9.12.2013 – So I use this tool all the time to parse Nessus and Nmap scripts and it is nice to see other people doing the same. Feel free to email me at HIDDEN EMAIL with any things you would like to see or issues you come across. I forget all the changes I made but a list of what I remember is listed below. Latest code is here.
3.6.2013 So Nessus 5 is pretty cool for being able to filter the results to generate reports. I still like my reports though, especially the vulnerability matrix. I also like creating the quick Nmap CSV files as well as loading Kismet into a database to run queries (no reporting yet). I also added an import for Dumpsec and so far have a simple report that tells me password age.
I created Project RF to have a reporting framework that provides consistent reports for various vulnerability scanning tools. The project started with support for Nessus, Eeye Retina, and Nmap expanded with reporting for HP WebInpect, AppScan AppDetective, Kismet, and GFI Languard. This project is still in its alpha stages as I’m not a top notch web program developer. Scan results are exported to XML which is then uploaded, parsed, and imported into a backend MySQL database. I have found this framework very useful in generating reports for my workpapers.
I have created an updated and stripped down version of the framework for the latest Nessus XML. All the work was done redoing the Nessus support for the updated XML with additional reporting features. I’ve created this document (http://www.jedge.com/docs/install%20Project%20RF.pdf) to assist in setting up the framework. As time permits I will include import options for XML reports generated from WebInspect, AppDetective, Nmap, & Kismet. The current parse code I have does not support the latest XML for those tools.
The code can be found here (http://www.jedge.com/docs/projectRF.tar.gz).
9.12.2013 – Nessus: Someone pointed out that there was no option to have the Solution show up in the report (fixed). There have been changes to the database fields. Some fields were to small and data was getting truncated. Made the Exploit table look pretty (or not as crappy). See Also actually creates the links properly.
Nmap: There is a CSV you can create that combines results from Nessus and Nmap. Nmap is better at service detection and Nessus is better at OS detection.
3.6.2013 – I still work on this shit. Especially since I’m a full time pen tester again and create scripts for reporting.
7.12.2011 – Redid the Nessus compliance parser so it actually works. It was tested on an audit file created by the i2a tool. The report created is still crude but you can dump the info to CSV for analysis.
7.4.2011 – When the Nessus reports are parsed I calculate the scan start and end time and include that in the nessus_results table. Why the Nessus XML files does not have this I don’t know. This is now used to make each scan unique and I hope to include reporting that shows progress on patching vulnerabilities. We shall see.