get_urls_from_nessus.py

import sys
from pathlib import Path
import lxml.etree as et
from ipaddress import ip_address, IPv6Address, IPv4Address

if len(sys.argv) < 2:
    print("usage: [script].py nessusfile.nessus")
    sys.exit(1)

file = sys.argv[1]

# TODO: this is so slow
# if isinstance(file, str):
#    file_path = Path(file)
#    content = file_path.read_text()
#else:
#    content = file.read().decode("utf-8")
#    file.close()

#tree = et.fromstring(content)

p = et.XMLParser(huge_tree=True)
tree = et.parse(file, parser=p)

HTTPS_PORTS = ["443", "8443"]
HTTP_PORTS = ["80", "8080", "1080", "5000", "8888"]


def is_https(elem):
    svc = elem.attrib.get("svc_name")
    port = elem.attrib.get("port")
    if svc == "https?" or port in HTTPS_PORTS:
        return True
    return False


def is_http(elem):
    svc = elem.attrib.get("svc_name")
    port = elem.attrib.get("port")
    if svc == "www" or svc == "http?":
        return True
    elif port in HTTP_PORTS:
        return True
    return False

def format_name(name):
    try:
        ip = ip_address(name)
        if isinstance(ip, IPv6Address):
            return f"[{name}]"
        return name
    except ValueError as ve:
        return name
    except TypeError as te:
        return name

URLS = []
for elem in tree.xpath("//ReportHost"):
    name = format_name(elem.attrib.get("name"))
    children = elem.getchildren()
    for child in children:
        if child.tag == "ReportItem":
            if is_https(child):
                port = child.attrib.get("port")
                u = f"https://{name}:{port}"
                if u not in URLS:
                    URLS.append(f"https://{name}:{port}")
            elif is_http(child):
                port = child.attrib.get("port")
                u = f"http://{name}:{port}"
                if u not in URLS:
                    URLS.append(f"http://{name}:{port}")

for u in URLS:
    print(u)