您的位置:首页 > 编程语言 > Python开发

Python xlrd、xlwt模块用于主机漏洞跟踪的数据分析

2018-02-25 21:53 621 查看

简介:脚本基于Python xlrd、xlwt模块的数据分析,用于主机漏洞跟踪,希望给读者带来些帮助。脚本实现功能:

脚本实现功能:

一、newsreport上的ip与资产表上的IP做比较,即B+C ->D+E 或B->F,若都不相同,则舍弃掉newsreport上的该ip行(newspaper 为python爬虫爬去绿盟漏洞报表html后整理的excel结果)二、上个月的漏洞跟踪表的FHI列与newsreport的BCF列做对比,对比相等的就是(未整改状态)统计匹配的数目保存下来,之后记到汇总表那里。而这个月找到、上个月无的漏洞即是(新增状态)统计匹配的数目也保存下来,把漏洞状态三、汇总表上找到对应业务的FHI(ip+端口+漏洞名称),把汇总表上已有的该ip漏洞状态写到newsreport上。

注:统计表上不包括低的漏洞,最后需要保存的表及sheet为修改后的newsreport,把它命名为业务名,1月份互联网公网漏洞数据统计.xlsx的前俩个sheet,(其中12月整改复核情况的最后一列不用理。)各业务漏洞跟踪表下的汇总sheet就是1月公网的统计表的C列。设备主机去重,漏洞不去重

脚本涉及的表单材料:

脚本源代码:

脚本源代码:
try:import xlrdexcept:print("pip3 install xlrd")try:import xlwtexcept:print("pip3 install xlwt")import osimport reimport sysimport timeimport csvimport operator###读取一个excel表中某一个sheet表的全部数据def readTable(filename,index,flag,readcols=[],colname=''):data_list=[]data=xlrd.open_workbook(filename)if type(index)==int:table=data.sheets()[index]elif type(index)==str:table=data.sheet_by_name(index)#读取表格内容nrows=table.nrows#表格行数ncols=table.ncolscell_ip=0for row in range(nrows):row_list=[]if flag:#flag为True,读取整个表for col in range(ncols):ctype=table.cell(row,col).ctypecell=table.cell(row,col).valueif ctype == 2 and cell % 1 == 0:  # 如果是整形cell = str(int(cell))row_list.append(cell.strip())else:#flag为False,读取某些列if colname!='' and table.cell(row,3).value!=colname:continuefor i in range(len(readcols)):ctype=table.cell(row,readcols[i]).ctypecell=table.cell(row,readcols[i]).valueif ctype == 2 and cell % 1 == 0:  # 如果是整形cell = str(int(cell))row_list.append(cell)data_list.append(row_list)return data_listdef readCsv(filename):new_data=[]csv_reader = csv.reader(open(filename))for row in csv_reader:if len(row)<10:count=10-len(row)for x in range(count):row.append("")if(row[0]=='low'):row[0]='低'elif (row[0]=='middle'):row[0]='中'else :row[0]='高'new_data.append(row)return new_datadef compareData(new_data, old_data, ip_list,total_bug):new_data_list = []for i in range(1,len(new_data)):for k in range(1,len(ip_list)):if (new_data[i][1] == ip_list[k][3] and new_data[i][2] == ip_list[k][4]) or new_data[i][1] == ip_list[k][5]:if new_data[i][0]!='低':for j in range(0,len(old_data)):if (new_data[i][1] == old_data[j][0]) and (new_data[i][2] == old_data[j][2]) and (new_data[i][5] == old_data[j][1]):new_data[i][9]=(u'未整改')breakfor j in range(0,len(total_bug)):if (new_data[i][1] == total_bug[j][1]) and (new_data[i][2] == total_bug[j][3]) and (new_data[i][5] == total_bug[j][2]):new_data[i][9]=total_bug[j][4]breakif (new_data[i][9]!="误报" and new_data[i][9]!="已整改但未修复" and new_data[i][9]!=(u'未整改')):new_data[i][9]=(u'新增')new_data_list.append(new_data[i])return new_data_listdef getInfo(new_data,old_data):total_old_bug_num=0#上月高中危漏洞数量new_bug_num=0#新增old_bug_num=0#未整改feedback_bug_num_1=0#误报feedback_bug_num_2=0#已整改但未修复middle_ip=set()high_ip=set()middle_bug_num=0#中危漏洞high_bug_num=0#高危漏洞total_ip_num=0for i in range(0,len(old_data)):if old_data[i][3]!='低':total_old_bug_num+=1for i in range(0,len(new_data)):if(new_data[i][8]!=""):total_ip_num+=1if new_data[i][0]!='低':if new_data[i][9]=='新增':new_bug_num+=1elif new_data[i][9]=='未整改':old_bug_num+=1elif new_data[i][9]=='误报':feedback_bug_num_1+=1elif new_data[i][9]=='已整改但未修复':feedback_bug_num_2+=1if new_data[i][0]=='中' and new_data[i][9]!='误报' :middle_bug_num+=1middle_ip.add(new_data[i][1])if new_data[i][0]=='高' and new_data[i][9]!='误报':high_bug_num+=1high_ip.add(new_data[i][1])middle_ip=middle_ip.difference(high_ip)#去除高漏洞iptotal_bug_num=middle_bug_num+high_bug_num#高中危漏洞数量return[total_ip_num,len(high_ip),len(middle_ip),len(middle_ip)+len(high_ip),high_bug_num,\middle_bug_num,total_bug_num],[(total_old_bug_num-old_bug_num),new_bug_num,feedback_bug_num_1,\feedback_bug_num_2,old_bug_num]def writeTable(new_data,sheetName):sheet_head=['工单申请','评估类型','评估申请时间','业务名称','子业务','IP地址/URL','漏洞参数','漏洞名称','对应端口','漏洞类型','扫描工具','风险类型','风险等级','漏洞说明','漏洞发现时间','漏洞验证说明','加固建议','安全评估厂家','安全评估人员','安全评估专家电话','漏洞状态','是否误报','是否完成整改','未整改原因','整改人','整改人电话','备注']font=xlwt.Font()borders = xlwt.Borders()font.name='宋体'font.height =220borders.left=xlwt.Borders.THINborders.right = xlwt.Borders.THINborders.top = xlwt.Borders.THINborders.bottom = xlwt.Borders.THINstyle_1=xlwt.XFStyle()style_1.font=fontstyle_1.borders=bordersstyle_2=xlwt.XFStyle()style_2.borders=bordersstyle_2.font.name='微软雅黑'style_2.font.bold=Truestyle_2.font.height =220style_2.alignment.horz = xlwt.Alignment.HORZ_CENTERstyle_2.alignment.vert = xlwt.Alignment.VERT_CENTERstyle_3=xlwt.XFStyle()style_3.alignment.horz = xlwt.Alignment.HORZ_CENTERstyle_3.alignment.vert = xlwt.Alignment.VERT_CENTERstyle_3.font=fontstyle_3.borders=bordersYW_time=time.strftime("YW-ZX-%Y-%m-%d",time.localtime())localtime=time.strftime("%Y/%m/%d",time.localtime())f = xlwt.Workbook()sheet = f.add_sheet(sheetName, cell_overwrite_ok=True)for i in range(len(sheet_head)):sheet.write(0, i, label=sheet_head[i],style=style_2)for i in range(len(new_data)):sheet.write(i+1,0,label=YW_time,style=style_3)sheet.write(i+1,1,label='系统主机扫描',style=style_3)sheet.write(i+1,2,label=localtime,style=style_3)sheet.write(i+1,3,label=sheetName,style=style_3)sheet.write(i+1,10,label='绿盟远程安全评估系统',style=style_1)sheet.col(10).width=256*30sheet.write(i+1,14,label=localtime,style=style_3)sheet.write(i+1,17,label='天*信',style=style_3)sheet.write(i+1,18,label='郑,谢,吴,李',style=style_3)sheet.col(18).width=256*40sheet.write(i+1,19,label='188、156、188',style=style_3)sheet.col(19).width=256*50for i in range(len(new_data)):sheet.write(i+1,5, label=new_data[i][1],style=style_3)sheet.write(i+1,7, label=new_data[i][5],style=style_1)sheet.write(i+1,8, label=new_data[i][2],style=style_3)sheet.write(i+1,12, label=new_data[i][0],style=style_3)sheet.write(i+1,13, label=new_data[i][6],style=style_1)sheet.write(i+1,16, label=new_data[i][7],style=style_1)sheet.write(i+1,20, label=new_data[i][9],style=style_3)for i in (4,6,9,11,15,21,22,23,24,25,26):sheet.col(i).set_style(style_1)for i in(0,1,2,3,5,7,8,10,11,12,13,14,16,17):sheet.col(i).width=256*15filename='互联网公司-'+YW_time+'-'+sheetName+'公网-系统扫描漏洞跟踪表.xls'f.save(filename)def main():path=os.listdir()new_data = []zichan_data = []old_data = []total_bug=[]new_data = readCsv('Newreport.csv')pattern=re.compile('[互联网公司].*?[系统扫描漏洞跟踪表].*?')ip_pattern=re.compile('.*?[互联网自有IP统计表].*?')for filename in path:if pattern.match(filename):print("1:",filename)old_data=readTable(filename,0,False,readcols=[5,7,8,12])elif ip_pattern.match(filename):print("2:",filename)zichan_data=readTable(filename,sys.argv[1],True)elif filename=='汇总.xlsx':print("3:",filename)total_bug=readTable(filename,0,False,readcols=[3,5,7,8,20],colname=sys.argv[1])data = compareData(new_data,old_data, zichan_data,total_bug)"""统计表数据"""bug_info,compare_info=getInfo(data,old_data)print("统计表数据")print(bug_info,compare_info)writeTable(data,sys.argv[1])if __name__ == '__main__':main()

                                            

                                        

                        
                        内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 点击这里给我发消息 
                    

                    

                    

                        

                         标签: 
                                                python
                                                xlrd
                                                xlwt
                                                漏洞
                                                

                        

                    


                

            


            

                
相关文章推荐

                

                
            

        

        

            

            
            

                

                    
新的分享

                    

                        
                    

                

            


            

                

                    
章节导航