Downloaded 24 times
Uploaded byNetwork Intelligence India
XML Interfaces to the popular Nessus Scanner
The document discusses the Nessus vulnerability scanner, detailing its capabilities in network testing, system audits, and compliance assessments. It emphasizes the need for automation and custom reporting using XML-RPC APIs in various programming languages like Python, Perl, and Ruby. The presentation also highlights the integration of Nessus with other tools for improved reporting and vulnerability management.
More Related Content
![[OWASP Poland Day] Application frameworks' vulnerabilities](https://cdn.slidesharecdn.com/ss_thumbnails/wd-applicationframeworksvulns-pub-171003211201-thumbnail.jpg?width=640&height=640&fit=bounds)
Similar to XML Interfaces to the popular Nessus Scanner
More from Network Intelligence India
![Vibe Coding vs. Spec-Driven Development [Free Meetup]](https://cdn.slidesharecdn.com/ss_thumbnails/vibecodingvsspecdrivendevelopment-251209105622-43f455e7-thumbnail.jpg?width=640&height=640&fit=bounds)
![Coded Agents – with UiPath SDK + LangGraph [Virtual Hands-on Workshop]](https://cdn.slidesharecdn.com/ss_thumbnails/codedagentsdeck-251215155422-5497c599-thumbnail.jpg?width=640&height=640&fit=bounds)
XML Interfaces to the popular Nessus Scanner
- 1. XML Interfaces tothe Popular Nessus Scanner Rajesh Deo Network Intelligence India Pvt. Ltd. 29/03/2012 NULL Mumbai Chapter
- 2. The Venerable NessusScanner • A comprehensive vulnerability scanner • Can perform network tests, system audits, patch management, compliance tests such as PCI DSS, SCADA vulnerability audits, and so on… • Proprietary - Tenable Network Security • Started by Renaud Deraison in 1998 to provide to the Internet community with a free remote security scanner similar to SATAN and NetSaint. • Nessus 5.0 was released on Feb 15th, 2012. • http://www.nessus.org/products/nessus
- 3. Open-source Tools • Perl/Net::Nessus::XMLRPC • Vlatko Košturjak • http://search.cpan.org/~kost/Net-Nessus-XMLRPC- 0.30/lib/Net/Nessus/XMLRPC.pm • Perl 5 License (Artistic 1 & GPL 1) • https://github.com/kost/nessus-xmlrpc-perl • Also develops similar library for Rapid 7’s NeXpose • Ruby/nessus-xmlrpc • http://nessus-xmlrpc.rubyforge.org/ • GPL/BSD, by author of Net::Nessus::XMLRPC • Python/nessus-xmlrpc • http://code.google.com/p/nessusxmlrpc/ • Apache License 2.0 • Kurtis Miller
- 4. Why do weneed these tools? • Automation • Automation • Automation • Custom reporting • Custom reporting • Custom reporting • XML/XSL • XPATH/XQUERY • CLI • http://seclists.org/metasploit/2010/q3/378 • Bridges to awesome software • By Zate Burg
- 5. Why are weusing Python/nessus- xmlrpc? • I know Python a little bit • Matplotlib for charting/graphs • Numpy/SciPy or Interface to R for numerical computations and statistics. • Not as well developed as Perl/Ruby modules but pretty close • Last upload in Dec. 2010 • There is scope to contribute... • ..and perhaps integrate with different tools
- 6. Automation: XML-RPC APIin Ruby • Write custom scripts, simple one-off tools • Monitor long-running scans • Get reports in XML for parsing and custom reporting. • Large similarity between Perl and Ruby APIs.
- 7. CLI for shelllovers • Automate with your favorite shell: Bash, Tcsh, Zsh • Grep, sed and awk • With an XML/RPC interface you can tunnel your scan requests to your central Nessus server with professional feed over SSH/HTTPS directly from within python/perl/ruby. • Great for doing external penetration tests.
- 8. Multiple Targets? • HomeFeed limits you to 15 targets only at a time, good enough for development. • XML-RPC interface same between Professional Feed and Home Feed. Multiple targets separated by “,” or “n”
- 9. Automation with Python Email and xsltproc • Possibilities • Have report emailed to management desktop • Write custom xsl reports, process with xsltproc on Linux. • Import into CMS solutions
- 10. The XML-RPC Interfacefor Nessus • Partially documented • http://www.tenable.com/documentation/nessus_XMLRPC_proto col_guide.pdf • An unofficial test.html from Renaud Deraison is here • http://nessus-xmlrpc.rubyforge.org/test.html • An update to XML docs will be available in a week, last post 2 days ago. • https://discussions.nessus.org/message/14693;jsessionid=E2130 C8DA7ACFC58DC1850D9EFE828FE • http://blog.upbeat.fr/tagged/Nessus? • Unofficial documentation on .nessus v2 XML report format • Automation using wget • But please use ruby/perl/python interfaces, far cleaner and you can add custom features.
- 11. Nessus v2 XMLreport format Vulnerability • Microsoft Excel is your friend References Host Inventory Is there a Metasploit module for this?
- 12. Custom Reports: MSPatches With python use lxml, output to csv, xls, sql, html or xml again! Python constructs make it easy to write clean code.
- 13. Vulnerability Management/Delta Reporting • Seccubus:http://seccubus.com/ • Seccubus automates regular vulnerability scans with Nessus and OpenVAS and provides delta reporting. • Frank Breedijk • Perl/Javascript based. • Need to integrate custom reporting with change management and inventory management etc. • Bridges to proprietary software: SharePoint, MS SQL Server, integration into standard business workflows of IT departments. Both Perl/Python provide modules to generate standard business format documents.
- 14. Improve the tools •Goals: Integration • Custom reports • Python/XML foo OK. • We are doing one-off scripts right now. • Reporting/Tracking should not be painful • Web-based reports best • Export to PDF • Summarize and drill down interactive capability • Need awesome reporting and charting capability • Ruby/Ruport • J-Query/Ext JS/Node.js • Java/Processing
- 15. Questions? Please send us your ideas/comments/questions at rajesh.deo@niiconsulting.com Acknowledgements: Tuhin Goswami Our esteemed client where we implemented some of the tools presented. Wasim Halani and K. K. Mookhey for guidance.