appknox


Nameappknox JSON
Version 4.3.0 PyPI version JSON
download
home_pagehttps://github.com/appknox/appknox-python
SummaryCommand-line interface & Python wrapper for the Appknox API
upload_time2023-02-01 15:38:36
maintainer
docs_urlNone
authorAppknox
requires_python
licenseMIT
keywords appknox xysec rest api wrapper cli mobile security
VCS
bugtrack_url
requirements No requirements were recorded.
Travis-CI
coveralls test coverage No coveralls.
            [![PyPI version](https://badge.fury.io/py/appknox.svg)](https://badge.fury.io/py/appknox)
[![Build Status](https://travis-ci.org/appknox/appknox-python.svg)](https://travis-ci.org/appknox/appknox-python)
[![Join the chat at https://gitter.im/appknox/appknox-python](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/appknox/appknox-python?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)

# appknox-python

Command-line interface & Python wrapper for the Appknox API.


>
> Python API documentation is available [here](http://appknox.org/appknox-python/).
>


## Installation

appknox-python is officially supported on python 3.5 & 3.6. pip is the recommended way to install appknox-python.

```
pip install appknox
```

## Usage

```
$ appknox
Usage: appknox [OPTIONS] COMMAND [ARGS]...

  Command line wrapper for the Appknox API

Options:
  -v, --verbose  Specify log verbosity.
  -k, --insecure      Allow Insecure Connection
  --help         Show this message and exit.

Commands:
  analyses       List analyses for file
  files          List files for project
  login          Log in and save session credentials
  logout         Delete session credentials
  organizations  List organizations
  projects       List projects
  recent_uploads List recent file uploads by the user
  report         Download report for file
  upload         Upload and scan package
  switch_organization  Switch organization in CLI instance
  vulnerability  Get vulnerability
  whoami         Show session info
  reports list   Show the list of reports for a file
  reports create Creates a new report for a file
  reports download summary-csv  Downloads the report summary in CSV format
  reports download summary-excel  Downloads the report summary in Excel format
```

### Authentication

Log in to appknox CLI using your [secure.appknox.com](https://secure.appknox.com/) credentials.

```
$ appknox login
Username: viren
Password:
Logged in to https://api.appknox.com
```

#### Using Environment Variables

Instead of `login` we can use environment variables for authentication. This will be useful for scenarios such as CI/CD setup.

```
$ export APPKNOX_ACCESS_TOKEN=aaaabbbbbcccddeeeffgghhh
$ export APPKNOX_ORGANIZATION_ID=2
$ export HTTP_PROXY=http://proxy.local
$ export HTTPS_PROXY=https://proxy.local
```

Supported variables are:

| Environment variable | Value |
|----|-----|
| `APPKNOX_ACCESS_TOKEN` | Access token can be generated from Appknox dashboard _(Settings → Developer Settings → Generate token)_. |
| `APPKNOX_HOST` | Defaults to `https://api.appknox.com` |
| `APPKNOX_ORGANIZATION_ID` | Your Appknox organization id |
| `HTTP_PROXY` | Set your HTTP proxy ex: `http://proxy.local` |
| `HTTPS_PROXY` | Set your HTTPS proxy ex: `https://proxy.local` |


### Data fetch & actions

| Available commands | Use |
|--------------------|-----|
| `organizations` | List organizations of user |
| `projects` | List projects user has access to |
| `files <project_id>` | List files for a project |
| `analyses <file_id>` | List analyses for a file |
| `vulnerability <vulnerability_id>` | Get vulnerability detail |
| `owasp <owasp_id>` | Get OWASP detail |
| `upload <path_to_app_package>` | Upload app file from given path and get the file_id |
| `rescan <file_id>` | Rescan a file (this will create a new file under the same project.) |
| `reports list <file_id>` | Lists all the reports associated with the file |
| `reports create <file_id>` | Create a new report for the file and returns report ID|
| `reports download summary-csv <report_id>` | Outputs the report summary in CSV format | 
| `reports download summary-excel <report_id>` | Outputs the report summary in Excel format |


Example:

```
$ appknox organizations
  id  name
----  -------
   2  MyOrganization

$ appknox projects
  id  created_on             file_count  package_name                     platform  updated_on
----  -------------------  ------------  -----------------------------  ----------  -------------------
   3  2017-06-23 07:19:26             3  org.owasp.goatdroid.fourgoats           0  2017-06-23 07:26:55
   4  2017-06-27 08:27:54             2  com.appknox.mfva                        0  2017-06-27 08:30:04

$ appknox files 4
  id  name      version    version_code
----  ------  ---------  --------------
   6  MFVA            1               6
   7  MFVA            1               6

$ appknox reports list 4
  id  language      
----  ------ 
   1  en
   2  en

$ appknox reports create 4
3

$ appknox reports download summary-csv 3
Organization ID,Project ID,Application Name,Application Namespace,Platform,Version,Version Code,File ID,Test Case,Scan Type,Severity,Risk Override,CVSS Score,Findings,Description,Noncompliant Code Example,Compliant Solution,Business Implication,OWASP,CWE,MSTG,ASVS,PCI-DSS,GDPR,Created On
1,1,MFVA,com.appknox.mfva,Android,1.1,1605631525,51,Broken SSL Trust Manager,Static,High,,6.9,"BluK8lNUoeHkNxZ3GVrKN9BP2
NVWmfbtHDiJBOTbOEpCnsbMhc6T31t...(Truncated)

$ appknox reports download summary-csv 3 --output /path/to/output/report_summary.csv
<No output: This command will download the report summary to given output path>
```

### Using Proxy

Appknox client and CLI both supports HTTP and HTTPS proxy. While using the client, if you need to set-up a proxy then please follow the example below

```
from appknox.client import Appknox

client = Appknox(
        access_token="Your-Access-Token",  #  This is your access token which you can get from developer setting
        https_proxy="http://proxy.local",  # Use https_proxy by default since cloud server connects to https service
        insecure=True,                     # Use insecure connections, because proxies might have their own set of certificates which maynot be trusted
    )                                      # Insecure connections are not reccomended though
```

To use it in CLI example:

```
$ export HTTPS_PROXY=http://127.0.0.1:8080 
$ appknox --insecure login
Username:
```

*Note*: Please avoid using `--insecure` flag or setting `insecure=True` in client, this will allow an attacker to perform MITM attack, but this might be required for proxies to work alongside.

---

## Development
### Update docs

Install [sphinx-autobuild](https://github.com/GaretJax/sphinx-autobuild):
```
pip install sphinx-autobuild
```

Build docs:
```
sphinx-autobuild -b html sphinx-docs docs
```

---

License: MIT



            

Raw data

            {
    "_id": null,
    "home_page": "https://github.com/appknox/appknox-python",
    "name": "appknox",
    "maintainer": "",
    "docs_url": null,
    "requires_python": "",
    "maintainer_email": "",
    "keywords": "appknox xysec rest api wrapper cli mobile security",
    "author": "Appknox",
    "author_email": "engineering@appknox.com",
    "download_url": "https://files.pythonhosted.org/packages/e7/1b/646bd8441705141e584d3a62e2299ee9aec71b6b7efa4c7d8d36086f6741/appknox-4.3.0.tar.gz",
    "platform": null,
    "description": "[![PyPI version](https://badge.fury.io/py/appknox.svg)](https://badge.fury.io/py/appknox)\n[![Build Status](https://travis-ci.org/appknox/appknox-python.svg)](https://travis-ci.org/appknox/appknox-python)\n[![Join the chat at https://gitter.im/appknox/appknox-python](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/appknox/appknox-python?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)\n\n# appknox-python\n\nCommand-line interface & Python wrapper for the Appknox API.\n\n\n>\n> Python API documentation is available [here](http://appknox.org/appknox-python/).\n>\n\n\n## Installation\n\nappknox-python is officially supported on python 3.5 & 3.6. pip is the recommended way to install appknox-python.\n\n```\npip install appknox\n```\n\n## Usage\n\n```\n$ appknox\nUsage: appknox [OPTIONS] COMMAND [ARGS]...\n\n  Command line wrapper for the Appknox API\n\nOptions:\n  -v, --verbose  Specify log verbosity.\n  -k, --insecure      Allow Insecure Connection\n  --help         Show this message and exit.\n\nCommands:\n  analyses       List analyses for file\n  files          List files for project\n  login          Log in and save session credentials\n  logout         Delete session credentials\n  organizations  List organizations\n  projects       List projects\n  recent_uploads List recent file uploads by the user\n  report         Download report for file\n  upload         Upload and scan package\n  switch_organization  Switch organization in CLI instance\n  vulnerability  Get vulnerability\n  whoami         Show session info\n  reports list   Show the list of reports for a file\n  reports create Creates a new report for a file\n  reports download summary-csv  Downloads the report summary in CSV format\n  reports download summary-excel  Downloads the report summary in Excel format\n```\n\n### Authentication\n\nLog in to appknox CLI using your [secure.appknox.com](https://secure.appknox.com/) credentials.\n\n```\n$ appknox login\nUsername: viren\nPassword:\nLogged in to https://api.appknox.com\n```\n\n#### Using Environment Variables\n\nInstead of `login` we can use environment variables for authentication. This will be useful for scenarios such as CI/CD setup.\n\n```\n$ export APPKNOX_ACCESS_TOKEN=aaaabbbbbcccddeeeffgghhh\n$ export APPKNOX_ORGANIZATION_ID=2\n$ export HTTP_PROXY=http://proxy.local\n$ export HTTPS_PROXY=https://proxy.local\n```\n\nSupported variables are:\n\n| Environment variable | Value |\n|----|-----|\n| `APPKNOX_ACCESS_TOKEN` | Access token can be generated from Appknox dashboard _(Settings \u2192 Developer Settings \u2192 Generate token)_. |\n| `APPKNOX_HOST` | Defaults to `https://api.appknox.com` |\n| `APPKNOX_ORGANIZATION_ID` | Your Appknox organization id |\n| `HTTP_PROXY` | Set your HTTP proxy ex: `http://proxy.local` |\n| `HTTPS_PROXY` | Set your HTTPS proxy ex: `https://proxy.local` |\n\n\n### Data fetch & actions\n\n| Available commands | Use |\n|--------------------|-----|\n| `organizations` | List organizations of user |\n| `projects` | List projects user has access to |\n| `files <project_id>` | List files for a project |\n| `analyses <file_id>` | List analyses for a file |\n| `vulnerability <vulnerability_id>` | Get vulnerability detail |\n| `owasp <owasp_id>` | Get OWASP detail |\n| `upload <path_to_app_package>` | Upload app file from given path and get the file_id |\n| `rescan <file_id>` | Rescan a file (this will create a new file under the same project.) |\n| `reports list <file_id>` | Lists all the reports associated with the file |\n| `reports create <file_id>` | Create a new report for the file and returns report ID|\n| `reports download summary-csv <report_id>` | Outputs the report summary in CSV format | \n| `reports download summary-excel <report_id>` | Outputs the report summary in Excel format |\n\n\nExample:\n\n```\n$ appknox organizations\n  id  name\n----  -------\n   2  MyOrganization\n\n$ appknox projects\n  id  created_on             file_count  package_name                     platform  updated_on\n----  -------------------  ------------  -----------------------------  ----------  -------------------\n   3  2017-06-23 07:19:26             3  org.owasp.goatdroid.fourgoats           0  2017-06-23 07:26:55\n   4  2017-06-27 08:27:54             2  com.appknox.mfva                        0  2017-06-27 08:30:04\n\n$ appknox files 4\n  id  name      version    version_code\n----  ------  ---------  --------------\n   6  MFVA            1               6\n   7  MFVA            1               6\n\n$ appknox reports list 4\n  id  language      \n----  ------ \n   1  en\n   2  en\n\n$ appknox reports create 4\n3\n\n$ appknox reports download summary-csv 3\nOrganization ID,Project ID,Application Name,Application Namespace,Platform,Version,Version Code,File ID,Test Case,Scan Type,Severity,Risk Override,CVSS Score,Findings,Description,Noncompliant Code Example,Compliant Solution,Business Implication,OWASP,CWE,MSTG,ASVS,PCI-DSS,GDPR,Created On\n1,1,MFVA,com.appknox.mfva,Android,1.1,1605631525,51,Broken SSL Trust Manager,Static,High,,6.9,\"BluK8lNUoeHkNxZ3GVrKN9BP2\nNVWmfbtHDiJBOTbOEpCnsbMhc6T31t...(Truncated)\n\n$ appknox reports download summary-csv 3 --output /path/to/output/report_summary.csv\n<No output: This command will download the report summary to given output path>\n```\n\n### Using Proxy\n\nAppknox client and CLI both supports HTTP and HTTPS proxy. While using the client, if you need to set-up a proxy then please follow the example below\n\n```\nfrom appknox.client import Appknox\n\nclient = Appknox(\n        access_token=\"Your-Access-Token\",  #  This is your access token which you can get from developer setting\n        https_proxy=\"http://proxy.local\",  # Use https_proxy by default since cloud server connects to https service\n        insecure=True,                     # Use insecure connections, because proxies might have their own set of certificates which maynot be trusted\n    )                                      # Insecure connections are not reccomended though\n```\n\nTo use it in CLI example:\n\n```\n$ export HTTPS_PROXY=http://127.0.0.1:8080 \n$ appknox --insecure login\nUsername:\n```\n\n*Note*: Please avoid using `--insecure` flag or setting `insecure=True` in client, this will allow an attacker to perform MITM attack, but this might be required for proxies to work alongside.\n\n---\n\n## Development\n### Update docs\n\nInstall [sphinx-autobuild](https://github.com/GaretJax/sphinx-autobuild):\n```\npip install sphinx-autobuild\n```\n\nBuild docs:\n```\nsphinx-autobuild -b html sphinx-docs docs\n```\n\n---\n\nLicense: MIT\n\n\n",
    "bugtrack_url": null,
    "license": "MIT",
    "summary": "Command-line interface & Python wrapper for the Appknox API",
    "version": "4.3.0",
    "split_keywords": [
        "appknox",
        "xysec",
        "rest",
        "api",
        "wrapper",
        "cli",
        "mobile",
        "security"
    ],
    "urls": [
        {
            "comment_text": "",
            "digests": {
                "blake2b_256": "df4f295ea5bf447fb83739dbe1b0c8faf07664c5e4154c4648a80c3c4d1effc6",
                "md5": "ee4c6d616fb87bcd5a404d570ac6ce60",
                "sha256": "d2d06a453282ae05d0365150b7d4c0ad0a4593e4e181979eeddb655c64721759"
            },
            "downloads": -1,
            "filename": "appknox-4.3.0-py2.py3-none-any.whl",
            "has_sig": false,
            "md5_digest": "ee4c6d616fb87bcd5a404d570ac6ce60",
            "packagetype": "bdist_wheel",
            "python_version": "py2.py3",
            "requires_python": null,
            "size": 16010,
            "upload_time": "2023-02-01T15:38:34",
            "upload_time_iso_8601": "2023-02-01T15:38:34.362782Z",
            "url": "https://files.pythonhosted.org/packages/df/4f/295ea5bf447fb83739dbe1b0c8faf07664c5e4154c4648a80c3c4d1effc6/appknox-4.3.0-py2.py3-none-any.whl",
            "yanked": false,
            "yanked_reason": null
        },
        {
            "comment_text": "",
            "digests": {
                "blake2b_256": "e71b646bd8441705141e584d3a62e2299ee9aec71b6b7efa4c7d8d36086f6741",
                "md5": "371ed31fa83db0db515c1866dcb91f9b",
                "sha256": "403c011ad2aad70386c282b461a1d4a29a8a6dd6515f5a76efa4455d4837c696"
            },
            "downloads": -1,
            "filename": "appknox-4.3.0.tar.gz",
            "has_sig": false,
            "md5_digest": "371ed31fa83db0db515c1866dcb91f9b",
            "packagetype": "sdist",
            "python_version": "source",
            "requires_python": null,
            "size": 17332,
            "upload_time": "2023-02-01T15:38:36",
            "upload_time_iso_8601": "2023-02-01T15:38:36.395609Z",
            "url": "https://files.pythonhosted.org/packages/e7/1b/646bd8441705141e584d3a62e2299ee9aec71b6b7efa4c7d8d36086f6741/appknox-4.3.0.tar.gz",
            "yanked": false,
            "yanked_reason": null
        }
    ],
    "upload_time": "2023-02-01 15:38:36",
    "github": true,
    "gitlab": false,
    "bitbucket": false,
    "github_user": "appknox",
    "github_project": "appknox-python",
    "travis_ci": true,
    "coveralls": false,
    "github_actions": false,
    "requirements": [],
    "lcname": "appknox"
}
        
Elapsed time: 0.03940s