Archive

Posts Tagged ‘Security’

SANS Penetration Testing Blog

April 29th, 2014 12 comments

This is really kool stuff Ed Skoudis and Kevin Fiscus, both SANS instructors, are talking about my parser. I have been working on a new version, I guess this is a sign I need to get working harder:)

Data, Data, Everywhere What to do with Volumes of Nessus Output

Categories: Nessus Tags: , ,

Nessus Vulnerability XML Parser

May 21st, 2010 19 comments

When I do security assessments, I always use Nessus.  Nessus is a great tool and is extremely helpful with one exception, the reporting.  While filtering is good in the new Flash interface, I still found myself needing to do something else.  So I have used Perl for many years and I figured it was time to start coding again.  I am by no means a Perl expert or even a programmer.  But I can hack-up some pretty good Perl code to parse text files. So that is what I did.

This the first Perl code I have ever released to the public.  So if you read it and would like to comment…please be gentle.

The parse-nessus.pl is a CLI only script.   The script does require a few modules that can be found on CPAN.  The required modules are: XML::TreePP, Data::Dumper, Spreadsheet::WriteExcel::Big, and Math::Round.  I used this on Snow Leopard, but all the modules I use should compile fine on any OS.  To install the modules from the command line use the “cpan” command, see below.

sudo cpan XML::TreePP
sudo cpan Data::Dumper
sudo cpan Spreadsheet::WriteExcel::Big
sudo cpan Math::Round
The script is designed to look for all the *.XML files in defined directory.  The directory is passed as an argument, if no directory is specified an error will be returned.  To see the version, then add the v|V|-v|-V and a version will be reported.  The script will create two files, the nessus_report.xls and Nessus_data_report.txt.  The Nessus_data_report.txt is a text version of the data found in the actual Nessus report, but only shows all the Severity 2 & 3 reports.  The nessus_report.xls is a multi spreadsheet workbook that contains all the findings from Nessus.  I then manually create a series of pivot tables as such.  I have the auto-sort on all columns and will be adding more formatting as time allows.

parse_nessus_xml.v5-for-blog.pl

Example

—————————————————————-

Get the Verion

xyz:parse-nessus MyMac$ perl parse_nessus_xml.v5-for-blog.pl v
PARSE NESSUS VER 0.05
RELEASE AS IS AND USE AS YOU SEE FIT.
PLEASE GIVE ME CREDIT IF YOU RELEASE ELSE WHERE!!!!!!

Example with the “.” directory, this is what I use most of the time.

xyz:parse-nessus MyMac$ perl parse_nessus_xml.v5-for-blog.pl .

Parsing File inside.nessus.xml
Finished Parsing File inside.nessus.xml
Printing the Main Report
Creating Spreadsheet Data
Preparing Hosts Data
Create General Vulnerability Data
Creating Policy Compliance Data
Creating Windows Management Data
Creating Nessus Report Spreadsheet

completed

—————————————————————-

I figured I would share this with the world, enjoy and please comment.  I am releasing this code under the GPL, use as you will, please link back to this blog in the source code.  If you would like to contribute and make changes, please feel free to make the changes and post the code here or email me.

Categories: Nessus Tags: , , , ,