Vulnerability
Represents a security vulnerability discovered during an audit.
Class Definition
class Vulnerability:
def __init__(self, name, description, port, risk, evidence_file="", recommendations="")
Constructor Parameters
Name of the vulnerability (e.g., “SQL Injection”, “Weak WordPress Password”)
Detailed description of the vulnerability and its impact
Port number where the vulnerability was discovered
Risk severity level for this vulnerability. Must be a RiskLevel enum value.
Path to file containing evidence or proof of the vulnerability (e.g., screenshot, log file)
Recommended remediation steps to fix the vulnerability
Attributes
Remediation recommendations
Example
from models.vuln import Vulnerability, RiskLevel
# Create a critical SQL injection vulnerability
vuln = Vulnerability(
name="SQL Injection in DVWA",
description="The application is vulnerable to blind SQL injection attacks. "
"Attacker can extract database contents including user credentials.",
port=80,
risk=RiskLevel.CRITICAL,
evidence_file="outputs/sqlmap_dvwa_dump.txt",
recommendations="Use parameterized queries and input validation. "
"Update DVWA to latest version."
)
# Add to host
host.vulnerabilities.append(vuln)
print(f"{vuln.name} - {vuln.risk.value}")
# Output: SQL Injection in DVWA - 🔴 CRÍTICO
RiskLevel
Enum representing the severity level of vulnerabilities and overall host risk.
Class Definition
from enum import Enum
class RiskLevel(Enum):
LOW = "🟢 BAJO"
MEDIUM = "🟡 MEDIO"
HIGH = "🟠 ALTO"
CRITICAL = "🔴 CRÍTICO"
Values
Low severity - Minor issues with minimal security impact
Medium severity - Moderate security concerns that should be addressed
High severity - Significant security vulnerabilities requiring prompt attention
Critical severity - Severe vulnerabilities requiring immediate remediation
Usage
from models.vuln import RiskLevel
# Assign risk level to vulnerability
vuln.risk = RiskLevel.CRITICAL
# Set overall host risk
host.risk_level = RiskLevel.HIGH
# Access the display value
print(vuln.risk.value) # Output: 🔴 CRÍTICO
# Compare risk levels
if host.risk_level == RiskLevel.CRITICAL:
print("Immediate action required!")
# Use in conditionals
if vuln.risk in [RiskLevel.HIGH, RiskLevel.CRITICAL]:
send_alert(vuln)
Risk Level Guidelines
The RiskAnalyzer service assigns risk levels based on:
- CRITICAL: SQL injection, remote code execution, valid credentials extracted
- HIGH: Multiple serious vulnerabilities, outdated services with known exploits
- MEDIUM: Minor vulnerabilities, information disclosure
- LOW: No significant vulnerabilities detected
Complete Example
from models.vuln import Vulnerability, RiskLevel
from models.host import Host
# Create host
host = Host("192.168.1.100")
# Add multiple vulnerabilities with different risk levels
vulnerabilities = [
Vulnerability(
name="SQL Injection",
description="DVWA database vulnerable to SQLi",
port=80,
risk=RiskLevel.CRITICAL,
evidence_file="outputs/sqli_proof.txt",
recommendations="Implement prepared statements"
),
Vulnerability(
name="Weak WordPress Credentials",
description="WordPress admin account compromised via brute-force",
port=80,
risk=RiskLevel.HIGH,
evidence_file="outputs/wp_brute.txt",
recommendations="Enforce strong password policy and rate limiting"
),
Vulnerability(
name="Directory Listing Enabled",
description="Web server allows directory browsing",
port=80,
risk=RiskLevel.MEDIUM,
recommendations="Disable directory listing in web server config"
)
]
host.vulnerabilities.extend(vulnerabilities)
# Risk analyzer will set overall risk based on vulnerabilities
from services.risk_analyzer import RiskAnalyzer
RiskAnalyzer.analyze(host)
print(f"Total vulnerabilities: {len(host.vulnerabilities)}")
print(f"Overall risk: {host.risk_level.value}")
# Filter by severity
critical_vulns = [v for v in host.vulnerabilities if v.risk == RiskLevel.CRITICAL]
print(f"Critical issues: {len(critical_vulns)}")
- Host - Host model uses Vulnerability and RiskLevel
- AuditEngine - Creates vulnerabilities during audit phases