A collection of custom parsers for DefectDojo, the leading open-source vulnerability management platform. These parsers extend DefectDojo's scanning capabilities with enhanced support for popular security tools.
-
Netsparker Parser (
netsparker/parser.py)- Full JSON format support
- Advanced vulnerability classification
- CVSS scoring integration
- False positive detection
- Risk acceptance handling
- Comprehensive request/response capture
-
Tenable Parser (
tenable/xml_format.py)- Enhanced XML format parsing
- Improved severity mapping
- Better CVE/CWE extraction
- Advanced deduplication logic
- Comprehensive field mapping
- Better Data Extraction: Enhanced parsing of vulnerability details, CVSS scores, and metadata
- Improved Deduplication: More accurate duplicate detection algorithms
- Enhanced Severity Mapping: Better conversion between scanner and DefectDojo severity levels
- Comprehensive Logging: Detailed logging for troubleshooting and debugging
- Docker Integration: Ready-to-use Docker Compose configuration
- Docker and Docker Compose
- DefectDojo (latest version recommended)
- Python 3.8+ (for development)
-
Clone this repository:
git clone <your-repo-url> cd defectdojo
-
Start DefectDojo with custom parsers:
docker compose up -d
-
Get admin credentials:
docker compose logs initializer | grep "Admin password:"
-
Access DefectDojo:
- Open your browser and navigate to
http://localhost:8080 - Login with the admin credentials from step 3
- Open your browser and navigate to
-
Copy parser files to your DefectDojo installation:
# For Netsparker parser cp netsparker/parser.py /path/to/defectdojo/dojo/tools/netsparker/ # For Tenable parser cp tenable/xml_format.py /path/to/defectdojo/dojo/tools/tenable/
-
Restart your DefectDojo instance
- Export scan results from Netsparker in JSON format
- Upload to DefectDojo:
- Navigate to your product/engagement
- Click "Add Finding" β "Import Scan Results"
- Select "Netsparker Scan" as the scan type
- Upload your JSON report
- Export scan results from Tenable/Nessus in XML format (NessusClientData_v2)
- Upload to DefectDojo:
- Navigate to your product/engagement
- Click "Add Finding" β "Import Scan Results"
- Select "Tenable Scan" as the scan type
- Upload your XML report
The docker-compose.yaml file includes volume mounts for the custom parsers:
volumes:
- ./tenable/xml_format.py:/app/dojo/tools/tenable/xml_format.py
- ./netsparker/parser.py:/app/dojo/tools/netsparker/parser.pyYou can customize the parsers by modifying the source files:
- Netsparker Parser: Edit
netsparker/parser.pyfor JSON format adjustments - Tenable Parser: Edit
tenable/xml_format.pyfor XML format enhancements
- Generate test reports from your security tools
- Upload to DefectDojo using the custom parsers
- Verify findings are imported correctly with proper:
- Severity levels
- CVSS scores
- CVE/CWE mappings
- Descriptions and mitigations
For testing purposes, you can use sample reports from:
- Netsparker: Export a test scan in JSON format
- Tenable: Export a test scan in XML format (NessusClientData_v2)
We welcome contributions! Here's how you can help:
- Fork the repository
- Create a feature branch:
git checkout -b feature/your-feature-name
- Make your changes
- Test thoroughly
- Submit a pull request
- Follow Python PEP 8 guidelines
- Add comprehensive docstrings
- Include type hints where appropriate
- Write unit tests for new features
When reporting issues, please include:
- DefectDojo version
- Parser type (Netsparker/Tenable)
- Sample scan data (anonymized)
- Expected vs actual behavior
- Error messages/logs
- Input Format: JSON
- Supported Fields: Title, Description, Severity, CVSS, CWE, References
- Special Features: False positive detection, risk acceptance
- Input Format: XML (NessusClientData_v2)
- Supported Fields: Title, Description, Severity, CVSS, CVE, CWE
- Special Features: Enhanced deduplication, improved severity mapping
For detailed API documentation, refer to the DefectDojo documentation.
- DefectDojo Main Repository
- DefectDojo Documentation
- DefectDojo Community
- Netsparker Documentation
- Tenable Documentation
This project is licensed under the BSD 3-Clause License - see the LICENSE file for details.
- DefectDojo Community for the excellent vulnerability management platform
- OWASP for supporting the DefectDojo project
- All contributors who have helped improve these parsers
Note: These parsers are designed to work with the latest version of DefectDojo. For compatibility with older versions, please check the DefectDojo release notes and adjust the parser code accordingly.