12.11.2013 – So Tenable has made a bunch of changes and additions to the XML (.nessus) file and I’ve tried my best to incorporate them into the project. \u00a0First off they did something awesome which is alphabetize the XML elements. \u00a0So I’ve done that as well in the Nessus parse and report scripts. \u00a0It makes it so much easier to manage. \u00a0So with new elements comes new table columns. \u00a0If using this code base you should know that you need to clear all data from the DB. \u00a0I’ve made some changes to the report as shown in the graphic below.<\/p>\n 9.12.2013 – So I use this tool all the time to parse Nessus and Nmap scripts and it is nice to see other people doing the same. \u00a0Feel free to email me at projectrf@jedge.com with any things you would like to see or issues you come across. I forget all the changes I made but a list of what I remember is listed below. \u00a0Latest code is here<\/a>.<\/p>\n 3.6.2013 So Nessus 5 is pretty cool for being able to filter the results to generate reports. I still like my reports though, especially the vulnerability matrix. I also like creating the quick Nmap CSV files as well as loading Kismet into a database to run queries (no reporting yet). I also added an import for Dumpsec and so far have a simple report that tells me password age.<\/p>\n I created Project RF to have a reporting framework that provides consistent reports for various vulnerability scanning tools.\u00a0 The project started with support for Nessus, Eeye Retina, and Nmap expanded with reporting for HP WebInpect,\u00a0 AppScan AppDetective, Kismet, and GFI Languard.\u00a0 This project is still in its alpha stages as I’m not a top notch web program developer.\u00a0 Scan results are exported to XML which is then uploaded, parsed, and imported into a backend MySQL database.\u00a0 I have found this framework very useful in generating reports for my workpapers.<\/p>\n I have created an updated and stripped down version of the framework for the latest Nessus XML.\u00a0 All the work was done redoing the Nessus support for the updated XML with additional reporting features.\u00a0 I’ve created this document<\/a> (http:\/\/www.jedge.com\/docs\/install%20Project%20RF.pdf) to assist in setting up the framework. As time permits I will include import options for XML reports generated from WebInspect, AppDetective, Nmap, & Kismet. The current parse code I have does not support the latest XML for those tools.<\/p>\n 12.11.2013 code can be found here<\/a>. (http:\/\/www.jedge.com\/docs\/projectRF.12.11.2013.zip)<\/p>\n 9.12.2013 code can be found here<\/a>. (http:\/\/www.jedge.com\/docs\/projectRF.9.12.2013.zip)<\/p>\n Old Old code can be found here <\/a>(http:\/\/www.jedge.com\/docs\/projectRF.tar.gz).<\/p>\n <\/p>\n Change Log<\/p>\n 12.11.2013 – I made the exploit table even less crappy and included the new XML elements around core, canvas, and d2 elliot frameworks. \u00a0I added “Show more\/Show less” options for the vulnerability site indexes (CVE, BID, etc) \u00a0I noticed that listing them all out can create one long report and who really needs to have the links for all 30 CVEs around java anyway \ud83d\ude42 \u00a0Lastly I include any JS and CSS in the HTML instead of linking to a file. \u00a0This makes one neat file\/report when you save the HTML as a file in any browser. \u00a0No more stupid folder with all the “files”. \u00a0I’ve also made some changes to the Executive report. \u00a0You now have an option to report on Nessus Plugin or CVE total. \u00a0Look for BID, OSVDB, etc in the near future.<\/p>\n Oh, and lastly…the Nessus Vuln Matrix is broken as I need to update the code to reflect all the changes. \u00a0It mostly centers around the CVSS field breaking out into four elements.<\/p>\n 9.12.2013 – Nessus: \u00a0Someone pointed out that there was no option to have the Solution show up in the report (fixed). \u00a0There have been changes to the database fields. \u00a0Some fields were to small and data was getting truncated. \u00a0Made the Exploit table look pretty (or not as crappy). \u00a0See Also actually creates the links properly.<\/p>\n Nmap: \u00a0There is a CSV you can create that combines results from Nessus and Nmap. \u00a0Nmap is better at service detection and Nessus is better at OS detection.<\/p>\n 3.6.2013 – I still work on this shit. Especially since I’m a full time pen tester again and create scripts for reporting.<\/p>\n 7.12.2011 – Redid the Nessus compliance parser so it actually works.\u00a0 It was tested on an audit file created by the i2a tool.\u00a0 The report created is still crude but you can dump the info to CSV for analysis.<\/p>\n 7.4.2011 – When the Nessus reports are parsed I calculate the scan start and end time and include that in the nessus_results table.\u00a0 Why the Nessus XML files does not have this I don’t know.\u00a0 This is now used to make each scan unique and I hope to include reporting that shows progress on patching vulnerabilities.\u00a0 We shall see.<\/p>\n","protected":false},"excerpt":{"rendered":" 9.1.2015 – Finally got things setup on GitHub after Google Code decided to shut down. https:\/\/github.com\/jamesedgejr\/projectrf 3.12.2014 – Moved upkeep of this project to Google Code as people have asked to assist with the project. \u00a0Also you will be able to get the latest code as I make changes which is all the time. \u00a0Email […]<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"open","ping_status":"open","template":"","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"class_list":["post-62","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/www.jedge.com\/wordpress\/wp-json\/wp\/v2\/pages\/62","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.jedge.com\/wordpress\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.jedge.com\/wordpress\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.jedge.com\/wordpress\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.jedge.com\/wordpress\/wp-json\/wp\/v2\/comments?post=62"}],"version-history":[{"count":39,"href":"https:\/\/www.jedge.com\/wordpress\/wp-json\/wp\/v2\/pages\/62\/revisions"}],"predecessor-version":[{"id":961,"href":"https:\/\/www.jedge.com\/wordpress\/wp-json\/wp\/v2\/pages\/62\/revisions\/961"}],"wp:attachment":[{"href":"https:\/\/www.jedge.com\/wordpress\/wp-json\/wp\/v2\/media?parent=62"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}![\"\"](\"http:\/\/www.jedge.com\/images\/nessus.new.version.screen.small.png\")
<\/a>![\"\"](\"http:\/\/www.jedge.com\/images\/projectRF_1.png\")
<\/a>![\"\"](\"http:\/\/www.jedge.com\/images\/projectRF_2.png\")
<\/a><\/p>\n\n
![\"\"](\"http:\/\/www.jedge.com\/images\/projectRF_matrix.png\")
<\/a><\/dt>\n![\"\"](\"http:\/\/www.jedge.com\/images\/projectRF_executive_1.png\")
<\/a>