vdbaan / issuefinder Goto Github PK

Can you add port status as a column and filter option?

Because the database name remains, it is not possible to maintain 2 separate instances. E.g. to open scan results for two diff jobs. Which ever instance interacts with the database last over-writes the previous one.

One recommendation would be to create database name randomly or attach epoch time to current database name. Dont know if there is a feature within Java to maintain "session" for thick clients - create a new config file for each instance?

I had issues when loading large Nessus files containing results of several 100s and even 1000s of hosts. The issue arises when ISsueFinder tries to load it into memory.

Recommend adding support for database instead. SQLite and even network db (MySQL, mssql, etc) would be really useful. Yes, it may hamper the speed of search, but atleast it would handle large data files. Moreover we would also be able to delegate search to the database.

It would be worth adding filter and select options on right-click. ATM its only filter.
Modified option would be

Filter > By Scanner
> By IP
> ..... (add each column here)
Select > Unique IPs
> Unique Ports
> IP:Port

While this tool has clearly added more support then nessie viewer and has better capabilities. There is one feature which makes me remember nessie viewer. The current filters are typing focused and would be awesome if we can have may be some of the filters present in like a drop down fashion.

This is how nessie viewer does filtering.

What i am proposing is just below the filter text box we place some common placeholders like risk rating. Host, port, plugin id / name etc so people can just select from drop down and done. I know there is a round about way right now where people can right click on specific item and select it as filter simmilar to how wireshark does it but a drop down autopopulated based on whatever we have on record will be a awesome.

hoping this does gets added as a feature.

Add pasers for the following tools:

• Burp
• ZAP
• Nexpose
• OpenVAS

Add test files for all.

Could you please add CVSS column to the list as well?

Adding pre-built filters would we really useful. Examples include- Show open ports, show IPs with open ports, show most vulnerable hosts, show most vulnerable services, etc.

These can be shown in a pop-up window, one item per line.

Will help when adding to reports

This is a cosmetic change request.

The whole app is quite bland. Recommend two changes.

First add a light shade on the whole row based on issue rating. this is instead of brightly colouring just the Risk column.

Secondly, add small styles on issue description to make it stand out. I will try and add some changes and submit as push request

attributed to @anantshri

Additional filter options can include:

• Ease of exploit or exploit available
• CVSS Base score
• Plugin number

"The issue tab looks good. Why don't we have a copy IP Port option in it also. just like we have in the main view." - @anantshri

Would it be possible to add a column (or reuse existing structure) to include nmap output that may include open/closed/filtered/open|filtered etc?

2 issues found in Filter:

1. Filter is not case insensitive.

E.g. Risk == 'CRITICAL' works but Risk == 'critical' doesn't.

2. Complex filter doesn't work

E.g. RISK == 'CRITICAL' && PORT == '443' doesn't return any value