Create a gist now

Instantly share code, notes, and snippets.

Merging Nessus Files
# file: merger.py
# based off: http://cmikavac.net/2011/07/09/merging-multiple-nessus-scans-python-script/
# by: mastahyeti
import xml.etree.ElementTree as etree
import shutil
import os
first = 1
for fileName in os.listdir("."):
if ".nessus" in fileName:
print(":: Parsing", fileName)
if first:
mainTree = etree.parse(fileName)
report = mainTree.find('Report')
report.attrib['name'] = 'Merged Report'
first = 0
else:
tree = etree.parse(fileName)
for host in tree.findall('.//ReportHost'):
existing_host = report.find(".//ReportHost[@name='"+host.attrib['name']+"']")
if not existing_host:
print "adding host: " + host.attrib['name']
report.append(host)
else:
for item in host.findall('ReportItem'):
if not existing_host.find("ReportItem[@port='"+ item.attrib['port'] +"'][@pluginID='"+ item.attrib['pluginID'] +"']"):
print "adding finding: " + item.attrib['port'] + ":" + item.attrib['pluginID']
existing_host.append(item)
print(":: => done.")
if "nss_report" in os.listdir("."):
shutil.rmtree("nss_report")
os.mkdir("nss_report")
mainTree.write("nss_report/report.nessus", encoding="utf-8", xml_declaration=True)
@PepsiBlue14

Greetings,
Are you aware of any file size limitations? I have 200 files I'm attempting to combine that total 2GB.

@Gunstick

This does not work with python2.6 which is still the most installed version in production environment. Knowing no python, I'm doomed :-) I tried this, but it's growing over my head: http://stackoverflow.com/questions/13667979/python-2-6-1-expected-path-separator

@JonoDZ
JonoDZ commented Apr 5, 2016

This is great for smaller files, but i have 40 reports that push through to a 1Gb .nessus file. it takes a good 5Gb of RAM to run this. if anyone knows of a script that uses iterparse (or similar), it would be great to see.

@xcabax
xcabax commented Sep 28, 2016

This works perfect. I merged 56 reports with more than 25,000 hosts.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment