-
Notifications
You must be signed in to change notification settings - Fork 4
/
def.xml
119 lines (119 loc) · 6.08 KB
/
def.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
<?xml version="1.0"?>
<OWASP-DEF SpecVersion="0.1">
<Session-Reference>Scan specific reference</Session-Reference>
<Date-Time>Date and time the session was started</Date-Time>
<Scan type="dynamic">
<Host name="Hostname" ip-address="Either IPv4 or IPv6 Address">
<Port protocol="The Protocol used" portid="The Port Number">
<Service name="Name of the Service" product="Product Name" version="Product Version" />
<Software-Name>Name of the tool that found the issue</Software-Name>
<Software-Version>Version of the tool that found the issue</Software-Version>
<Software-Arguments>Arguments used to perform the scan</Software-Arguments>
<Software-Additional>
<Data name="The name">Value of the Additional Data</Data>
</Software-Additional>
<Vulnerability Severity="The Severity">
<Finding NativeID="The internal Test ID" IdentifiedTimestamp="DateTime stamp for when we found this vulnerability" UniqueID="The Software unique ID for this Finding">
<Summary>A sort (one line) description</Summary>
<Description>More detailed description</Description>
<Confidence Level="One of an agreed list of values" AuditStatus="One of an agreed list of values" />
<Background>More info on the type of issue</Background>
<Remediation>Advise on how to fix the issue</Remediation>
<Further-Information>
<Further-Info name="The name" url="The URL to further information" />
</Further-Information>
<Classifications>
<Classification type="The Classification System" id="Classification ID" href="The URL to the Classification description">The Title for the Clasasification</Classification>
</Classifications>
<Additional-Data>
<Data name="The name">Value of the Additional Data</Data>
</Additional-Data>
<Page>
<Page-Reference>Product specific reference e.g. Page Title</Page-Reference>
<URL>The UTL that the Vulnerability was found on</URL>
<Method>HTTP method (GET, POST, etc)</Method>
<HTTPVersion>The HTTP Version</HTTPVersion>
<StatusCode>The HTTP Status code</StatusCode>
<Language>The detected Language of the Web Application</Language>
<Parameters>
<Parameter>The parameter the vulnerability was found with</Parameter>
</Parameters>
<Request-Response>
<Request>
<Request-Raw>The RAW HTTP Request</Request-Raw>
<Request-Headers>
<Data name="The name of the Header Data">The value for the Header Data</Data>
</Request-Headers>
<Request-Cookie>
<Data name="The name of the Cookie Data">The value for the Cookie Data</Data>
</Request-Cookie>
<Additional-RequestData>
<Data name="The name of the Additional Data">The value for the Additional Data</Data>
</Additional-RequestData>
</Request>
<Response>
<Response-Raw>The RAW HTTP Response</Response-Raw>
<Response-Headers>
<Data name="The name of the Header Data">The value for the Header Data</Data>
</Response-Headers>
<Response-Cookie>
<Data name="The name of the Cookie Data">The value for the Cookie Data</Data>
</Response-Cookie>
<Additional-ResponseData>
<Data name="The name of the Additional Data">The value for the Additional Data</Data>
</Additional-ResponseData>
<Response-ScreenShot>Base64 Encoded Screen Shot</Response-ScreenShot>
</Response>
</Request-Response>
</Page>
</Finding>
</Vulnerability>
</Port>
</Host>
</Scan>
<Scan type="static">
<Software-Name>The name of the Software that did the scan</Software-Name>
<Software-Version>The version of the Software that did the scan</Software-Version>
<Software-Arguments>Arguments used to perform the scan</Software-Arguments>
<Software-Additional>
<Data name="The name">Value of the Additional Data</Data>
</Software-Additional>
<Vulnerability Severity="The Severity">
<Finding NativeID="The internal Test ID" IdentifiedTimestamp="DateTime stamp for when we found this vulnerability" UniqueID="The Software unique ID for this Finding">
<Summary>A sort (one line) description</Summary>
<Description>More detailed description</Description>
<Confidence>One of an agreed list of values</Confidence>
<Background>More info on the type of issue</Background>
<Remediation>Advise on how to fix the issue</Remediation>
<Further-Information>
<Further-Info>More information about this specific issue</Further-Info>
</Further-Information>
<Classifications>
<Classification type="The Classification System" id="Classification ID" href="The URL to the Classification description">The Title for the Classification</Classification>
</Classifications>
<DataFlowElement SourceFileName="The path and filename of the file the vulnerability was found in" LineNumber="The line number" ColumnNumber="The Colum number" Sequence="The sequence">
<LineText>The line where the vulnerability was found (This could be with X number of lines around it)</LineText>
</DataFlowElement>
</Finding>
</Vulnerability>
</Scan>
<Scan type="info">
<Software-Name>Name of the tool that found the issue</Software-Name>
<Software-Version>Version of the tool that found the issue</Software-Version>
<Software-Arguments>Arguments used to perform the scan</Software-Arguments>
<Software-Additional>
<Data name="The name">Value of the Additional Data</Data>
</Software-Additional>
<Host name="Hostname" ip-address="Either IPv4 or IPv6 Address">
<Scan-Info>
<Data name="Scan Info name">The value for the Scan-Info Data</Data>
</Scan-Info>
<Port protocol="tcp / udp" portid="The Port Number">
<Service name="Name of the Service" product="Product Name" version="Product Version" />
<Scan-Data>
<Data name="Name of the Scan Data">The value for the Scan Data</Data>
</Scan-Data>
</Port>
</Host>
</Scan>
</OWASP-DEF>