch a scan and save the report on the QualysGuard server, list saved scan reports, retrieve a saved scan report, list scans in progress, and cancel a running scan.

Generates a list of all installed software in the environment.

Gets more detailed statistics on the KB, including counts by category, total Bugtraq items, etc.

Gets the last scan time and scanner for the specified IP.

Find all assets not scanned within a number of days specified and add them to a group.

Gets traceroute information for specified asset groups and timeframe and calculates useful stats.

Downloads the QID, name, and CVSS base score of all PCI vulnerabilities in the KB (those that will cause a PCI failure).

A poor man's "Open Ports and Services" report.

Purges the automatic data for all hosts not scanned since a particular date/in XX days.

Output the complete scanner details as they are available in the GUI.

This script demonstrates how to interact with scan service options. The following options may be set: Scan dead hosts, ports to scan, and scan hosts behind a load balancer.

Downloads scheduled tasks and look for sub-optimal scanner loads.

A script to parse the results of QID 45038 (Host Scan Time) and calculate the average scan time. It will also call out the IP and OS of systems that take abnormally long.

This script demonstrates how to define scan or map tasks to occur on a regular basis -- daily, weekly, or monthly.

This script, like vulnsummary, demonstrates how to connect to the QualysGuard API, and how to extract and display data from the scan report XML document.

Qualys provides a Ticket Notification Engine (TNE) that outputs SMTP messages based on XML versions of individual tickets in QualysGuard that are consumable by Remedy ticketing systems. The TNE can also be configured to support some customization to support the receiving ticketing system.

This script adds user accounts to an existing subscription by importing user account information from a user-defined CSV file.

This script demonstrates how to connect to the QualysGuard API and how to extract vulnerability data from the scan report XML document.

community's People

Contributors

b1v1r avatar garnetsunset avatar jnelsontam avatar paragbaxi avatar pmgupte avatar zany2dmax avatar

Watchers

 avatar  avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.