CLI tool and python module which enables you to parse nessus scan files from Nessus and Tenable.SC by (C) Tenable, Inc.
Home Page: https://limberduck.org
License: GNU General Public License v3.0
Hello, it appears something is wrong parsing currently.
Using the command line tool you see:
Looking in Nessus Pro Web Interface the counts are different:
Please fix.
Using Python 3.10.4 in Linux:
_python3.10/site-packages/nessus_file_reader/host/host.py", line 119, in detected_os
if """ in operating_system:
TypeError: argument of type 'NoneType' is not iterable_
Solution: Verify if is NoneType before if condition:
if operating_system is not None:
if """ in operating_system:
operating_system = str(operating_system).strip('["').strip('"]')
else:
operating_system = str(operating_system).strip('["').strip('"]')
else:
operating_system = ''
Report pulled from tenable.sc version 5.16.0
when running number_of_plugins_per_risk_factor all results return 0 on all factors. It seems to be because the they changed it from 'risk_factor' to 'severity'
def number_of_plugins_per_risk_factor(report_host, risk_factor_level):
"""
Function returns number of all plugins reported during scan for given risk factor for given target.
:param report_host: report host element
:param risk_factor_level:
'Critical'
'High'
'Medium'
'Low'
'None'
:return: number of plugins for given risk factor
"""
risk_factor_counter = 0
for report_item in report_host.findall("ReportItem"):
risk_factor = report_item.find('risk_factor')
if risk_factor is not None:
if risk_factor.text == risk_factor_level:
risk_factor_counter += 1
return risk_factor_counter
Hello,
Here is the CLI tool count followed by a script that dumps each Vuln Name by criticality and provides a count. Notice the counts are not the same. In this example, lets focus on just the Criticals:
Nessus web interface for comparison:
As you can see by comparing, the parser does not account for "Unsupported Web Server Detection".
I've attached the dummy data from the scan against the HTB environment, followed by the script used to dump and count each vuln by severity.
import nessus_file_reader as nfr
nessus_scan_file = r"dummy_data.nessus"
root = nfr.file.nessus_scan_file_root_element(nessus_scan_file)
critical_plugin_tracking={}
high_plugin_tracking={}
medium_plugin_tracking={}
for report_host in nfr.scan.report_hosts(root):
report_items_per_host = nfr.host.report_items(report_host)
for report_item in report_items_per_host:
report_host_ip = nfr.host.resolved_ip(report_host)
plugin_id = int(nfr.plugin.report_item_value(report_item, 'pluginID'))
risk_factor = nfr.plugin.report_item_value(report_item, 'risk_factor')
plugin_name = nfr.plugin.report_item_value(report_item, 'pluginName')
port = nfr.plugin.report_item_value(report_item, 'port')
#print('\t', plugin_id, ' \t\t\t', risk_factor,' \t\t\t', report_host_ip,' \t\t\t', plugin_name)
if plugin_name not in critical_plugin_tracking:
if risk_factor == 'Critical':
critical_plugin_tracking[plugin_name] = [report_host_ip+':'+port]
elif risk_factor =='High':
high_plugin_tracking[plugin_name] = [report_host_ip+':'+port]
elif risk_factor =='Medium':
medium_plugin_tracking[plugin_name] = [report_host_ip+':'+port]
else:
if risk_factor == 'Critical':
critical_plugin_tracking[plugin_name].append(report_host_ip+':'+port)
elif risk_factor == 'High':
high_plugin_tracking[plugin_name].append(report_host_ip+':'+port)
elif risk_factor == 'Medium':
medium_plugin_tracking[plugin_name].append(report_host_ip+':'+port)
else:
pass
print('== CRITICALS: ==')
c = 0
for k,v in critical_plugin_tracking.items():
print(k,':',v)
c += 1
print('Count:{}\n'.format(c))
print('== HIGHS ==')
c = 0
for k,v in high_plugin_tracking.items():
print(k,':',v)
c += 1
print('Count:{}\n'.format(c))
print('')
c = 0
print('== MEDIUMS ==')
for k,v in medium_plugin_tracking.items():
print(k,':',v)
c+=1
print('Count:{}\n'.format(c))
I would appreciate any help.
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google โค๏ธ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.