|
1 | | -This repository is to help assist with some python scripts and connecting to Contrast Secrity API. |
| 1 | +# CSR Helpful Scripts |
2 | 2 |
|
3 | | -To get started: |
4 | | - 1. Clone the repository so you have a local instance. |
5 | | - 2. Make sure you've installed python, latest version if possible (and try to keep all of your dependencies up to date) |
6 | | - 3. using the termainl, work from the CSR-Helpful-Scripts folder, run: 'pip install -r requirements.txt' to install the required packages. |
7 | | - 4. change directory into whatever folder you'd like to run and run the script. 'python ###python_script_file_name###.py' whatever that file name is. |
8 | | - 5. it will prompt for your credentials to run the script. If you are tired of giving your creds this way, you can use the template.creds file and rename it: '.env' and then fill out the creds. And then when you run your scripts from this point, it will prompt you but have your creds from that file as a default so you can just hit enter. |
| 3 | +A collection of Python scripts to help you interact with the Contrast Security API and automate common tasks. |
9 | 4 |
|
10 | | -If you discover any bugs, Make sure you let your CSA know about it during your week/biweekly calls. |
| 5 | +## π Getting Started |
| 6 | + |
| 7 | +### Prerequisites |
| 8 | + |
| 9 | +- Python 3.x (latest version recommended) |
| 10 | +- Contrast Security account with API access |
| 11 | +- Git |
| 12 | + |
| 13 | +### Installation |
| 14 | + |
| 15 | +1. **Clone the repository** |
| 16 | + ```bash |
| 17 | + git clone https://github.com/Contrast-Security-OSS/CSR-Helpful-Scripts.git |
| 18 | + cd CSR-Helpful-Scripts |
| 19 | + ``` |
| 20 | + |
| 21 | +2. **Install dependencies** |
| 22 | + ```bash |
| 23 | + pip install -r requirements.txt |
| 24 | + ``` |
| 25 | + |
| 26 | +3. **Set up your credentials** |
| 27 | + |
| 28 | + Create a `.creds` file in the root directory using the provided template: |
| 29 | + ```bash |
| 30 | + cp template.creds .creds |
| 31 | + ``` |
| 32 | + |
| 33 | + Edit `.creds` and fill in your Contrast Security credentials: |
| 34 | + ``` |
| 35 | + CONTRAST_URL=https://your-contrast-instance.com/Contrast |
| 36 | + ORG_ID=your-organization-id |
| 37 | + USERNAME=your-username |
| 38 | + API_KEY=your-api-key |
| 39 | + SERVICE_KEY=your-service-key |
| 40 | + APP_ID=your-app-id |
| 41 | + ``` |
| 42 | + |
| 43 | + > β οΈ **Important:** Never commit the `.creds` file to version control. It's already included in `.gitignore`. |
| 44 | +
|
| 45 | +## π Usage |
| 46 | + |
| 47 | +### Running a Script |
| 48 | + |
| 49 | +1. Navigate to the script directory: |
| 50 | + ```bash |
| 51 | + cd script-folder-name |
| 52 | + ``` |
| 53 | + |
| 54 | +2. Run the script: |
| 55 | + ```bash |
| 56 | + python script-name.py |
| 57 | + ``` |
| 58 | + |
| 59 | +3. **Enter credentials:** |
| 60 | + - If you have a `.creds` file configured, simply press **Enter** when prompted to use the saved credentials |
| 61 | + - Otherwise, manually enter your credentials when prompted |
| 62 | + |
| 63 | +## π Available Scripts |
| 64 | + |
| 65 | +| Script | Description | |
| 66 | +|--------|-------------| |
| 67 | +| `app-add-label` | Bulk add or remove tags from applications | |
| 68 | +| `correlate-routes-to-vulns` | Determine if vulnerabilities still exist on routes | |
| 69 | +| `distribute-parent-app-rbac-to-children` | Distribute parent application RBAC to child applications | |
| 70 | +| `get-licensed-apps` | Get all licensed applications and their server information | |
| 71 | +| `get-licensed-servers` | Get all licensed servers | |
| 72 | +| `get-scan-data` | Retrieve scan data for SAST projects | |
| 73 | +| `inventory-windows-webapps` | Inventory Windows web applications | |
| 74 | +| `policy-add-to-all-orgs` | Add policies to all organizations | |
| 75 | +| `reporting` | Generate various reports (languages, vulnerabilities, protect vs assess) | |
| 76 | +| `scan-add-label` | Add labels to SAST scan projects | |
| 77 | +| `toggle-server-protect` | Toggle server protect license | |
| 78 | +| `vulnerabilities-by-business-unit` | Get vulnerabilities grouped by business unit | |
| 79 | +| `vulns-and-prompts` | Get vulnerability and prompt details | |
| 80 | + |
| 81 | +> π Each script directory contains its own `README.md` with detailed usage instructions. |
| 82 | +
|
| 83 | +## π Bug Reports & Feature Requests |
| 84 | + |
| 85 | +If you discover any bugs or have feature requests: |
| 86 | + |
| 87 | +1. **Open an issue** in this repository with details about the bug or feature |
| 88 | +2. **Contact your CSA** (Customer Success Architect) during your weekly/biweekly calls |
| 89 | +3. **Submit a Pull Request** if you've fixed a bug or added a feature |
| 90 | + |
| 91 | +## π Security |
| 92 | + |
| 93 | +- **Never commit credentials** to version control |
| 94 | +- Keep your `.creds` file secure and private |
| 95 | +- Regularly rotate your API keys and service keys |
| 96 | +- Keep your Python dependencies up to date: |
| 97 | + ```bash |
| 98 | + pip install --upgrade -r requirements.txt |
| 99 | + ``` |
| 100 | + |
| 101 | +## π License |
| 102 | + |
| 103 | +See the [LICENSE](LICENSE) file for details. |
| 104 | + |
| 105 | +## π€ Contributing |
| 106 | + |
| 107 | +Contributions are welcome! Please feel free to submit a Pull Request. |
| 108 | + |
| 109 | +## π Support |
| 110 | + |
| 111 | +For support, please contact your Contrast Security Customer Success Architect. |
| 112 | + |
| 113 | +--- |
| 114 | + |
| 115 | +**Note:** These scripts are provided as-is for use by Contrast Security customers and partners. Always test scripts in a non-production environment first. |
0 commit comments