Project RF (Updated: 7.11.2011)

 Add comments
 

I created Project RF to have a reporting framework that provides consistent reports for various vulnerability scanning tools.  The project started with support for Nessus, Eeye Retina, and Nmap expanded with reporting for HP WebInpect,  AppScan AppDetective, Kismet, and GFI Languard.  This project is still in its alpha stages as I’m not a top notch web program developer.  Scan results are exported to XML which is then uploaded, parsed, and imported into a backend MySQL database.  I have found this framework very useful in generating reports for my workpapers.

I have created an updated and stripped down version of the framework for the latest Nessus XML.  All the work was done redoing the Nessus support for the updated XML with additional reporting features.  I’ve created this document (http://www.jedge.com/docs/install%20Project%20RF.pdf) to assist in setting up the framework. As time permits I will include import options for XML reports generated from WebInspect, AppDetective, Nmap, & Kismet. The current parse code I have does not support the latest XML for those tools.

The code can be found here (http://www.jedge.com/docs/projectRF.zip).

Report Generation

Nessus Report

Nessus Vulnerability Matrix

Executive Report

 

Change Log

7.12.2011 – Redid the Nessus compliance parser so it actually works.  It was tested on an audit file created by the i2a tool.  The report created is still crude but you can dump the info to CSV for analysis.

7.4.2011 – When the Nessus reports are parsed I calculate the scan start and end time and include that in the nessus_results table.  Why the Nessus XML files does not have this I don’t know.  This is now used to make each scan unique and I hope to include reporting that shows progress on patching vulnerabilities.  We shall see.

 Posted by admin at 9:43 am

  5 Responses to “Project RF (Updated: 7.11.2011)”

  1. Using Perl to Parse Nmap XML at Information Systems Auditing says:
    November 9, 2009 at 10:34 am

    [...] and workpapers. Just remember to keep the original Nmap results. I’ve developed a LAMP framework to parse and load Nmap results into a database for reporting and analysis. However if you are just [...]

  2. Anant ShrivastavaNo Gravatar says:
    June 14, 2011 at 10:01 am

    The idea looks cool, would definitely like to try it out for some time and maybe if possible help in development although i am already handful with task’s.

    If possible do share the code with me.

    I hope my presentation would help you in understanding the dot nessus v2 format.

    Also do check tennable official documentation its now updated for v2.

  3. jedgeNo Gravatar says:
    June 14, 2011 at 10:28 am

    Anant,

    Here is the link (http://www.jedge.com/docs/projectRF.zip) to the code. A PDF on how to get the LAMP framework up and running is included in the ZIP file.

  4. Need supportNo Gravatar says:
    December 10, 2011 at 12:57 pm

    Are you still supporting this project? Several attempts to email you at projectRF email address have failed. If so, could you reach out to me at the email address provided?

    Thanks!
    Ryan

  5. adminNo Gravatar says:
    December 12, 2011 at 7:33 am

    Ryan,

    Still coding for the framework. I thought I had created the email account proj...@jedge.com but apparently I did not. Thanks for pointing that out. It has been corrected.

 Leave a Reply

(required)

(required)

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

 
© 2012 Information Systems Auditing Suffusion theme by Sayontan Sinha