{"id":18688775,"url":"https://github.com/noraj/pentest-collab-convert","last_synced_at":"2025-04-12T05:38:29.550Z","repository":{"id":46561359,"uuid":"396392312","full_name":"noraj/Pentest-collab-convert","owner":"noraj","description":"Collection of scripts used to convert stuff from one penetration testing collaborative platform to another and facilitate the migration of solution","archived":false,"fork":false,"pushed_at":"2023-08-25T23:21:48.000Z","size":15,"stargazers_count":12,"open_issues_count":0,"forks_count":0,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-04-12T05:38:23.974Z","etag":null,"topics":["collaboration-platform","pentest","pentest-scripts"],"latest_commit_sha":null,"homepage":"","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"osl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/noraj.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"github":"noraj","issuehunt":"noraj","ko_fi":"noraj"}},"created_at":"2021-08-15T15:13:50.000Z","updated_at":"2025-02-14T22:12:04.000Z","dependencies_parsed_at":"2024-11-07T10:41:46.362Z","dependency_job_id":"52154228-ea5d-4a31-bf93-4ceb250564e7","html_url":"https://github.com/noraj/Pentest-collab-convert","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/noraj%2FPentest-collab-convert","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/noraj%2FPentest-collab-convert/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/noraj%2FPentest-collab-convert/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/noraj%2FPentest-collab-convert/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/noraj","download_url":"https://codeload.github.com/noraj/Pentest-collab-convert/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248525168,"owners_count":21118616,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["collaboration-platform","pentest","pentest-scripts"],"created_at":"2024-11-07T10:38:21.625Z","updated_at":"2025-04-12T05:38:29.530Z","avatar_url":"https://github.com/noraj.png","language":"Ruby","funding_links":["https://github.com/sponsors/noraj","https://issuehunt.io/r/noraj","https://ko-fi.com/noraj"],"categories":[],"sub_categories":[],"readme":"# Pentest collab convert\n\n[![GitHub license](https://img.shields.io/github/license/noraj/Pentest-collab-convert)](https://github.com/noraj/Pentest-collab-convert/blob/master/LICENSE)\n\n\u003e Pentest collab convert is a collection of scripts used to convert stuff from one penetration testing collaborative platform to another and facilitate the migration of solution\n\n## PwnDoc to Reconmap\n\n[PwnDoc][pwndoc] to [Reconmap][reconmap]\n\n### Converting vulnerabilities\n\nPrerequisites:\n\n- probably any version of Ruby 2.X and 3.X\n- [kramdown](https://rubygems.org/gems/kramdown/) gem\n\nUsage:\n\n```shell\nruby pwndoc2reconmap_vulns.rb 'pwndoc_vuln_file.yml' 'reconmap_vuln_file.json'\n```\n\nExample:\n\n```shell\nruby pwndoc2reconmap_vulns.rb '/tmp/vulnerabilities_pwndoc_20210815.yml' '/tmp/reconmap-data-test.json'\n```\n\nFeatures:\n\n- The fields `description`, `observation` and `remediation` from PwnDoc will be converted from HTML to Markdown (as Reconmap used it)\n- The `cvssSeverity` field from PwnDoc will be used for the `risk` field of Reconmap\n\nLimitations:\n\n- As there is no _Multilingual vulnerability_ support yet in Reconmap ([#50][reconmap-50]) but there is in PwnDoc, a workaround is used to create an instance of vulnerability per language. So if you have French (fr) + English (en) locales in PwnDoc then two vulnerabilities will be created in Reconmap and the lang will be prefixed to the title. Example: `[en] SQL injection` and `[fr] Injection SQL`.\n- The fields `priority` and `remediationComplexity` from PwnDoc will be lost since Reconmap doesn't support them yet ([#51][reconmap-51])\n- The fields `category` and `vulnType` from PwnDoc will be lost until some points about the import behavior of Reconmap are clarified ([#52][reconmap-52])\n- The `references` field from PwnDoc will be appended at the end of the `solution` field of Reconmap since there is not yet a `references` field on Reconmap ([#51][reconmap-51])\n- Vulnerabilities will be marked as status open and sub-status reported because of the Reconmap DB architecture ([#54][reconmap-54])\n- Custom fields from PwnDoc will be lost since there is not yet the possibility to add custom fields on Reconmap ([#51][reconmap-51])\n- The creator id for Reconmap will be set to `1` (the default admin), if you want to change that modify the `creator_uid` and maybe `creator_full_name`; I don't know how it behaves yet ([#52][reconmap-52])\n\n## Vulnrepo to Reconmap\n\n[vulnrepo][vulnrepo] to [Reconmap][reconmap]\n\n### Converting vulnerability templates\n\nPrerequisites:\n\n- Ruby\n\nUsage:\n\n```shell\nruby vulnrepo2reconmap_vulns.rb 'vulns.json' 'reconmap_vuln_templates.json'\n```\n\n## Pwndoc-ng to Sysreptor\n\n[Pwndoc-ng][pwndoc-ng] to [Sysreptor][sysreptor]\n\n### Converting vulnerabilities\n\n\nPrerequisites:\n\n- probably any version of Ruby 2.X and 3.X\n- [kramdown](https://rubygems.org/gems/kramdown/) gem\n\nUsage:\n\n```shell\nruby pwndoc-ng2sysreptor_vulns.rb pwndoc_vuln_file.yml export_folder\n```\n\nExample:\n\n```shell\nruby pwndoc-ng2sysreptor_vulns.rb /tmp/vulnerabilities.yml sysreptor\n```\n\nFeatures:\n\n- The fields `description`, `observation` and `remediation` from Pwndoc-ng will be converted from HTML to Markdown (as Sysreptor used it)\n- JSON + `.tar.gz` individual file export\n- Global `.tar.gz` for bulk import\n\nLimitations:\n\n- The fields `priority` and `remediationComplexity` from Pwndoc-ng will be lost\n- The fields `category` from Pwndoc-ng will be added in `tags` in Sysreptor\n- Mapping for en-US and fr-FR is hardcoded\n- Status in arbitrarily set to `in-progress`\n- I was using a custom field as Ref ID in Pwndoc-ng so I chose to import it in `refid` in Sysreptor\n- The field `description` from Pwndoc-ng is mapped to `summary` in Sysreptor\n- The field `observation` from Pwndoc-ng is mapped to `description` (technical description) in Sysreptor\n- The field `remediation` from Pwndoc-ng is mapped to `recommendation` in Sysreptor\n- The fields `vulnType` from Pwndoc-ng will be lost\n- Other custom fields from Pwndoc-ng will be lost\n- Other Sysreptor fields are left blank\n\n[pwndoc]:https://github.com/pwndoc\n[pwndoc-ng]:https://github.com/pwndoc-ng\n[reconmap]:https://github.com/reconmap\n[reconmap-50]:https://github.com/reconmap/reconmap/issues/50\n[reconmap-51]:https://github.com/reconmap/reconmap/issues/51\n[reconmap-52]:https://github.com/reconmap/reconmap/issues/52#issuecomment-899048105\n[reconmap-54]:https://github.com/reconmap/reconmap/issues/54\n[sysreptor]:https://github.com/Syslifters/sysreptor\n[vulnrepo]:https://github.com/kac89/vulnrepo/\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnoraj%2Fpentest-collab-convert","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnoraj%2Fpentest-collab-convert","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnoraj%2Fpentest-collab-convert/lists"}