Tips when designing your own template

Here are some tips when developing your own NamicSoft templates. You are always welcome to contact us if you have any questions.

1. Test your SQLite statements with a specialized SQLite Manager

Using a specialized SQLite manager to try your SQLite statements, before inserting them in a NamicSoft template, will reduce the time needed to create a template. It is much faster to run queries and fix errors in a SQLite manager than by testing them directly in a NamicSoft template.

  1. Export your scan results to a SQLite database using the NamicSoft GUI, (Output –> Export to database)
  2. Load the exported database in the a SQLite Browser. We do recommend the free SQLite Browser which is available for download here http://sqlitebrowser.org/. 
  3. Test your SQLite statement using the SQLite Browser.
  4. Insert the SQLite statement in your NamicSoft template.

2. Save copies of your template before doing any changes

It is a good idea to save copies of templates that you. If something goes wrong when you edit a template, this will make it easy for you to go back to a previous state where the template worked.

3. Do incremental changes to your NamicSoft template

If you want to change something in your NamicSoft template, we do recommend doing the changes in small incremental steps. If something goes wrong, you will have a much better idea of what went wrong, than if you made many changes at the same time.

4. Concatenate/merge multiple fields to be presented as one

You can merge fields using SQLite by the following syntax: column1 || column2.

Example: If you want to present results as port/protocol (port and protocol are separate fields in NamicSoft) you can do so by putting the following column (SQL column) in your query:

port || ‘/’ || protocol

The text enclosed in ‘ characters are constants in SQLite. Constants will be treated as text and will not result in a query against the database.

5. Separate values with newline

It is common to use a template which use the GROUP_CONCAT  function. The GROUP_CONCAT function does separate values by comma as default. If you prefer to have each value on a new line you can change this behavior by using:

GROUP_CONCAT(your-field-name, x’0a’)

x’0a’ is the ASCII character for a new line (Line feed)

SelectValue (content control)

The SelectValue content control is used to evaluate a SQL statement against your scanning results. The result is normally presented in a text field. The text font, color, sizing etc can be designed using all design features available in Microsoft Word.

The SelectValue content control is normally used in the beginning of a report to present aggregated information, e.g. presenting the number of identified hosts during the vulnerability scan. It can also be used inside of the Repeat content control.

 

Repeat (content control)

The Repeat content control will repeat its content. The content can be tables and/or text fields. This content control is best used for repeating content that consists of either text fields and tables, or only text fields. If you only want information to be repeated inside tables, it is recommended to use one of the raw_table_* content controls instead (Raw_table_columns (content control), Raw_table_rows_v2 (content control),Raw_table_rows (content control))

Limitations: Can not use GROUP BY statement in SelectRepeatingData. Also charts can not be included in the Repeat content control.

Tutorial for custom designing

  1. Copy the template “Content control repeat.docx” (provided with NamicSoft) and rename it according to your needs
  2. Open the template file in Microsoft Word
  3. Put the information you want to be repeated, inside of the repeat content control. You can redesign the content, accordingly to your requirements, using all formatting options available in Word
  4. Write your SQLite statement in the SelectRepeatingData field
    • The information in the Content block will be repeated for each results of the SQLite statement in the SelectRepeatingData field
    • In the example below, two SelectValue content controls will be repeated for each unique IP address found in the vulnerability scan

Bar_chart (content control)

Bar_chart is used to present information in a bar e chart. This content type is suitable for e.g. presenting the number of vulnerabilities with different severity. You can design the bar chart directly using all functionality available in Microsoft Word. Please note that the current NamicSoft version does not support changing colors in the template. If you need to change colors of the bars in the bar chart, you need to change them after the report have been created.

Tutorial for custom designing

  1. Copy the template “Content control bar_chart.docx” (provided with NamicSoft) and rename it according to your needs
  2. Open the template file in Microsoft Word
  3. Redesign the bar chart according to your own taste using the designing tools available in Word
    • The bar chart can have any number of bars
  4. Write your SQLite statement in the SelectRows field
    • Each column in the SQLite will be mapped to one bar
    • The first column is mapped to the left most bar
    • Note that the result for the SQLite statement must be a single row

Pie_chart (content control)

Pie_chart is used to present information in a pie chart. This content type is suitable for e.g. presenting the number of vulnerabilities with different severity. You can design the pie chart directly using all functionality available in Microsoft Word.

Tutorial for custom designing

  1. Copy the template “Content control pie_chart.docx” (provided with NamicSoft) and rename it according to your needs
  2. Open the template file in Microsoft Word
  3. Redesign the pie chart according to your own taste using the designing tools available in Word
    • The pie chart can have any number of slices
  4. Write your SQLite statement in the SelectRows field
    • Each column in the SQLite will be mapped to one pie chart slice
    • The first column is mapped to the left most slice
    • Note that the result for the SQLite statement must be a single row

Raw_table_rows (content control)

Raw_table_rows is used to present information about a single finding divided over multiple rows and tables. Each finding will be presented in a separate table. This content control do support 1/2-column layouts and you can design the table with all feature available in Microsoft Word.

Please note that we generally recommend using raw_table_rows_v2 instead of this content type since it is allows for more flexible design. Raw_table_rows is a bit easier to write SQL statements for since it does not require users to write title cells in the SQL statement.

Tutorial for custom designing

  1. Copy the template “Content control raw_table_rows.docx” (provided with NamicSoft) and rename it according to your needs
  2. Open the template file in Microsoft Word
  3. Redesign the table, accordingly to your requirements, using all formatting options available in Word
    • Each row in the table can have one or two columns. If it has two columns, the first column will be treated as a title cell and the information in that cell will be kept. The second column (or first column in a one column layouy) will be treated a data cell and will therefore be populated with data by NamicSoft.
    • All cells must have a content, in the example below the data cells are filled with the value DummyValue
  4. Write your SQLite statement in the SelectRows field
    • Please note that the number of rows in the table must match the number of columns in the select statement
    • Title cells can have any name. Note that only data cells and NOT title cells are included in SQLite statement
    • Columns in the SQL statement must their NamicSoft field name, see the table here for all available NamicSoft field names

Raw_table_rows_v2 (content control)

Raw_table_rows_v2 is used to present information about a single finding divided over multiple rows and tables. Each finding will be presented in a separate table. This content control do support an arbitrary number of columns and you can design the table with all feature available in Microsoft Word.

Tutorial for custom designing

  1. Copy the template “Content control raw_table_rows_v2 (multi column).docx” (provided with NamicSoft) and rename it according to your needs
  2. Open the template file in Microsoft Word
  3. Redesign the table, accordingly to your requirements, using all formatting options available in Word
    • The table can have any number of columns. You can also mix the number of columns between each row
    • All cells must have a content, in the example below the data cells are filled with the value DummyValue
  4. Write your SQLite statement in the SelectRows field
    • Please note that the number of cells in the table must match the number of columns in the select statement
    • Note that for this content type ALL cells, including title cells, must be included in the SQLite statement
    • Title cells can have any name in the SQLite statement as long as the are quoted, e.g. ‘my statement’. Columns which maps to data fields must be named according to their NamicSoft field name. See the table here for all available NamicSoft field names
    • The first cell is mapped to the first column in the SQL statement, the second cell is mapped to the second column etc… See the screen shot below for an example

NamicSoft field names

All available fields in NamicSoft

NamicSoft field name Data type Description Example value
bid_numbers TEXT Bug traq IDs 32319
canvas_package TEXT Name of the Canvas exploit package
compliance_actual_value TEXT Relevant output from the compliance check
compliance_audit_file TEXT The audit file that invoked the compliance check
compliance_check_id TEXT The ID number of the compliance check
compliance_check_name TEXT The numeric ID and short name of the compliance check
compliance_info TEXT Information about a compliance check
compliance_policy_value TEXT Policy value
compliance_result TEXT Result from the compliance check PASSED
cve_numbers TEXT CVE numbers CVE-2008-5161
Cvss3BaseScore TEXT CVSS3 base score 6.4
Cvss3Vector TEXT CVSS3 vector CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Cvss3_temporal_score TEXT Cvss3 temporal score 7.2
cvssBaseScore TEXT CVSS base score 6.4
cvssVector TEXT CVSS vector CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N
cvss_temporal_score TEXT Cvss temporal score 7.2
description TEXT Description of the vulnerability The server’s X.509 certificate does not have a signature from a known public……
exploitability_ease TEXT Description of how easy it is to exploit the vulnerability Exploits are available
exploit_available TEXT Does an exploit exist for the vulnerability? true
exploit_framework_canvas TEXT Does an exploit exist in Canvas? True
exploit_framework_metasploit TEXT Does an exploit exist in the Metasploit framework? True
fqdn TEXT Fully qualified port name Host.isp.com
id INTEGER Unique id (PRIMARY KEY) 1
ip TEXT IP address 192.168.0.1
ipSortValue INTEGER Integer representation of an IP address. Can be used for IP address sorting. -1062731666
hostName TEXT Host Name MyHost
macAddress TEXT Mac Address 24:ec:99:6d:f3:5e
metasploit_name TEXT Name of the metasploit module (if one exists)
netbiosName TEXT Netbios name METASPLOITABLE
operatingSystem TEXT Operating system Microsoft Windows 7 Home
patchPublicationDate TEXT Patch publication date 2010/12/15
pluginFamily TEXT Nessus plugin family Web Servers
pluginID TEXT Nessus plugin ID 24260
pluginModificationDate TEXT Plugin modification date 2010/12/15
pluginName TEXT Nessus plugin name HyperText Transfer Protocol (HTTP) Information
plugin_output TEXT Output from the Nessus plugin that discovered the vulnerability
pluginPublicationDate TEXT Plugin publication date 2010/12/15
pluginType TEXT Nessus plugin type Remote
pluginVersion TEXT Nessus plugin version
port INTEGER Port number 80
protocol TEXT Protocol Tcp
reportName TEXT Path of the nessus file where the host has been retrieved from. C:\scans\myscan.nessus
riskFactor TEXT Risk factor based on CVSS Medium
scanEnded TEXT Scan end time of the host Sun Jan 12 13:05:15 2014
scanEndedIso TEXT Scan end time of the host (ISO-8601 format) Sun Jan 12 13:05:15 2014
scanStarted TEXT Scan start time of the host Sun Jan 12 13:05:15 2014
scanStartedIso TEXT Scan start time of the host (ISO-8601 format) 2016-08-13 20:50:00
see_also TEXT Links to more information about the vulnerability https://www.namicsoft.com
service TEXT Service name www
severity TEXT Severity in text Low
severityNumber INTEGER Severity as an integer. Can be used for sorting of severites. 1
solution TEXT Solution of how to deal with the vulnerability Upgrade to the latest version available by the vendor
sourcePath TEXT Path to the read report in nessusv2 format. C:\scans\myscan.nessus
sourceTool TEXT Source tool where the vulnerability was found Nessus
stigSeverity TEXT Stig severity
synopsis TEXT Synopsis The SSL certificate for this service cannot be trusted.
systemType TEXT Type of system general-purpose
vulnerabilityPublicationDate TEXT Date when vulnerability was presented.
vulnerability_fixed TEXT NamicSoft specific. Can be used by users to set if the vulnerability has been fixed or not. True
vulnerability_fixed_date TEXT NamicSoft specific. The date when vulnerability was fixed. 2014-08-08

Raw_table_columns (content control)

The Raw_table_columns content control is used to present data about your scanning findings in a table. It does support an arbitrary number of columns and you can design your template with formatting, colors etc directly in Microsoft Word.

Tutorial for custom designing

  1. Copy the template “Content control raw_table_columns.docx” (provided with NamicSoft) and rename it according to your needs
  2. Open the template file in Microsoft Word
  3. Redesign the table, accordingly to your requirements, using all formatting options available in Word
    • The table needs to have two rows, one header row followed by a data row. The data row will be repeated for each of your findings
    • All cells must have a content, in the example below the data cells are filled with the value DummyValue
  4. Write your SQLite statement in the SelectRows field
    • Please note that the number of columns in the table must match the number of columns in the select statement
    • Note that the titles in the header row of the template can have any name. The columns in the select statement must be named according to their NamicSoft field name. See the table here for all available NamicSoft field names.

Content Controls

NamicSoft uses Microsoft Word’s feature called Content Control, to mark sections of a Word file where NamicSoft will insert data. A Word file, with Content Controls, is used as a template file for NamicSoft. To work with Content Controls you first need to enter Design Mode (a guide is provided here).

The following Content Controls are available in NamicSoft.

Content Controls for presenting data in tables

Raw_table_columns

Raw_table_columns is used to present information about a single finding (e.g. a host, a vulnerability) divided over multiple columns on one single row. Each finding will be presented on a separate row.

You can find more information about the Raw_table_columns content control here

Raw_table_rows_v2

Raw_table_rows_v2 is used to present information about a single finding divided over multiple rows and tables. Each finding will be presented in a separate table. This content control do support an arbitrary number of columns.

You can find more information about the Raw_table_rows_v2 content control here

Raw_table_rows

Raw_table_rows is used to present information about a single finding divided over multiple rows and tables. Each finding will be presented in a separate table. Please note that the raw_table_rows content control only supports one and two columns layouts. Generally we do recommend using raw_table_rows_v2 instead since it allows for more flexible designs.

You can find more information about the Raw_table_rows content control here

Content Controls for presenting data in charts

Pie_chart

The pie_chart is used to present a pie chart overview of your scanning results. It can have any number of slices.

You can find more information about the pie_chart content control here

Bar_chart

The bar_chart content control is used to present results in a bar chart. The chart can have any number of bars. Please note that the coloring of each bar can not be set in the template. We do plan to address this issue in a future version of NamicSoft. Please let us know if this is an important feature for you.

You can find more information about the bar_chart content control here

Content Controls for logical flow control

Repeat

The Repeat content control will repeat its content. The content can be a table and/or text fields. Please note that charts are not currently supported to be included in a Repeat content control.

Conditional

The Conditional content control can be used to only present information if a certain criteria is met. The Conditional content control is normally used together with the SelectValue content control.

Content Controls for presenting data in a text field

SelectValue

The SelectValue content control is used to present a single text. This can e.g. be the name of a host or the number of found vulnerabilities. This content controlis usually used to provide aggregated information in the beginning of a vulnerability report, or used in the Repeat content control.