Created
August 2, 2018 09:18
-
-
Save nopslider/476d1f4dccd1bb9510274e9d848df826 to your computer and use it in GitHub Desktop.
Parse Nessus Files
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python3 | |
import xml.etree.ElementTree as ET | |
import argparse | |
import re | |
parser = argparse.ArgumentParser() | |
parser.add_argument("nessusfile") | |
parser.add_argument("-s","--severitylevel",type=int,choices=[0,1,2,3,4],default=1,help="Filter vulnerabilities of this severity level and lower") | |
parser.add_argument("-r","--regex",help="Filter vulnerabilities matching this regex (e.g. '/MS[0-9]{2}-[0-9]{3}/i')",default='.*') | |
parser.add_argument("-M","--metasploit",action='store_true',help="Only show vulnerabilites that can be exploited with Metasploit") | |
args = parser.parse_args() | |
regex = re.compile(args.regex) | |
severitydesc = ["INFO","LOW","MEDIUM","HIGH","CRITICAL"] | |
nessus = ET.parse(args.nessusfile) | |
nessusroot = nessus.getroot() | |
scanhosts = {} | |
for ip in nessusroot.iter('ReportHost'): | |
address = ip.attrib["name"] | |
scanhosts[address] = set() | |
for vuln in ip.iter('ReportItem'): | |
#<exploit_framework_metasploit>true</exploit_framework_metasploit> | |
if args.metasploit: | |
exploitable = vuln.findall('exploit_framework_metasploit') | |
if not exploitable: | |
continue | |
title = vuln.attrib['pluginName'] | |
severity = int(vuln.attrib["severity"]) | |
if severity >= args.severitylevel and regex.match(title): | |
scanhosts[address].add((title,severity)) | |
for host in scanhosts: | |
vulns = sorted(scanhosts[host], key = lambda element : element[1],reverse=True) | |
if len(vulns) > 0: | |
for vuln in vulns: | |
print("{}|{}|{}".format(host,vuln[0], severitydesc[vuln[1]])) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment