python-libnessus
python-libnessus copied to clipboard
savon-noir
Python Nessus Library - libnessus is a python library to enable devs to chat with nessus XMLRPC API, parse, store and diff scan results. It's wonderful.
python-libnessus
Code status
|Build Status| |Coverage Status| |Landscape Status|
IMPORTANT NOTICE
Since I'm a bit lacking of time to maintain this code, I handed over the developpement and code maintenance to @bmx0r; who was anyway maintaining and improving it since almost the beginning :p
Consequently, ensure to check his repository (https://github.com/bmx0r/python-libnessus/) and pull requests or clone from it.
https://github.com/bmx0r/python-libnessus
Thanks @bmx0r!
About
libnessus is a python library to manipulate nessus process and data.
libnessus is what you were looking for if you need to implement the following:
- manipulate nessus scans results to do reporting
- compare and diff nessus scans
- store nessus scans in a datastore (mongo and Elasticsearch supported)
In the future we might implement something to discuss with nessus API
- automate or schedule nessus scans on a regular basis
- batch process scan reports
Install
Dependencies : You might need jsonpickle,elasticsearch,pymongo if you want to use the backend plugins
You can install libnmap via pip::
pip install libnessus
or via git::
$ git clone https://github.com/bmx0r/python-libnessus.git
$ cd python-libnessus
$ python setup.py install
Model
NessusReport:
.. code-block:: pyton
In [32]: report = NessusParser.parse_fromfile('/home/vagrant/python-libnessus/libnessus/test/files/nessus_forgedReport_ReportItem.nessus') In [33]: report? Type: NessusReport String form: localpci 1 0:00:05 File: /home/vagrant/python-libnessus/libnessus/objects/report.py Docstring: This class represent a Nessus repport, it aims to manipulate in a easy way the content, and present some metadata Init docstring: Description: Constructor of NessusReport :param name: name of the report :type name: str :param hosts: list of NessusReportHost :type hosts: list :return: NessusReport :rtype: NessusReport
NessusReportHost:
.. code-block:: pyton
In [34]: host = report.hosts[0] In [35]: host? Type: NessusReportHost String form: 127.0.0.1 127.0.0.1 {'patch-summary-txt-79ed019e4b6ec5267fd968e511eccdb2': 'CentOS 6 : libtirpc ( <...> 2cda94fbf08': 'CentOS 5 / 6 : libxml2 (CESA-2013:0581): Update the affected libxml2 packages.')'} 5 File: /home/vagrant/python-libnessus/libnessus/objects/reporthost.py Docstring: Description: Represent an object NessusReportHost in a nessus xml
NessusReportItem:
.. code-block:: pyton
In [36]: reportitem = host.get_report_items[3] In [37]: reportitem? Type: NessusReportItem String form: 10544:Linux Multiple statd Packages Remote Format String 4 File: /home/vagrant/python-libnessus/libnessus/objects/reportitem.py Docstring: This class represent a ReportItem in the nessus xml Init docstring: Constructor of Vulnerability :param vuln_info: dict of vulnerabities as generated by NessusParser.parse_reportitem :type vuln_info: dict
Examples
Here's a basic example:
.. code-block:: pyton
Parse a nessus report from xml and save it in Elastic search
In [1]: from libnessus.parser import NessusParser In [3]: from libnessus.plugins.backendplugin import NessusBackendPlugin In [4]: from libnessus.plugins.backendpluginFactory import BackendPluginFactory In [5]: url = {'plugin_name': "es"} In [6]: backend = BackendPluginFactory.create(**url) In [7]: nessus_obj_list = NessusParser.parse_fromfile('/home/vagrant/python-libnessus/libnessus/test/files/nessus_forgedReport_ReportItem.nessus') In [8]: rc = nessus_obj_list.save(backend) In [9]: rc Out[9]: 2275333 In [10]: backend Out[10]: <libnessus.plugins.es.NessusEsPlugin at 0x1dcc790> In [11]: nessus_obj_list Out[11]: localpci 1 0:00:05 #retrieve the report from ES In [15]: ff = backend.get("2275333") In [16]: ff Out[16]: localpci 1 0:00:05
.. |Build Status| image:: https://travis-ci.org/bmx0r/python-libnessus.png?branch=master :target: https://travis-ci.org/bmx0r/python-libnessus
.. |Coverage Status| image:: https://coveralls.io/repos/bmx0r/python-libnessus/badge.png?branch=master :target: https://coveralls.io/r/bmx0r/python-libnessus?branch=master
.. |Landscape Status| image:: https://landscape.io/github/bmx0r/python-libnessus/master/landscape.svg?style=flat :target: https://landscape.io/github/bmx0r/python-libnessus/master :alt: Code Health
Metadata
Owner
savon-noir
Metadata
Python Nessus Library - libnessus is a python library to enable devs to chat with nessus XMLRPC API, parse, store and diff scan results. It's wonderful.