Update dependencies for charts and sort interesting subdomains by HTT…

…P status code util function
yogeshojha · Aug 28, 2024 · 30f84f7 · 30f84f7
1 parent fd30b27
commit 30f84f7
Show file tree

Hide file tree

Showing 5 changed files with 41 additions and 1,052 deletions.
diff --git a/web/reNgine/utilities.py b/web/reNgine/utilities.py
@@ -159,3 +159,16 @@ def is_out_of_scope(self, subdomain):
 		if subdomain in self.plain_patterns:
 			return True
 		return any(pattern.search(subdomain) for pattern in self.regex_patterns)
+
+
+def sorting_key(subdomain):
+	# sort subdomains based on their http status code with priority 200 < 300 < 400 < rest
+	status = subdomain['http_status']
+	if 200 <= status <= 299:
+		return 1
+	elif 300 <= status <= 399:
+		return 2
+	elif 400 <= status <= 499:
+		return 3
+	else:
+		return 4
diff --git a/web/requirements.txt b/web/requirements.txt
@@ -40,3 +40,5 @@ weasyprint==53.3
 wafw00f==2.2.0
 xmltodict==0.13.0
 django-environ==0.11.2
+plotly==5.23.0
+kaleido
diff --git a/web/startScan/views.py b/web/startScan/views.py
@@ -4,7 +4,7 @@
 from weasyprint import HTML, CSS
 from datetime import datetime
 from django.contrib import messages
-from django.db.models import Count
+from django.db.models import Count, Case, When, IntegerField
 from django.http import HttpResponse, HttpResponseRedirect, JsonResponse
 from django.shortcuts import get_object_or_404, render
 from django.template.loader import get_template
@@ -13,6 +13,7 @@
 from django_celery_beat.models import (ClockedSchedule, IntervalSchedule, PeriodicTask)
 from rolepermissions.decorators import has_permission_decorator
 
+
 from reNgine.celery import app
 from reNgine.charts import *
 from reNgine.common_func import *
@@ -1017,6 +1018,29 @@ def create_report(request, id):
         .count()
     )
     interesting_subdomains = get_interesting_subdomains(scan_history=id)
+    interesting_subdomains = interesting_subdomains.annotate(
+        sort_order=Case(
+            When(http_status__gte=200, http_status__lt=300, then=1),
+            When(http_status__gte=300, http_status__lt=400, then=2),
+            When(http_status__gte=400, http_status__lt=500, then=3),
+            default=4,
+            output_field=IntegerField(),
+        )
+    ).order_by('sort_order', 'http_status')
+
+    subdomains = subdomains.annotate(
+        sort_order=Case(
+            When(http_status__gte=200, http_status__lt=300, then=1),
+            When(http_status__gte=300, http_status__lt=400, then=2),
+            When(http_status__gte=400, http_status__lt=500, then=3),
+            default=4,
+            output_field=IntegerField(),
+        )
+    ).order_by('sort_order', 'http_status')
+
+
+
+
     ip_addresses = (
         IpAddress.objects
         .filter(ip_addresses__in=subdomains)

diff --git a/web/templates/report/modern.html b/web/templates/report/modern.html
@@ -2,7 +2,7 @@
 <html lang="en">
     <head>
         <meta charset="UTF-8" />
-        <title>Penetration Testing Report</title>
+        <title>Report</title>
         <link href="https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500&display=swap"
               rel="stylesheet" />
         <style>