update invicti parser to use FirstSeenDate

Author: paulOsinski

dojo/tools/netsparker/parser.py

@@ -10,6 +10,25 @@
 from dojo.tools.locations import LocationData
 
 
+def _parse_date(date_str):
+    """Parse a Netsparker/Invicti date string into a date object."""
+    if not date_str:
+        return None
+    try:
+        if "UTC" in date_str:
+            return datetime.datetime.strptime(
+                date_str.split(" ")[0], "%d/%m/%Y",
+            ).date()
+        return datetime.datetime.strptime(
+            date_str, "%d/%m/%Y %H:%M %p",
+        ).date()
+    except ValueError:
+        try:
+            return date_parser.parse(date_str).date()
+        except (ValueError, date_parser.ParserError):
+            return None
+
+
 class NetsparkerParser:
     def get_scan_types(self):
         return ["Netsparker Scan"]
@@ -27,20 +46,7 @@ def get_findings(self, filename, test):
         except Exception:
             data = json.loads(tree)
         dupes = {}
-        try:
-            if "UTC" in data["Generated"]:
-                scan_date = datetime.datetime.strptime(
-                    data["Generated"].split(" ")[0], "%d/%m/%Y",
-                ).date()
-            else:
-                scan_date = datetime.datetime.strptime(
-                    data["Generated"], "%d/%m/%Y %H:%M %p",
-                ).date()
-        except ValueError:
-            try:
-                scan_date = date_parser.parse(data["Generated"])
-            except date_parser.ParserError:
-                scan_date = None
+        scan_date = _parse_date(data.get("Generated"))
 
         for item in data["Vulnerabilities"]:
             title = item["Name"]
@@ -62,6 +68,7 @@ def get_findings(self, filename, test):
             dupe_key = title
             request = item["HttpRequest"].get("Content", None)
             response = item["HttpResponse"].get("Content", None)
+            finding_date = _parse_date(item.get("FirstSeenDate")) or scan_date
 
             finding = Finding(
                 title=title,
@@ -70,7 +77,7 @@ def get_findings(self, filename, test):
                 severity=sev.title(),
                 mitigation=mitigation,
                 impact=impact,
-                date=scan_date,
+                date=finding_date,
                 references=references,
                 cwe=cwe,
                 static_finding=True,

unittests/tools/test_invicti_parser.py

@@ -16,7 +16,7 @@ def test_parse_file_with_one_finding(self):
                 finding = findings[0]
                 self.assertEqual("Medium", finding.severity)
                 self.assertEqual(16, finding.cwe)
-                self.assertEqual("25/06/2021", finding.date.strftime("%d/%m/%Y"))
+                self.assertEqual("16/06/2021", finding.date.strftime("%d/%m/%Y"))
                 self.assertIsNotNone(finding.description)
                 self.assertGreater(len(finding.description), 0)
                 self.assertEqual("CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:H/RL:O/RC:C", finding.cvssv3)
@@ -34,7 +34,7 @@ def test_parse_file_with_multiple_finding(self):
                 finding = findings[0]
                 self.assertEqual("Medium", finding.severity)
                 self.assertEqual(16, finding.cwe)
-                self.assertEqual("25/06/2021", finding.date.strftime("%d/%m/%Y"))
+                self.assertEqual("16/06/2021", finding.date.strftime("%d/%m/%Y"))
                 self.assertIsNotNone(finding.description)
                 self.assertGreater(len(finding.description), 0)
                 self.assertEqual("CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:H/RL:O/RC:C", finding.cvssv3)
@@ -46,7 +46,7 @@ def test_parse_file_with_multiple_finding(self):
                 finding = findings[1]
                 self.assertEqual("Critical", finding.severity)
                 self.assertEqual(89, finding.cwe)
-                self.assertEqual("25/06/2021", finding.date.strftime("%d/%m/%Y"))
+                self.assertEqual("16/06/2021", finding.date.strftime("%d/%m/%Y"))
                 self.assertIsNotNone(finding.description)
                 self.assertGreater(len(finding.description), 0)
                 self.assertEqual("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", finding.cvssv3)
@@ -58,7 +58,7 @@ def test_parse_file_with_multiple_finding(self):
                 finding = findings[2]
                 self.assertEqual("Medium", finding.severity)
                 self.assertEqual(205, finding.cwe)
-                self.assertEqual("25/06/2021", finding.date.strftime("%d/%m/%Y"))
+                self.assertEqual("15/06/2021", finding.date.strftime("%d/%m/%Y"))
                 self.assertIsNotNone(finding.description)
                 self.assertGreater(len(finding.description), 0)
                 self.assertEqual("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:H/RL:O/RC:C", finding.cvssv3)

unittests/tools/test_netsparker_parser.py

@@ -16,7 +16,7 @@ def test_parse_file_with_one_finding(self):
                 finding = findings[0]
                 self.assertEqual("Medium", finding.severity)
                 self.assertEqual(16, finding.cwe)
-                self.assertEqual("25/06/2021", finding.date.strftime("%d/%m/%Y"))
+                self.assertEqual("16/06/2021", finding.date.strftime("%d/%m/%Y"))
                 self.assertIsNotNone(finding.description)
                 self.assertGreater(len(finding.description), 0)
                 self.assertEqual("CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:H/RL:O/RC:C", finding.cvssv3)
@@ -34,7 +34,7 @@ def test_parse_file_with_multiple_finding(self):
                 finding = findings[0]
                 self.assertEqual("Medium", finding.severity)
                 self.assertEqual(16, finding.cwe)
-                self.assertEqual("25/06/2021", finding.date.strftime("%d/%m/%Y"))
+                self.assertEqual("16/06/2021", finding.date.strftime("%d/%m/%Y"))
                 self.assertIsNotNone(finding.description)
                 self.assertGreater(len(finding.description), 0)
                 self.assertEqual("CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:H/RL:O/RC:C", finding.cvssv3)
@@ -46,7 +46,7 @@ def test_parse_file_with_multiple_finding(self):
                 finding = findings[1]
                 self.assertEqual("Critical", finding.severity)
                 self.assertEqual(89, finding.cwe)
-                self.assertEqual("25/06/2021", finding.date.strftime("%d/%m/%Y"))
+                self.assertEqual("16/06/2021", finding.date.strftime("%d/%m/%Y"))
                 self.assertIsNotNone(finding.description)
                 self.assertGreater(len(finding.description), 0)
                 self.assertEqual("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", finding.cvssv3)
@@ -58,7 +58,7 @@ def test_parse_file_with_multiple_finding(self):
                 finding = findings[2]
                 self.assertEqual("Medium", finding.severity)
                 self.assertEqual(205, finding.cwe)
-                self.assertEqual("25/06/2021", finding.date.strftime("%d/%m/%Y"))
+                self.assertEqual("15/06/2021", finding.date.strftime("%d/%m/%Y"))
                 self.assertIsNotNone(finding.description)
                 self.assertGreater(len(finding.description), 0)
                 self.assertEqual("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:H/RL:O/RC:C", finding.cvssv3)
@@ -100,4 +100,4 @@ def test_parse_file_issue_11020(self):
                 finding = findings[0]
                 self.assertEqual("Low", finding.severity)
                 self.assertEqual(205, finding.cwe)
-                self.assertEqual("08/10/2024", finding.date.strftime("%d/%m/%Y"))
+                self.assertEqual("23/07/2024", finding.date.strftime("%d/%m/%Y"))