Refactor mobsf parser for v4 reports (#11056)

* Refactor mobsf parser for v4 reports

* Refactor mobsf parser for v4 reports

* Refactor mobsf parser for v4 reports

* Refactor mobsf parser for v4 reports

* Refactor mobsf parser for v4 reports

* Refactor mobsf parser for v4 reports

* Refactor mobsf parser for v4 reports

* Refactor mobsf parser for v4 reports

* Refactor mobsf parser for v4 reports

* Refactor mobsf parser for v4 reports

* Refactor mobsf parser for v4 reports

* Refactor mobsf parser for v4 reports

* Refactor mobsf parser for v4 reports

* Separate old and new mobsf parsers

* Separate old and new mobsf parsers

* Separate old and new mobsf parsers

* Separate old and new mobsf parsers

* Fix settings sha256sum

* Fix settings sha256sum

* Fix settings sha256sum

* Fix settings sha256sum

* Fix settings sha256sum

* Fix lost old parser

* Fix path to sample reports

* fix md5 again

* Some extra fixes after review

* Some extra fixes after review

* Some extra fixes after review

* Fix md5

* Fix md5

---------

Co-authored-by: Dmitry Maryushkin <[email protected]>

docs/content/en/integrations/parsers/file/mobsf_scorecard.md

@@ -0,0 +1,8 @@
+---
+title: "MobSF Scorecard Scanner"
+toc_hide: true
+---
+Export a JSON file using the API, api/v1/report_json.
+
+### Sample Scan Data
+Sample MobSF Scorecard Scanner scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/mobsf_scorecard).

dojo/settings/.settings.dist.py.sha256sum

@@ -1 +1 @@
-989918ec4f7b8fdb5f44d5c3568c948072265f269de96346002baaeebc67301b
+fc660db6c2f55181fd8515d9b13c75197d8272c5c635235f6f60e4b1fc77af04

dojo/settings/settings.dist.py

@@ -1278,6 +1278,7 @@ def saml2_attrib_map_format(dict):
     "HCLAppScan XML": ["title", "description"],
     "KICS Scan": ["file_path", "line", "severity", "description", "title"],
     "MobSF Scan": ["title", "description", "severity"],
+    "MobSF Scorecard Scan": ["title", "description", "severity"],
     "OSV Scan": ["title", "description", "severity"],
     "Snyk Code Scan": ["vuln_id_from_tool", "file_path"],
     "Deepfence Threatmapper Report": ["title", "description", "severity"],
@@ -1509,6 +1510,7 @@ def saml2_attrib_map_format(dict):
     "HCLAppScan XML": DEDUPE_ALGO_HASH_CODE,
     "KICS Scan": DEDUPE_ALGO_HASH_CODE,
     "MobSF Scan": DEDUPE_ALGO_HASH_CODE,
+    "MobSF Scorecard Scan": DEDUPE_ALGO_HASH_CODE,
     "OSV Scan": DEDUPE_ALGO_HASH_CODE,
     "Nosey Parker Scan": DEDUPE_ALGO_UNIQUE_ID_FROM_TOOL_OR_HASH_CODE,
     "Bearer CLI": DEDUPE_ALGO_HASH_CODE,

dojo/tools/mobsf_scorecard/__init__.py

@@ -0,0 +1 @@
+__author__ = "Dmitrii Mariushkin"

dojo/tools/mobsf_scorecard/parser.py

@@ -0,0 +1,106 @@
+import json
+from datetime import datetime
+
+from dateutil import parser as date_parser
+
+from dojo.models import Finding
+
+
+class MobSFScorecardParser:
+
+    def get_scan_types(self):
+        return ["MobSF Scorecard Scan"]
+
+    def get_label_for_scan_types(self, scan_type):
+        return "MobSF Scorecard Scan"
+
+    def get_description_for_scan_types(self, scan_type):
+        return "Export a JSON file using the API, api/v1/report_json."
+
+    def get_findings(self, filename, test):
+
+        tree = filename.read()
+
+        try:
+            data = json.loads(str(tree, "utf-8"))
+        except:
+            data = json.loads(tree)
+
+        if "timestamp" in data:
+            try:
+                find_date = date_parser.parse(data["timestamp"])
+            except date_parser.ParserError:
+                find_date = datetime.now()
+        else:
+            find_date = datetime.now()
+
+        appsec_fields_for_test_desc = [
+            "file_name",
+            "hash",
+            "security_score",
+            "app_name",
+            "version_name",
+        ]
+
+        main_fields_for_test_desc = [
+            "app_type",
+            "package_name",
+            "bundle_id",
+            "sdk_name",
+            "platform",
+        ]
+
+        test_description = ""
+
+        for field in appsec_fields_for_test_desc:
+
+            field_value = str(data.get("appsec", {}).get(field, ""))
+
+            if field_value:
+                test_description = f"{test_description}  **{field}:** {field_value}\n"
+
+        for field in main_fields_for_test_desc:
+
+            field_value = str(data.get(field, ""))
+
+            if field_value:
+                test_description = f"{test_description}  **{field}:** {field_value}\n"
+
+        test.description = test_description
+
+        finding_severities = {
+            "high": "High",
+            "warning": "Medium",
+            "info": "Info",
+            "secure": "Info",
+            "hotspot": "Low",
+        }
+
+        dd_findings = {}
+
+        for finding_severity in finding_severities.keys():
+            if finding_severity in data.get("appsec", {}):
+                for mobsf_finding in data["appsec"][finding_severity]:
+
+                    section = str(mobsf_finding.get("section", ""))
+                    title = str(mobsf_finding.get("title", ""))
+                    description = str(mobsf_finding.get("description", ""))
+
+                    unique_key = f"{finding_severity}-{section}-{title}-{description}"
+
+                    finding = Finding(
+                            title=title,
+                            cwe=919,  # Weaknesses in Mobile Applications
+                            test=test,
+                            description=f"**Category:** {section}\n\n{description}",
+                            severity=finding_severities[finding_severity],
+                            references=None,
+                            date=find_date,
+                            static_finding=True,
+                            dynamic_finding=False,
+                            nb_occurences=1,
+                        )
+
+                    dd_findings[unique_key] = finding
+
+        return list(dd_findings.values())