Version 19 of the Nessus parser is here. There are a few features I am really excited about. Listed below are all the newly added features.
1. CPE report
2. Added Plugin Family Mobile Devices
3. Added Plugin Family Oracle Linux Local Security Checks
4. Added Plugin Family Scientific Linux Local Security Checks
5. Added CVSS Score Data
6. Added CVSS Total Score
The features I think are really exciting, are the CPE and CVSS related features.
First there is a new table with all the CPE’s found during the scan. The CPE’s can help you identify systems with specific software or hardware configuration. This is a great tool to help with software inventory.
The second item is the addition of CVSS information to the vulns tabs.
The third really neat feature allows you to use the CVSS score to assess risk. On the new “CVSS Score Total” tab there is a row for each IP address and the sum of each CVSS for critical, high and medium severities. To allow the analysts to assign risk levels there is a multiplier for each severity level. By changing the value in each multiplier, you effect the over all score assigned to each address.
parse_nessus_xml.v19.pl
Hello Users of the Nessus parser. I am sorry for not responding to questions or doing updates over the last 6 months or so. However I am back in the game now. In celebration of my new Job at Tenable Network Security (YES!!!!!!!) I have updated the Nessus Parser to v18.
parse_nessus_xml.v18
Here are the updates:
Bug Fixes
– Fixed the “-d” issue
– Host Config Data Severity Critical Issue
– Excel Slow or Failed to load due to word wrapping
New Features
– Added column for exploitable vulnerabilities…
– Added option “-o” if you want to change the filename prefix
– Added scan info tab, lists scan start and stop times and other info in Plugin 19506.
I know, I can’t believe it either but its finally here. The new version of the Nessus Parser. I have added 4 new features, they are:
1. Support for Severity 4 (Critical) findings.
2. Recasting severity levels.
3. New Tab for Windows Computers with SSID’s connected (Plugin ID 25197).
4. New Tab for Wireless Access Point Detection (Plugin ID 11026).
To use the recasting option, add the argument “-r file.txt”, where file.txt is a CSV file with 3 fields. PluginID,Current Severity, New Severity. Examples
51192,2,4
59448,3,1
62462,3,4
19506,0,4
The example command is:
perl /path/to/script/parse_nessus_xml.v16.pl -f /foo/bar/scan1.nessus -r /path/to/script/recast.txt
The other new features work by default.
You can download the updated code at HERE