Skip to content
/ ospd Public
forked from greenbone/ospd

OSPd is a framework for vulnerability scanners which share the same communication protocol: OSP (Open Scanner Protocol)

License

Notifications You must be signed in to change notification settings

Kraemii/ospd

 
 

Repository files navigation

Greenbone Logo

ospd

GitHub releases PyPI Scrutinizer Code Quality code test coverage CircleCI

ospd is a base class for scanner wrappers which share the same communication protocol: OSP (Open Scanner Protocol). OSP creates a unified interface for different security scanners and makes their control flow and scan results consistently available under the central Greenbone Vulnerability Manager service.

OSP is similar in many ways to GMP (Greenbone Management Protocol): XML-based, stateless and non-permanent connection.

The design supports wrapping arbitrary scanners with same protocol OSP, sharing the core daemon options while adding scanner specific parameters and options.

Table of Contents

Releases

 All release files are signed with the Greenbone Community Feed integrity key. This gpg key can be downloaded at https://www.greenbone.net/GBCommunitySigningKey.asc and the fingerprint is 8AE4 BE42 9B60 A59B 311C 2E73 9823 FAA6 0ED1 E580.

Installation

Requirements

ospd requires Python >= 3.7 along with the following libraries:

- python3-paramiko

- python3-lxml

- python3-defusedxml

Install using pip

You can install ospd from the Python Package Index using pip:

python3 -m pip install ospd

Alternatively download or clone this repository and install the latest development version:

python3 -m pip install .

How to write your own OSP Scanner Wrapper

As a core you need to derive from the class OSPDaemon from ospd.py. See the documentation there for the single steps to establish the full wrapper.

See the file doc/INSTALL-ospd-scanner.md about how to register a OSP scanner at the Greenbone Vulnerability Manager which will automatically establish a full GUI integration for the Greenbone Security Assistant (GSA).

For an example implementation see ospd-example-scanner.

Support

For any question on the usage of OSPD please use the Greenbone Community Portal. If you found a problem with the software, please create an issue on GitHub.

Maintainer

This project is maintained by Greenbone Networks GmbH.

Contributing

Your contributions are highly appreciated. Please create a pull request on GitHub. For bigger changes, please discuss it first in the issues.

For development you should use poetry to keep you python packages separated in different environments. First install poetry via pip

python3 -m pip install --user poetry

Afterwards run

poetry install

in the checkout directory of ospd (the directory containing the pyproject.toml file) to install all dependencies including the packages only required for development.

The ospd repository uses autohooks to apply linting and auto formatting via git hooks. Please ensure the git hooks are active.

poetry install
poetry run autohooks activate --force

License

Copyright (C) 2009-2020 Greenbone Networks GmbH

Licensed under the GNU Affero General Public License v3.0 or later.

About

OSPd is a framework for vulnerability scanners which share the same communication protocol: OSP (Open Scanner Protocol)

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • Python 100.0%