Version number

Version number: 1.0.0

Description

First complete beta version of pynipper-ng, for Cisco devices.

Release date

Release date: 06/08/2023

Reduced changelog

• Translated Cisco plugins
• Simple code architecture
• PyPi released package

It is necessary yo have a workflow that allows yo check if pynipper can be build successfully. Also, it is necessary yo check the modules with unit tests.

So:

• Develop a CI workflow to build and execute pynipper with several Python 3 versions.
• Develop unit tests to check modules and integrate the testing into CI

Is your feature request related to a problem? Please describe.

We want to include labels with important information (like CIS ID, CWE...)

Describe the solution you'd like

A field in the reports

Describe alternatives you've considered

N/A

Pynipper-ng should be documentated in:

• README
• Wiki
• GitHub Pages
• About section

Describe the bug
The SonarQube workflow doesn't works un PRs.

To Reproduce
Create a PR with base branch main ir Develop.

Expected behavior
A SonarQube scan executed with a open PR.

CLI (please complete the following information):

• OS: N/A
• Python Version: N/A
• Tool Version: 0.1.1 Alpha

Tracking issue for:

• https://github.com/syn-4ck/pynipper-ng/security/code-scanning/1

Is your feature request related to a problem? Please describe.

Improve readthedocs and web page documentation

Is your feature request related to a problem? Please describe.

We want to improve the Code Quality. The plugins should be more flexible and easy, and the impact/exploit/recommendations should be stored out of the plugin (like a DB)

Describe the solution you'd like

A more clear-concept in plugins.

Describe alternatives you've considered

Messages stored.
Easy plugin architecture.

Is your feature request related to a problem? Please describe.
Create a field in the reports to improve the UX when a network admin wants to remediate it.

Describe the solution you'd like
Introduce a Line number in reports.

Describe alternatives you've considered
N/A

Additional context
N/A

Closes GHSA-r4pr-h9r8-jj5p

Motivation

A new important enhancement for v0.1.0 BETA is include the checks of nipper-ng in the pynipper-ng modules. The translation of this checks (C++ to Python) allows user to have the same level of detection that in nipper-ng.

Acceptance criteria

• Include new modules for checks: In this moment pynipper-ng only gets SSH and HTTP basic missconfigurations, but nipper gets a lot more.
• Checks this detection with tests-data

CIS Recommendations

Plugins

Based on https://www.cisecurity.org/cis-benchmarks (CIS CISCO IOS 17.x Benchmark)

Is requied to make the requirements file.

We should clean the code-smells and bugs reported in SonarCloud.

• Clean > medium issues in SonarCloud
• Correct duplicated blocks (if it's possible)
• Security hostpots fix