Network Configuration Builders

Thank you, Cody! You’ve done a heck of a job!

Thanks alot, this is really awesome work!! One suggestion, can you create a or section which consists of the most vulnerable hostnames? (eg top 10 hosts with the most critical/high/medium vulnerabilties)?

Thank you for this improved version.
I like the IP Summary tab and what it provide.
Is there a way to add a switch/option something, to list vulnerable machines by names instead of ip ? In my case I ran a scan on a list of computer names not ip.

Good work another great release

Nice work! I like the script! I saw that in the severity worksheets (Critcal, High, Medium, Low, Information) that there were two “Solution” columns in each one, was there a reason for that?

Thanks again, Cody. Love the script and use it on a daily basis.

Hey Cody,

I’m a Shell guy, I am trying to add another sheet with output similar to PCIDSS, with the exception that it displays all Critical, High, Medium and Low vulnerabilities as well as the solution data so that I can put all of this into a pivot table:

if($PCIDSS[0] ne “”) {
print “Storing PCI DSS Table\n”;
my $PCIDSS_ctr = 2;
our $PCIDSS_worksheet = $workbook->add_worksheet(‘PCIDSSPolicy’);
$PCIDSS_worksheet->write_url( ‘A1’, $home_url, $url_format, $_);
$PCIDSS_worksheet->keep_leading_zeros();
$PCIDSS_worksheet->write(1, 0, ‘File’,$center_border6_format);
$PCIDSS_worksheet->write(1, 1, ‘IP Address’,$center_border6_format);
$PCIDSS_worksheet->write(1, 2, ‘FQDN’,$center_border6_format);
$PCIDSS_worksheet->write(1, 3, ‘PluginID’,$center_border6_format);
$PCIDSS_worksheet->write(1, 4, ‘protocol’,$center_border6_format);
$PCIDSS_worksheet->write(1, 5, ‘severity’,$center_border6_format);
$PCIDSS_worksheet->write(1, 6, ‘pluginFamily’,$center_border6_format);
$PCIDSS_worksheet->write(1, 7, ‘plugin Type’,$center_border6_format);
$PCIDSS_worksheet->write(1, 8, ‘Synopsis’,$center_border6_format);
$PCIDSS_worksheet->write(1, 9, ‘Plugin Output’,$center_border6_format);
$PCIDSS_worksheet->write(1, 10, ‘See Also’,$center_border6_format);
$PCIDSS_worksheet->set_tab_color(‘blue’);
$PCIDSS_worksheet->freeze_panes(‘C3’);
$PCIDSS_worksheet->autofilter(‘A2:K2’);
$PCIDSS_worksheet->set_column(‘A:K’, 20);

Whats the best way to approach this?

Hi Cody.

I’m using the script to parse several scanresults to one excel sheet. Unfortunately there’s a problem with the calculation of the values on the home worksheet. When calculating manual I’ll get different values.
Can you help?

Regads!

Thank you! Excellent!

Thank you Cody,

I ran into an error in executing this against a local dir with .nessus files I get an error stating ‘Can’t call method “add_worksheet” on an undefined at parse_nessus_xml.v21.pl line 1528.’

In addition to the spaces in the path, it seemed the soft path via ~ isn’t useful, The full path /home/iamanidiot/nessus_files worked.

Is there any way to parse out duplicate IP addresses with this. Nessus sometimes reports each finding twice in my scans. I have either had to re-scan or dump the results into excel and then delete duplicates.

I just wanted to let you know that I find the nessus parser to be extremely useful and easy to use. Thank you very much for sharing it with the world.

I keep getting the below error, could anyone please help me ?

Can’t call method “add_worksheet” on an undefined value at parse_nessus_xml.v21.pl line 1528.

Thanks Cody! I was wondering if you could add the port number next to list of IP address for each vuln.

e.g. 192.168.1.1(tcp/443)

Just wanted to say thank you for this – it works great!

Good day,
I used to use Nessus Parser v0.20 where I had to run the script only. Now, I would like to use it again with Nessus, but I don’t have to configuration requirements for both Win 7 and RHEH 5.6 / RHEL 6. Can you help?

The parser script is superb. Thank you so much.

I’ve never really worked with PERL before but would like to utilize this script. When I run the script I receive an error about a missing module (XML/TreePP.pm in @INC). I attempted to update the modules using ppm but was not able to find a package that was not installed already. Ideas? Thank you

I’m getting an Out of Memory error on a file that is only 186.5 MB (.18 GB). I know you’ve mentioned a 1 GB limit on file size but this is not even close. Any ideas?

Awesome tool, Cody. I just started using it and love it. Do have a question on the user account enumeration. When run against our systems, the column for “Account Disabled” for Windows Guest accounts indicates the accounts are not disabled. However, I verified both on the system tested as well as the Nessus results that the Guest account is reported as disabled. I reviewed the Perl code a little and tried a few things but I am a novice coder and wasn’t able to figure out why this is being reported as such. Any suggestions on why this is the case or any one else experiencing the same thing?

Hi, great job man!

Is it possible you add some kind of template for translation of the cell fields to another language?

Excellent job. Many thanks !

An RFE maybe? Having a command-line option, or the script checking for the presence of a file or bunch of files in the nessus XML folder (-d option) in order to ignore some IP/Host.

Why: often, Nessus is scanning by subnet (CIDR) and when scanning a site external Internet subnet the ISP’s router is scanned as well. Although sometime desirable, this can lead to complains from the ISP, and it is also poluting the Nessus Excel report with said vulnerabilities like telnet or SSH detected…

One could enter an IP or host per line in a bespoke and agreed named file like exclude.txt. These items will not be included in the Excel file.

P.S. Apart from that, I’m also using the merger.py script from Ben Toews : https://gist.github.com/mastahyeti/2720173

Thanks again and keep on the good and clever work 🙂
Kind regards,
RasKal

Cody.. this rocks!! This totally made my month with being able to use the raw .nessus data and put it in a format that is usable, functional and we can provide meaningful reporting from.

Many thanks!

Thank you, Cody!

Used your script with 5 version of Nessus, but in 6.5 there is format changing. Do you planing to update your helpfull script?

Hi! I hope you’re still working on this project cause this useful script won’t work with Nessus 6 and above because (apparently) Nessus 6 it’s not using Nessus version 2 format anympre 🙁

From the dates on the comments it looks like it’s been quite a while since anyone as said thank you but I wanted you to know that your script is still just about the best thing available for parsing out the mountains of data produced by Nessus. Great work and thank you for making it available to the community. I can’t begin to imagine how much time has been saved (by other people) because of your effort.

I am curious how the script reports Credentialed Checks when scanning workstations. I have an issue where the scan is configured to use domain admin credentials and when analyzing the raw .nessus file it appears that the credentials are being used. But the report I receive after running this script reports the Credentialed Check column as a “no” for every system scanned.

It seems that large scans that include credentialed scans break the script. I’m trying to use a ~900mb .nessus file, it’s recognized as being a vaild Nessus v2 format file, and just sits there for a moment and returns the status of “Killed”.

It looks like there was a new plugin family added “Incident Response” which has broken this script recently.

Creating Spreadsheet Data
Preparing Hosts Data
There is a new plugin family added, it is Incident Response

Sorry I thought I posted this but cannot find it. Where can I find the recast.txt file?