Spaces:
Runtime error
Runtime error
File size: 4,988 Bytes
56b6519 |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 |
# Data
> Auditforge uses different kinds of data to improve and mutualize user experience. This allows to have reusable and customizable information across audits.
## Collaborators
Collaborators are users of the application and can be part of an audit either as the creator or as a collaborative user.
A Collaborator is defined by:
- Username
- Lastname
- Firstname
- Role
- Password
There are 3 different roles:
**user**
- Read/Write on created and collaboration Audits
- Readonly on Vulnerabilities
- Read/Write on _Companies_ and _Clients_ Data
**report**
- Inherit from user role
- \+ Read/Write on all Audits
**admin**
- Read/Write on everything
## Companies
Companies that order an Audit.
A Company is defined by:
- Name
- Logo
## Clients
Specific clients of companies. Generally the point of contact during a mandate.
A Client is defined by:
- Company
- Lastname
- Firstname
- Email
- Function
- Phone
- Cell
## Templates
Templates are Word documents with special tags that are filled with Audit data when generating the report. See [Docx Template](/docxtemplate.md) section.
A Template is defined by:
- Name
- File
## Custom Data
Custom Data represent a way to fully customize Audits and Vulnerabilities. They are editable and their order can be changed to personalize how they will be displayed for users.
!> Values must match this regex: `/^[\p{Letter}\p{Mark}0-9 \[\]'()_-]+$/iu`
### Languages
Auditforge can handle multiple Languages when it comes to Custom Data or Vulnerabilities. It's one of the first things to create before being able to start an Audit.
A Language is defined by:
- Language: the displayed name in the application
- Locale: the value used to identify a language in API calls
> Example
>
> ```
> Language: English Locale: en
> Language: French Locale: fr
> ```
### Audit Types
Audit Types represent the nature of an Audit. They can be configured to define default parameters for an Audit.
An Audit Type is defined by:
- Name
- Templates: For each Language a default template can be configured
- Sections: Any Custom Section here will be added when creating an Audit with this Audit Type
- Hidden Sections: Hide built-in sections if not necessary (Network or Findings)
> Example
>
> ```
> Name: Web Application,
> Templates: [English Template, French Template],
> Sections: [Executive Summary, Nessus Scan],
> Hidden Sections: [Network]
> ```
### Vulnerability Types
Vulnerability Types represent the nature of a Vulnerability. They are multilinguale.
A Vulnerability Type is defined by:
- Name
> Example
>
> ```
> English
> ```
Name: Wireless,
Name: Mobile Application
French
Name: Réseau Sans Fil
Name: Application Mobile
> ```
>
> ```
### Vulnerability Categories
Vulnerability Categories are used to categorize a Vulnerability.
A Vulnerability Category is defined by:
- Name
> Example
>
> ```
> Name: Nessus Scan
> ```
### Custom Fields
Custom Fields allow to have additionnal Fields in an Audit or a Vulnerability. They are multilingual.
A Custom Field is defined by:
- View: The page on which Custom Fields will be added
- Audit General
- Audit Finding: A Vulnerability Category can be selected. If no Category is selected then every Findings will have Custom Fields
- Audit Section: A specific Section can be selected. If no Section is selected then every Sections will have Custom Fields
- Vulnerability: A Vulnerability Category can be selected. If no Category is selected then every Vulnerabilities will have Custom Fields
- Component: The Custom Field type to use
- Checkbox
- Date
- Editor
- Input
- Radio
- Select
- Select Multiple
- Space (an empty component used for inserting spaces between other components)
- Label: The displayed value in the GUI and lowercase + strip spaces to use in the docx template
- Description: A hint to be displayed under the component
- Size: The width of the field (1 to 12)
- Offset: The offset from which to start displaying the field (1 to 12)
- Required: The field is required and must not be empty
- Options: Used for multiple selection fields (multiple languages supported)
Each field can have a default value for each existing language.
> Example
>
> ```
> View: Audit Section
> Selected Section: Executive Summary
> Component: Editor
> Label: Text
> Size: 12
> Required: True
>
> -> This will display an additional HTML editor «Text» field in Executive Summary Sections
>
> View: Vulnerability
> Selected Category: None
> Component: Input
> Label: Id
> Size: 2
>
> -> This will display an additional input «Id» field in vulnerabilities that will also be displayed in findings
> ```
### Custom Sections
Custom Sections allow to have additionnal Sections in an Audit.
A Section is defined by:
- Name
- Name
- Field: Used in docx template
- Icon: material, mdi and font awesome are supported
> Example
>
> ```
> Name: Cleanup
> Field: cleanup
> Icon: mdi-broom
> ```
|