import weasyprint import os import json import hashlib from weasyprint import HTML from pathlib import Path from datetime import datetime class Report(object): def __init__(self, capture_directory): self.capture_directory = capture_directory self.alerts = self.read_json(os.path.join( capture_directory, "assets/alerts.json")) self.whitelist = self.read_json(os.path.join( capture_directory, "assets/whitelist.json")) self.conns = self.read_json(os.path.join( capture_directory, "assets/conns.json")) self.device = self.read_json(os.path.join( capture_directory, "assets/device.json")) try: with open(os.path.join(self.capture_directory, "capture.pcap"), "rb") as f: self.capture_sha1 = hashlib.sha1(f.read()).hexdigest() except: self.capture_sha1 = "N/A" def read_json(self, json_path): """ Read and convert a JSON file. :return: array or dict. """ with open(json_path, "r") as json_file: return json.load(json_file) def generate_report(self): """ Generate the full report in PDF :return: nothing """ content = self.generate_page_header() content += self.generate_header() content += self.generate_warning() content += self.generate_alerts() content += self.generate_suspect_conns_block() content += self.generate_uncat_conns_block() content += self.generate_whitelist_block() htmldoc = HTML(string=content, base_url="").write_pdf() Path(os.path.join(self.capture_directory, "report.pdf")).write_bytes(htmldoc) def generate_warning(self): """ Generate the warning message. :return: str """ if len(self.alerts["high"]): return "
Protocol | Domain | Dst IP Address | Dst port |
---|---|---|---|
{} | ".format(rec["proto"].upper()) table += "{} | ".format(rec["resolution"] if rec["resolution"] != rec["ip_dst"] else "--") table += "{} | ".format(rec["ip_dst"]) table += "{} | ".format(rec["port_dst"]) table += "
Protocol | Domain | Dst IP Address | Dst port |
---|---|---|---|
{} | ".format(rec["proto"].upper()) table += "{} | ".format(rec["resolution"] if rec["resolution"] != rec["ip_dst"] else "--") table += "{} | ".format(rec["ip_dst"]) table += "{} | ".format(rec["port_dst"]) table += "
Protocol | Domain | Dst IP Address | Dst port |
---|---|---|---|
{} | ".format(rec["proto"].upper()) table += "{} | ".format(rec["resolution"] if rec["resolution"] != rec["ip_dst"] else "--") table += "{} | ".format(rec["ip_dst"]) table += "{} | ".format(rec["port_dst"]) table += "
Device name: {}
".format(
self.device["name"])
header += "Device MAC address: {}
".format(
self.device["mac_address"])
header += "Report generated on {}
".format(
datetime.now().strftime("%d/%m/%Y at %H:%M:%S"))
header += "Capture SHA1: {}
".format(self.capture_sha1)
header += "
{}
".format( alert["description"]) alerts += "{}
".format( alert["description"]) alerts += "{}
".format( alert["description"]) alerts += "