diff --git a/ReportToolz/README.md b/ReportToolz/README.md
index 49f29da..9dd8a0c 100644
--- a/ReportToolz/README.md
+++ b/ReportToolz/README.md
@@ -88,4 +88,27 @@
╰» ./vdb.php -i 151 -p /tmp
xss-reflected.json copied to /tmp/
-```
\ No newline at end of file
+```
+
+# ptreport to JSON files
+Convert ptreport reprep output file to JSON files for repgen.php
+
+```
+╰» ./pt2json.php -d /mnt/hgfs/Pentest/pentests/2019/Company/report/Company-9ajgty.ptreport
+ ______ _
+ _ (_____ \ (_)
+ ____ _| |_ ____) ) _ ___ ___ ____
+| _ (_ _)/ ____/ | |/___)/ _ \| _ \
+| |_| || |_| (_____ | |___ | |_| | | | |
+| __/ \__)_______)| (___/ \___/|_| |_|
+|_| (__/
+
+[!] doc: /mnt/hgfs/Pentest/pentests/2019/Company/report/Company-9ajgty.ptreport
+[+] creating json for: SSL/TLS 64-bit Block Size Cipher Suites
+[+] creating json for: TLS Version 1.0 Protocol in use
+[+] creating json for: Untrustworthy Server Certificate Chain
+[+] creating json for: Missing or Permissive HTTP Content-Security-Policy Header
+[+] creating json for: Missing or Permissive X-Frame-Options HTTP Response Header
+[+] creating json for: No HTTP Strict Transport Security
+
+```
diff --git a/ReportToolz/README.md b/ReportToolz/README.md
index 49f29da..9dd8a0c 100644
--- a/ReportToolz/README.md
+++ b/ReportToolz/README.md
@@ -88,4 +88,27 @@
╰» ./vdb.php -i 151 -p /tmp
xss-reflected.json copied to /tmp/
-```
\ No newline at end of file
+```
+
+# ptreport to JSON files
+Convert ptreport reprep output file to JSON files for repgen.php
+
+```
+╰» ./pt2json.php -d /mnt/hgfs/Pentest/pentests/2019/Company/report/Company-9ajgty.ptreport
+ ______ _
+ _ (_____ \ (_)
+ ____ _| |_ ____) ) _ ___ ___ ____
+| _ (_ _)/ ____/ | |/___)/ _ \| _ \
+| |_| || |_| (_____ | |___ | |_| | | | |
+| __/ \__)_______)| (___/ \___/|_| |_|
+|_| (__/
+
+[!] doc: /mnt/hgfs/Pentest/pentests/2019/Company/report/Company-9ajgty.ptreport
+[+] creating json for: SSL/TLS 64-bit Block Size Cipher Suites
+[+] creating json for: TLS Version 1.0 Protocol in use
+[+] creating json for: Untrustworthy Server Certificate Chain
+[+] creating json for: Missing or Permissive HTTP Content-Security-Policy Header
+[+] creating json for: Missing or Permissive X-Frame-Options HTTP Response Header
+[+] creating json for: No HTTP Strict Transport Security
+
+```
diff --git a/ReportToolz/pt2json.php b/ReportToolz/pt2json.php
new file mode 100755
index 0000000..f40ca32
--- /dev/null
+++ b/ReportToolz/pt2json.php
@@ -0,0 +1,98 @@
+#!/usr/bin/php
+<?php
+//error_reporting(0);
+
+/***
+ * Main program - Don't edit below
+ */
+echo " ______ _ \n _ (_____ \ (_) \n ____ _| |_ ____) ) _ ___ ___ ____ \n| _ (_ _)/ ____/ | |/___)/ _ \| _ \ \n| |_| || |_| (_____ | |___ | |_| | | | |\n| __/ \__)_______)| (___/ \___/|_| |_|\n|_| (__/ \n\n";
+
+foreach (glob("classes/*.php") as $filename)
+ include $filename;
+
+$definitions = new \Clapp\CommandLineArgumentDefinition(
+ array(
+ "help|h" => "Shows help message",
+ "doc|d=s" => "/path/to/doc.ptreport to use",
+ )
+);
+
+$filter = new \Clapp\CommandArgumentFilter($definitions, $argv);
+
+if ($filter->getParam('h') === true || $argc < 2) {
+ echo "Convert ptreport reprep output file to JSON files for repgen.php\n\n";
+ fwrite(STDERR, $definitions->getUsage());
+ exit(0);
+}
+
+// see if doc exists
+if ($filter->getParam("doc") == false)
+ die("[-] no doc set\n");
+
+echo "[!] doc: ".$filter->getParam("doc")."\n";
+if(!file_exists($filter->getParam("doc")))
+ die("[-] no such file! \n");
+
+
+$xmlfile = file_get_contents($filter->getParam("doc"));
+$ob= simplexml_load_string($xmlfile);
+$json = json_encode($ob);
+$configData = json_decode($json, true);
+
+//print_r($configData);
+//file_put_contents('/mnt/hgfs/Pentest/pentests/2019/Remploy/test/array.x', print_r($configData, true));
+$resultsFolder = substr($filter->getParam("doc"), 0, strrpos( $filter->getParam("doc"), '/') )."/";
+
+foreach ($configData['report_sections']['section']['subsection'] as $key => $value) {
+ # code...
+ //echo $value['title']."\n";
+ //print_r($value);
+ foreach($value['finding'] as $key2 => $value2){
+ echo "[+] creating json for: ".$value2['@attributes']['title']."\n";
+ $vulnFileName = preg_replace( '/[^a-z0-9]+/', '-', strtolower( $value2['@attributes']['title']) );
+
+ if(isset($value2['cvss_vector']) && @strpos($value2['cvss_vector'], 'CVSS:3.0') === 0 ){
+ $cvss3_score = $value2['cvss'];
+ $cvss3_vector = $value2['cvss_vector'];
+ }else{
+ $cvss3_score = "";
+ $cvss3_vector = "";
+ }
+
+ $techD = "";
+ foreach ($value2['section'] as $key => $value) {
+ # code...
+ $techD .= @base64_decode($value)."\n";
+ }
+ $cvssS = (isset($value2['cvss']))? $value2['cvss'] : "";
+
+ $sev = $value2['severity'];
+ $sev = str_replace("serious", "Serious", $sev);
+ $sev = str_replace("high", "High", $sev);
+ $sev = str_replace("medium", "Medium", $sev);
+ $sev = str_replace("low", "Low", $sev);
+ $sev = str_replace("info", "Informational", $sev);
+
+ $jsonFile = '{
+ "title":'.json_encode($value2['@attributes']['title']).',
+ "category":"",
+ "remediation":'.json_encode(base64_decode($value2['remediation'])).',
+ "cvss_score":'.json_encode($cvssS).',
+ "risk":'.json_encode($sev).',
+ "impact":"High/Medium/Low",
+ "description":'.json_encode(base64_decode($value2['summary_description'])).',
+ "tech_description":'.json_encode($techD).',
+ "solution":'.json_encode(base64_decode($value2['summary_fix'])).',
+ "cvss2_score":"",
+ "cvss2_vector":"",
+ "cvss3_score":'.json_encode($cvss3_score).',
+ "cvss3_vector":'.json_encode($cvss3_vector).',
+ "owasp":"",
+ "tags":'.json_encode(base64_decode($value2['vuln_tags'])).',
+ "to_check":"checked"}';
+
+
+ file_put_contents($resultsFolder.$vulnFileName.".json", $jsonFile);
+ }
+
+}
\ No newline at end of file
diff --git a/ReportToolz/README.md b/ReportToolz/README.md
index 49f29da..9dd8a0c 100644
--- a/ReportToolz/README.md
+++ b/ReportToolz/README.md
@@ -88,4 +88,27 @@
╰» ./vdb.php -i 151 -p /tmp
xss-reflected.json copied to /tmp/
-```
\ No newline at end of file
+```
+
+# ptreport to JSON files
+Convert ptreport reprep output file to JSON files for repgen.php
+
+```
+╰» ./pt2json.php -d /mnt/hgfs/Pentest/pentests/2019/Company/report/Company-9ajgty.ptreport
+ ______ _
+ _ (_____ \ (_)
+ ____ _| |_ ____) ) _ ___ ___ ____
+| _ (_ _)/ ____/ | |/___)/ _ \| _ \
+| |_| || |_| (_____ | |___ | |_| | | | |
+| __/ \__)_______)| (___/ \___/|_| |_|
+|_| (__/
+
+[!] doc: /mnt/hgfs/Pentest/pentests/2019/Company/report/Company-9ajgty.ptreport
+[+] creating json for: SSL/TLS 64-bit Block Size Cipher Suites
+[+] creating json for: TLS Version 1.0 Protocol in use
+[+] creating json for: Untrustworthy Server Certificate Chain
+[+] creating json for: Missing or Permissive HTTP Content-Security-Policy Header
+[+] creating json for: Missing or Permissive X-Frame-Options HTTP Response Header
+[+] creating json for: No HTTP Strict Transport Security
+
+```
diff --git a/ReportToolz/pt2json.php b/ReportToolz/pt2json.php
new file mode 100755
index 0000000..f40ca32
--- /dev/null
+++ b/ReportToolz/pt2json.php
@@ -0,0 +1,98 @@
+#!/usr/bin/php
+<?php
+//error_reporting(0);
+
+/***
+ * Main program - Don't edit below
+ */
+echo " ______ _ \n _ (_____ \ (_) \n ____ _| |_ ____) ) _ ___ ___ ____ \n| _ (_ _)/ ____/ | |/___)/ _ \| _ \ \n| |_| || |_| (_____ | |___ | |_| | | | |\n| __/ \__)_______)| (___/ \___/|_| |_|\n|_| (__/ \n\n";
+
+foreach (glob("classes/*.php") as $filename)
+ include $filename;
+
+$definitions = new \Clapp\CommandLineArgumentDefinition(
+ array(
+ "help|h" => "Shows help message",
+ "doc|d=s" => "/path/to/doc.ptreport to use",
+ )
+);
+
+$filter = new \Clapp\CommandArgumentFilter($definitions, $argv);
+
+if ($filter->getParam('h') === true || $argc < 2) {
+ echo "Convert ptreport reprep output file to JSON files for repgen.php\n\n";
+ fwrite(STDERR, $definitions->getUsage());
+ exit(0);
+}
+
+// see if doc exists
+if ($filter->getParam("doc") == false)
+ die("[-] no doc set\n");
+
+echo "[!] doc: ".$filter->getParam("doc")."\n";
+if(!file_exists($filter->getParam("doc")))
+ die("[-] no such file! \n");
+
+
+$xmlfile = file_get_contents($filter->getParam("doc"));
+$ob= simplexml_load_string($xmlfile);
+$json = json_encode($ob);
+$configData = json_decode($json, true);
+
+//print_r($configData);
+//file_put_contents('/mnt/hgfs/Pentest/pentests/2019/Remploy/test/array.x', print_r($configData, true));
+$resultsFolder = substr($filter->getParam("doc"), 0, strrpos( $filter->getParam("doc"), '/') )."/";
+
+foreach ($configData['report_sections']['section']['subsection'] as $key => $value) {
+ # code...
+ //echo $value['title']."\n";
+ //print_r($value);
+ foreach($value['finding'] as $key2 => $value2){
+ echo "[+] creating json for: ".$value2['@attributes']['title']."\n";
+ $vulnFileName = preg_replace( '/[^a-z0-9]+/', '-', strtolower( $value2['@attributes']['title']) );
+
+ if(isset($value2['cvss_vector']) && @strpos($value2['cvss_vector'], 'CVSS:3.0') === 0 ){
+ $cvss3_score = $value2['cvss'];
+ $cvss3_vector = $value2['cvss_vector'];
+ }else{
+ $cvss3_score = "";
+ $cvss3_vector = "";
+ }
+
+ $techD = "";
+ foreach ($value2['section'] as $key => $value) {
+ # code...
+ $techD .= @base64_decode($value)."\n";
+ }
+ $cvssS = (isset($value2['cvss']))? $value2['cvss'] : "";
+
+ $sev = $value2['severity'];
+ $sev = str_replace("serious", "Serious", $sev);
+ $sev = str_replace("high", "High", $sev);
+ $sev = str_replace("medium", "Medium", $sev);
+ $sev = str_replace("low", "Low", $sev);
+ $sev = str_replace("info", "Informational", $sev);
+
+ $jsonFile = '{
+ "title":'.json_encode($value2['@attributes']['title']).',
+ "category":"",
+ "remediation":'.json_encode(base64_decode($value2['remediation'])).',
+ "cvss_score":'.json_encode($cvssS).',
+ "risk":'.json_encode($sev).',
+ "impact":"High/Medium/Low",
+ "description":'.json_encode(base64_decode($value2['summary_description'])).',
+ "tech_description":'.json_encode($techD).',
+ "solution":'.json_encode(base64_decode($value2['summary_fix'])).',
+ "cvss2_score":"",
+ "cvss2_vector":"",
+ "cvss3_score":'.json_encode($cvss3_score).',
+ "cvss3_vector":'.json_encode($cvss3_vector).',
+ "owasp":"",
+ "tags":'.json_encode(base64_decode($value2['vuln_tags'])).',
+ "to_check":"checked"}';
+
+
+ file_put_contents($resultsFolder.$vulnFileName.".json", $jsonFile);
+ }
+
+}
\ No newline at end of file
diff --git a/ReportToolz/repgen.php b/ReportToolz/repgen.php
index f06bc4a..18ca33a 100755
--- a/ReportToolz/repgen.php
+++ b/ReportToolz/repgen.php
@@ -84,7 +84,7 @@
// create vulns for odf
$templateOrig = file_get_contents($vulnTemplate);
-$Serious = $High = $Medium = $Low = "";
+$Serious = $High = $Medium = $Low = $Informational = "";
foreach ($vuln as $singlevuln) {
$templateSource = $templateOrig;
$togo = $singlevuln['risk'];
@@ -149,6 +149,18 @@
</text:list>';
$value .= $Low;
}
+if(!empty($Informational)){
+ $value .= '<text:list text:continue-numbering="true" text:style-name="Outline">
+ <text:list-item>
+ <text:list>
+ <text:list-item>
+ <text:h text:outline-level="2">Informational Risk Vulnerabilities</text:h>
+ </text:list-item>
+ </text:list>
+ </text:list-item>
+</text:list>';
+ $value .= $Informational;
+}
// add to template
$source = file_get_contents("/tmp/$rand/content.xml");
$source = str_replace('{vuln}', $value, $source);