Plextrac Database to Ghostwriter

Question

Plextrac Database to Ghostwriter

hansonryne opened this issue 9 months ago · comments

Is your feature request related to a problem? Please describe.
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
It would be great if there was a conversion tool to bring a Plextrac findings database over to the Ghostwriter database.

Describe the solution you'd like
A command line tool or an integration with the web interface with a json drag and drop would be great.

Describe alternatives you've considered
The only way I am aware at this point is to copy/paste by hand.

Additional context
We would love to use Ghostwriter but have a large database that we want to bring over from Plextrac with us.

Christopher Maddalena · Answer 1 · Thu Sep 28 2023 04:10:36 GMT+0800 (China Standard Time)

Hey @hansonryne, that should be feasible, but anyone developing that utility would need an example of a Plextrac database. I've never used Plextrac and don't know the schema.

If Plextrac has an API, the conversion could be scripted to pull findings from Plextrac and ad them to Ghostwriter via Ghostwriter's GraphQL API.

hansonryne · Answer 2 · Thu Sep 28 2023 04:15:00 GMT+0800 (China Standard Time)

Thanks for the response. Here is a link to the API for the write-ups DB that has the fields for any findings saved to the database:
https://api-docs.plextrac.com/#cd707d09-1e7e-4bf0-9b97-92b48800821e

Christopher Maddalena · Answer 3 · Fri Oct 06 2023 04:13:56 GMT+0800 (China Standard Time)

Thanks for sharing the link. Migrating seems very doable. You could loop over all the writeups in PlexTrac and send each one to Ghostwriter via the GraphQL API as a new finding. The title, description, recommendations, references, and severity fields all have counterparts in Ghostwriter. Then you could go through the findings and perform clean-up in Ghostwriter.

Ghostwriter breaks up findings into description and impact. There are also fields for detection recommendations and CVSS. You might want to go through the findings and break-up the description into those fields and.or add CVSS scoring.

It should be pretty simple.

Erik · Answer 4 · Wed Jun 05 2024 04:26:26 GMT+0800 (China Standard Time)

Side benefit: Once this is done for Plextrac, having a base script to modify to get it to work on other reporting platforms should be a much easier task. For our team at IncludeSec having a Dradis->Ghostwriter importer would be amazing.

It should be pretty simple.

Oh it does sound simple, but I'm sure something will end up being crazy strange in the import 💯 lost or incorrect formatting, or content/media inclusion difficulties.