This is really kool stuff Ed Skoudis and Kevin Fiscus, both SANS instructors, are talking about my parser. I have been working on a new version, I guess this is a sign I need to get working harder:)
Data, Data, Everywhere What to do with Volumes of Nessus Output
Version 19 of the Nessus parser is here. There are a few features I am really excited about. Listed below are all the newly added features.
1. CPE report
2. Added Plugin Family Mobile Devices
3. Added Plugin Family Oracle Linux Local Security Checks
4. Added Plugin Family Scientific Linux Local Security Checks
5. Added CVSS Score Data
6. Added CVSS Total Score
The features I think are really exciting, are the CPE and CVSS related features.
First there is a new table with all the CPE’s found during the scan. The CPE’s can help you identify systems with specific software or hardware configuration. This is a great tool to help with software inventory.
The second item is the addition of CVSS information to the vulns tabs.
The third really neat feature allows you to use the CVSS score to assess risk. On the new “CVSS Score Total” tab there is a row for each IP address and the sum of each CVSS for critical, high and medium severities. To allow the analysts to assign risk levels there is a multiplier for each severity level. By changing the value in each multiplier, you effect the over all score assigned to each address.
parse_nessus_xml.v19.pl
Greetings All,
Here is a maintenance release of the Nessus parser. I would like to make a special shout out to Joe M (joebeast20 – AT – yahoo.com) for finding a bug and contributing the code. The bug Joe found were missing plugin families in the check and reporting functions. I took the opportunity to update the plugin families so all plugin families are now in the tool.
Thanks again Joe.
parse_nessus_xml.v15.pl