From a0bb0bc7fea88c811772af8b538eb6ef4f93eea7 Mon Sep 17 00:00:00 2001
From: VakarisZ <vakarisz@yahoo.com>
Date: Mon, 8 Feb 2021 17:42:57 +0200
Subject: [PATCH] Small renamings and minor improvements

---
 ...findings.py => scoutsuite_finding_maps.py} | 17 +++++-----
 .../consts/scoutsuite_findings_list.py        | 10 +++---
 .../scoutsuite/data_parsing/rule_parser.py    | 33 +++++++++++++------
 .../abstract_rule_path_creator.py             |  3 +-
 .../test_common/scoutsuite_finding_data.py    |  2 +-
 5 files changed, 40 insertions(+), 25 deletions(-)
 rename monkey/monkey_island/cc/services/zero_trust/scoutsuite/consts/{scoutsuite_findings.py => scoutsuite_finding_maps.py} (95%)

diff --git a/monkey/monkey_island/cc/services/zero_trust/scoutsuite/consts/scoutsuite_findings.py b/monkey/monkey_island/cc/services/zero_trust/scoutsuite/consts/scoutsuite_finding_maps.py
similarity index 95%
rename from monkey/monkey_island/cc/services/zero_trust/scoutsuite/consts/scoutsuite_findings.py
rename to monkey/monkey_island/cc/services/zero_trust/scoutsuite/consts/scoutsuite_finding_maps.py
index 0881b4733..a7ef79fdf 100644
--- a/monkey/monkey_island/cc/services/zero_trust/scoutsuite/consts/scoutsuite_findings.py
+++ b/monkey/monkey_island/cc/services/zero_trust/scoutsuite/consts/scoutsuite_finding_maps.py
@@ -19,7 +19,8 @@ from .rule_names.sqs_rules import SQSRules
 from .rule_names.vpc_rules import VPCRules
 
 
-class ScoutSuiteFinding(ABC):
+# Class which links ZT tests and rules to ScoutSuite finding
+class ScoutSuiteFindingMap(ABC):
     @property
     @abstractmethod
     def rules(self) -> List[EC2Rules]:
@@ -31,7 +32,7 @@ class ScoutSuiteFinding(ABC):
         pass
 
 
-class PermissiveFirewallRules(ScoutSuiteFinding):
+class PermissiveFirewallRules(ScoutSuiteFindingMap):
     rules = [EC2Rules.SECURITY_GROUP_ALL_PORTS_TO_ALL, EC2Rules.SECURITY_GROUP_OPENS_TCP_PORT_TO_ALL,
              EC2Rules.SECURITY_GROUP_OPENS_UDP_PORT_TO_ALL, EC2Rules.SECURITY_GROUP_OPENS_RDP_PORT_TO_ALL,
              EC2Rules.SECURITY_GROUP_OPENS_SSH_PORT_TO_ALL, EC2Rules.SECURITY_GROUP_OPENS_MYSQL_PORT_TO_ALL,
@@ -56,7 +57,7 @@ class PermissiveFirewallRules(ScoutSuiteFinding):
     test = zero_trust_consts.TEST_SCOUTSUITE_PERMISSIVE_FIREWALL_RULES
 
 
-class UnencryptedData(ScoutSuiteFinding):
+class UnencryptedData(ScoutSuiteFindingMap):
     rules = [EC2Rules.EBS_SNAPSHOT_NOT_ENCRYPTED, EC2Rules.EBS_VOLUME_NOT_ENCRYPTED,
              EC2Rules.EC2_INSTANCE_WITH_USER_DATA_SECRETS,
              ELBv2Rules.ELBV2_LISTENER_ALLOWING_CLEARTEXT, ELBv2Rules.ELBV2_OLDER_SSL_POLICY,
@@ -69,7 +70,7 @@ class UnencryptedData(ScoutSuiteFinding):
     test = zero_trust_consts.TEST_SCOUTSUITE_UNENCRYPTED_DATA
 
 
-class DataLossPrevention(ScoutSuiteFinding):
+class DataLossPrevention(ScoutSuiteFindingMap):
     rules = [RDSRules.RDS_INSTANCE_BACKUP_DISABLED, RDSRules.RDS_INSTANCE_SHORT_BACKUP_RETENTION_PERIOD,
              RDSRules.RDS_INSTANCE_SINGLE_AZ, S3Rules.S3_BUCKET_NO_MFA_DELETE, S3Rules.S3_BUCKET_NO_VERSIONING,
              ELBv2Rules.ELBV2_NO_DELETION_PROTECTION]
@@ -77,7 +78,7 @@ class DataLossPrevention(ScoutSuiteFinding):
     test = zero_trust_consts.TEST_SCOUTSUITE_DATA_LOSS_PREVENTION
 
 
-class SecureAuthentication(ScoutSuiteFinding):
+class SecureAuthentication(ScoutSuiteFindingMap):
     rules = [
         IAMRules.IAM_USER_NO_ACTIVE_KEY_ROTATION,
         IAMRules.IAM_PASSWORD_POLICY_MINIMUM_LENGTH,
@@ -95,7 +96,7 @@ class SecureAuthentication(ScoutSuiteFinding):
     test = zero_trust_consts.TEST_SCOUTSUITE_SECURE_AUTHENTICATION
 
 
-class RestrictivePolicies(ScoutSuiteFinding):
+class RestrictivePolicies(ScoutSuiteFindingMap):
     rules = [
         IAMRules.IAM_ASSUME_ROLE_POLICY_ALLOWS_ALL,
         IAMRules.IAM_EC2_ROLE_WITHOUT_INSTANCES,
@@ -157,7 +158,7 @@ class RestrictivePolicies(ScoutSuiteFinding):
     test = zero_trust_consts.TEST_SCOUTSUITE_RESTRICTIVE_POLICIES
 
 
-class Logging(ScoutSuiteFinding):
+class Logging(ScoutSuiteFindingMap):
     rules = [
         CloudTrailRules.CLOUDTRAIL_DUPLICATED_GLOBAL_SERVICES_LOGGING,
         CloudTrailRules.CLOUDTRAIL_NO_DATA_LOGGING,
@@ -177,7 +178,7 @@ class Logging(ScoutSuiteFinding):
     test = zero_trust_consts.TEST_SCOUTSUITE_LOGGING
 
 
-class ServiceSecurity(ScoutSuiteFinding):
+class ServiceSecurity(ScoutSuiteFindingMap):
     rules = [
         CloudformationRules.CLOUDFORMATION_STACK_WITH_ROLE,
         ELBv2Rules.ELBV2_HTTP_REQUEST_SMUGGLING,
diff --git a/monkey/monkey_island/cc/services/zero_trust/scoutsuite/consts/scoutsuite_findings_list.py b/monkey/monkey_island/cc/services/zero_trust/scoutsuite/consts/scoutsuite_findings_list.py
index b123e720e..a531a4476 100644
--- a/monkey/monkey_island/cc/services/zero_trust/scoutsuite/consts/scoutsuite_findings_list.py
+++ b/monkey/monkey_island/cc/services/zero_trust/scoutsuite/consts/scoutsuite_findings_list.py
@@ -1,8 +1,8 @@
-from .scoutsuite_findings import (DataLossPrevention, Logging,
-                                  PermissiveFirewallRules,
-                                  RestrictivePolicies,
-                                  SecureAuthentication, ServiceSecurity,
-                                  UnencryptedData)
+from .scoutsuite_finding_maps import (DataLossPrevention, Logging,
+                                      PermissiveFirewallRules,
+                                      RestrictivePolicies,
+                                      SecureAuthentication, ServiceSecurity,
+                                      UnencryptedData)
 
 SCOUTSUITE_FINDINGS = [PermissiveFirewallRules, UnencryptedData, DataLossPrevention, SecureAuthentication,
                        RestrictivePolicies, Logging, ServiceSecurity]
diff --git a/monkey/monkey_island/cc/services/zero_trust/scoutsuite/data_parsing/rule_parser.py b/monkey/monkey_island/cc/services/zero_trust/scoutsuite/data_parsing/rule_parser.py
index 8da69a9bb..e07431541 100644
--- a/monkey/monkey_island/cc/services/zero_trust/scoutsuite/data_parsing/rule_parser.py
+++ b/monkey/monkey_island/cc/services/zero_trust/scoutsuite/data_parsing/rule_parser.py
@@ -1,3 +1,5 @@
+from enum import Enum
+
 import dpath.util
 
 from common.utils.exceptions import RulePathCreatorNotFound
@@ -5,22 +7,33 @@ from monkey_island.cc.services.zero_trust.scoutsuite.data_parsing.rule_path_buil
     RULE_PATH_CREATORS_LIST
 
 
+def __build_rule_to_rule_path_creator_hashmap():
+    hashmap = {}
+    for rule_path_creator in RULE_PATH_CREATORS_LIST:
+        for rule_name in rule_path_creator.supported_rules:
+            hashmap[rule_name] = rule_path_creator
+    return hashmap
+
+
+RULE_TO_RULE_PATH_CREATOR_HASHMAP = __build_rule_to_rule_path_creator_hashmap()
+
+
 class RuleParser:
 
     @staticmethod
-    def get_rule_data(scoutsuite_data, rule_name):
-        rule_path = RuleParser.get_rule_path(rule_name)
+    def get_rule_data(scoutsuite_data: dict, rule_name: Enum) -> dict:
+        rule_path = RuleParser._get_rule_path(rule_name)
         return dpath.util.get(scoutsuite_data, rule_path)
 
     @staticmethod
-    def get_rule_path(rule_name):
-        creator = RuleParser.get_rule_path_creator(rule_name)
+    def _get_rule_path(rule_name: Enum):
+        creator = RuleParser._get_rule_path_creator(rule_name)
         return creator.build_rule_path(rule_name)
 
     @staticmethod
-    def get_rule_path_creator(rule_name):
-        for rule_path_creator in RULE_PATH_CREATORS_LIST:
-            if rule_name in rule_path_creator.supported_rules:
-                return rule_path_creator
-        raise RulePathCreatorNotFound(f"Rule path creator not found for rule {rule_name.value}. Make sure to assign"
-                                      f"this rule to any rule path creators.")
+    def _get_rule_path_creator(rule_name: Enum):
+        try:
+            return RULE_TO_RULE_PATH_CREATOR_HASHMAP[rule_name]
+        except KeyError:
+            raise RulePathCreatorNotFound(f"Rule path creator not found for rule {rule_name.value}. Make sure to assign"
+                                          f"this rule to any rule path creators.")
diff --git a/monkey/monkey_island/cc/services/zero_trust/scoutsuite/data_parsing/rule_path_building/abstract_rule_path_creator.py b/monkey/monkey_island/cc/services/zero_trust/scoutsuite/data_parsing/rule_path_building/abstract_rule_path_creator.py
index 78c505d92..1d014dcd4 100644
--- a/monkey/monkey_island/cc/services/zero_trust/scoutsuite/data_parsing/rule_path_building/abstract_rule_path_creator.py
+++ b/monkey/monkey_island/cc/services/zero_trust/scoutsuite/data_parsing/rule_path_building/abstract_rule_path_creator.py
@@ -1,4 +1,5 @@
 from abc import ABC, abstractmethod
+from enum import Enum
 from typing import List
 
 from ...consts.service_consts import FINDINGS, SERVICE_TYPES, SERVICES
@@ -17,6 +18,6 @@ class AbstractRulePathCreator(ABC):
         pass
 
     @classmethod
-    def build_rule_path(cls, rule_name) -> List[str]:
+    def build_rule_path(cls, rule_name: Enum) -> List[str]:
         assert(rule_name in cls.supported_rules)
         return [SERVICES, cls.service_type.value, FINDINGS, rule_name.value]
diff --git a/monkey/monkey_island/cc/services/zero_trust/test_common/scoutsuite_finding_data.py b/monkey/monkey_island/cc/services/zero_trust/test_common/scoutsuite_finding_data.py
index b82a53260..1dfad750e 100644
--- a/monkey/monkey_island/cc/services/zero_trust/test_common/scoutsuite_finding_data.py
+++ b/monkey/monkey_island/cc/services/zero_trust/test_common/scoutsuite_finding_data.py
@@ -1,6 +1,6 @@
 from monkey_island.cc.models.zero_trust.scoutsuite_finding_details import ScoutSuiteFindingDetails
 from monkey_island.cc.models.zero_trust.scoutsuite_rule import ScoutSuiteRule
-from ..scoutsuite.consts.scoutsuite_findings import PermissiveFirewallRules, UnencryptedData
+from ..scoutsuite.consts.scoutsuite_finding_maps import PermissiveFirewallRules, UnencryptedData
 
 SCOUTSUITE_FINDINGS = [
     PermissiveFirewallRules,