cofense export parser

Author: Nolan B. Kennedy (nxkennedy)

Why?

• Created to help parse all the raw scenario exports generated by the Cofense/PhishMe portal into meaningful stat-based data that we can turn into pretty charts. Currently you still have to manually download the exports from the portal.
• Also, after our data is stored in a sqlite database we can build whatever reports we want.

How?

• We iterate over all the reports, parse them and normalize them before popping them into a sqlite database, then provide a couple ways to generate meaningful data from the reports.

Requirements

Python3

openpyxl

$ apt-get install python3-pip
$ pip3 install openpyxl

1. Download the scripts

$ git clone https://github.com/nxkennedy/cofense_export_parser.git

2. Building and populating the database

• Change to the phishme directory containing the scripts
• Manually (bleh!) download the exports and put all CSVs in respective business component folders (you will need to create the component folders).
• LEAVE THE DEFAULT EXPORT NAMES INTACT. Not doing so will break the script.

Directory Structure = phishme_export_parser/component/scenario_export.csv
Example 1: phishme_export_parser/marketing/export.csv
Example 2: phishme_export_parser/legal/export.csv

Add all CSVs to database

(run from within the root phishme folder)
This will create a database in the current directory with the format db-datetime.db

user@foo:~/phishme_export_parser$ python3 parse-to-db.py

3. Reporting

Want to export the db to csv?

user@foo:~/phishme_export_parser$ python3 report.py <db> -e

Want to generate the multi tabbed spreadsheet with stats used for charts?

user@foo:~/phishme_export_parser$ python3 report.py <db> -s

Want to get names and stats for those that failed in a particular component?

user@foo:~/phishme_export_parser$ python3 clickonly-user-report.py <db> <component>