Nexpose Client v1.0.0

Backwards Incompatible

The version 1.0.0 release breaks backwards compatibility with previous versions in multiple ways. This release depends on new API features in Nexpose 5.13.0 for many Site related operations. See the 0.9.x to 1.0 conversion guide for more information on what will affect existing scripts and applications.

Ruby 2.1+ Required

As of version 1.0.0, the Nexpose Client gem requires a minimum Ruby version of 2.1 as we're no longer supporting Ruby 1.9.3 and 2.0.0.

Class Changes

Nexpose::Site

• Renamed member variables to more clearly represent their data types
• Renamed methods for adding and removing scan targets to clearly represent what is being included vs excluded in a site configuration

Nexpose::Schedule

• Renamed variables to more clearly represent their data types
• Use of time objects instead of strings to represent timestamps - allows for easier manipulation of schedule times

Nexpose::Credential

• Added utility methods for creating all currently supported types of credentials.

Nexopse::Alert

• Removed the Alert class. The Nexpose::Alert class is no longer needed to create syslog, snmp, or smtp alerts.
• Added relevant fields to alert classes Nexpose::SyslogAlert, Nexpose::SNMPAlert, Nexpose::SMTPAlert.

Other Changes

• Improved web application credential support
• Improved discovery connection support
• Improved discovery filters support
• Added support for scheduled ad-hoc scans on assets

Nexpose Client v0.9.8

The following scan template configuration methods from 0.9.7 were renamed:

• ScanTemplate#enable_icmp_discovery becomes ScanTemplate#enable_icmp_device_discovery
• ScanTemplate#enable_tcp_discovery becomes ScanTemplate#enable_tcp_device_discovery
• ScanTemplate#enable_udp_discovery becomes ScanTemplate#enable_udp_device_discovery
• ScanTemplate#tcp_discovery_ports becomes ScanTemplate#tcp_device_discovery_ports
• ScanTemplate#udp_discovery_ports becomes ScanTemplate#udp_device_discovery_ports

Nexpose Client v0.9.7

The 0.9.7 release contains the following new features:

New scan template configuration methods:

• ScanTemplate#enable_icmp_discovery - Enable/disable IP stack fingerprinting
• ScanTemplate#enable_tcp_discovery - Enable/disable TCP host discovery
• ScanTemplate#enable_udp_discovery - Enable/disable UDP host discovery
• ScanTemplate#tcp_discovery_ports - Add custom TCP ports to scan for host discovery
• ScanTemplate#udp_discovery_ports - Add custom UDP ports to scan for host discovery

These methods allow more control over host discovery in your scan templates, in addition to the existing service discovery configuration methods.

Nexpose Client v0.9.6

The 0.9.6 release contains the following new features:

• Add IP addresses or hostnames to a Site's exclusion list using Site#exclude_asset and Site#exclude_ip_range. remove_excluded_asset and remove_excluded_ip_range are also included.
• Add assets to site by CIDR notation using Site#add_asset.

Nexpose Client v0.9.5

Pushing release to enable new contributors to push new version of the gem.

Nexpose Client v0.9.4

The 0.9.4 release includes changes to support the 5.12 release of Nexpose.

Users can load asset information with the Asset#load method. This includes much of the information present on the Asset Summary page, such as details about software, services, users, groups, files, etc.

Enhancements to scheduling included in the 5.12 release. In addition to field on the Schedule object, there is also an optional argument to Site#load to load this information. These changes are backwards compatible.

Exposes several search methods on the Connection object for finding vulnerability definitions, including: find_vulns_by_cve, find_vulns_by_ref, find_vulns_by_title, and all_vulns.

Adjusts the Connection#vuln_types method to align with changes in the 5.12 release.

Adjusts the Connection#find_vulns_by_date method to align with changes in the 5.12 release.

Exposes the ability to import external assets.

Fixes a problem in translating SharedCredential objects to XML.

Nexpose will no longer require Nokogiri. The dependency was removed and the library is not used, but the gem was still being "required" in the code.

Nexpose Client v0.9.3

Clean-up of method names in the AJAX module.

Adds a timeout parameter to POST calls, enabling long-running synchronous calls.

Nexpose Client v0.9.2

Fixes DynamicAssetGroup#save. Bug introduced in 0.9.0 when converting the #to_map method over.

Nexpose Client v0.9.1

Fixes tag criterion to properly convert to JSON. Bug introduced in 0.9.0 when converting the #to_map method over.

Nexpose Client v0.9.0

Version 0.9 should be largely backward-compatibly with 0.8 versions, but any use of specific class names may be changes. In particular, the Credential class has been migrated to SiteCredential, and some classes have been namespaced into modules to protect against naming collisions.

Removes use of REXML and Nokogiri when generating an ad hoc report. The output XML/HTML is functionally equivalent, but will have minor differences (" vs. ', uppercase vs. lowercase tags, etc.). Because Nokogiri is no longer needed, this release removes the dependency. #97

Adds the ability to bypass XML parsing when generating ad hoc reports, which could cause large report to run out of memory. #99

Extracts out a common parent class, Credential, which allows for the #test method to work against both SharedCredential and SiteCredential. #96

Capture 403 errors from AJAX calls and treat them as PermissionError.

Converts Criteria and Criterion #to_map methods to #to_hash, but aliased to maintain backwards compatibility. This is more in line with Ruby standards. #94

Adds api.rb to provide building block for forthcoming API work.