{"id":34319778,"url":"https://github.com/hammackj/risu","last_synced_at":"2026-03-17T16:03:02.434Z","repository":{"id":56885293,"uuid":"571896","full_name":"hammackj/risu","owner":"hammackj","description":"Risu is Nessus parser, that converts the generated reports into a ActiveRecord database, this allows for easy report generation and vulnerability verification.","archived":false,"fork":false,"pushed_at":"2025-11-24T23:15:02.000Z","size":3301,"stargazers_count":63,"open_issues_count":0,"forks_count":18,"subscribers_count":9,"default_branch":"master","last_synced_at":"2026-03-08T10:14:03.383Z","etag":null,"topics":["nessus","reporting","ruby","security","xml-parser"],"latest_commit_sha":null,"homepage":"http://hammackj.github.io/risu","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/hammackj.png","metadata":{"files":{"readme":"README.markdown","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.markdown","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2010-03-20T22:32:17.000Z","updated_at":"2025-08-23T00:56:43.000Z","dependencies_parsed_at":"2023-12-11T00:27:08.795Z","dependency_job_id":"ff7dece2-de51-40d2-b9a6-344cecac6949","html_url":"https://github.com/hammackj/risu","commit_stats":{"total_commits":2051,"total_committers":6,"mean_commits":341.8333333333333,"dds":"0.019502681618722595","last_synced_commit":"01341c450e20644ccf131515085b92f5a5e6ca1f"},"previous_names":[],"tags_count":36,"template":false,"template_full_name":null,"purl":"pkg:github/hammackj/risu","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hammackj%2Frisu","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hammackj%2Frisu/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hammackj%2Frisu/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hammackj%2Frisu/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/hammackj","download_url":"https://codeload.github.com/hammackj/risu/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hammackj%2Frisu/sbom","scorecard":{"id":453886,"data":{"date":"2025-08-11","repo":{"name":"github.com/hammackj/risu","commit":"7c18f703ddc5c6e9fd3b60e5f0b72f57522bf941"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":4,"checks":[{"name":"Maintained","score":10,"reason":"19 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Code-Review","score":0,"reason":"Found 0/30 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"SAST","score":0,"reason":"no SAST tool detected","details":["Warn: no pull requests merged into dev branch"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: containerImage not pinned by hash: docker/Dockerfile:2: pin your Docker image by updating ubuntu:18.04 to ubuntu:18.04@sha256:152dc042452c496007f07ca9127571cb9c29697f42acbfad72324b2bb2e43c98","Info:   0 out of   1 containerImage dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}}]},"last_synced_at":"2025-08-19T09:01:33.895Z","repository_id":56885293,"created_at":"2025-08-19T09:01:33.895Z","updated_at":"2025-08-19T09:01:33.895Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30626906,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-17T14:16:03.965Z","status":"ssl_error","status_checked_at":"2026-03-17T14:16:03.380Z","response_time":56,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["nessus","reporting","ruby","security","xml-parser"],"created_at":"2025-12-17T13:03:37.696Z","updated_at":"2026-03-17T16:03:02.430Z","avatar_url":"https://github.com/hammackj.png","language":"Ruby","readme":"# risu\n\n[![Gem Version](https://badge.fury.io/rb/risu.png)](http://badge.fury.io/rb/risu)\n[![Build Status](https://travis-ci.org/hammackj/risu.png?branch=master)](https://travis-ci.org/hammackj/risu)  \n[![Code Climate](https://codeclimate.com/github/hammackj/risu/badges/gpa.svg)](https://codeclimate.com/github/hammackj/risu)\n[![Inline docs](http://inch-ci.org/github/hammackj/risu.png)](http://inch-ci.org/github/hammackj/risu)\n\nRisu is [Nessus](http://www.nessus.org) parser, that converts Nessus .nessus xml files into a [ActiveRecord](http://api.rubyonrails.org/classes/ActiveRecord/Base.html) database, this allows for easy report generation and vulnerability verification.\n\n* [Requirements](#requirements)\n* [Installation](#installation)\n* [Usage](#usage)\n* [Contributing](#contributing)\n* [Issues](#issues)\n* [Contact](#contact)\n\n## Requirements\n\n### Ruby\nRisu has been tested with ruby-2.0.0, ruby-2.1.0 and ruby-2.2.3. Please use the latest version if possible. I recommend using [chruby](https://github.com/postmodern/chruby) or [RVM](https://rvm.io/) to setup your ruby environment.\n\n### RubyGems\nRisu relies heavily on [RubyGems](http://rubygems.org/) to install other dependencies I highly recommend using it. RubyGems is included by default in the 1.9.x versions of [Ruby](http://ruby-lang.org/).\n\n- libxml\n- rails\n- yaml\n- logger\n- rmagick\n- gruff\n- prawn\n- mysql2\n- nokogiri\n\n## Installation\nInstallation is really easy just gem install!\n\n\t% gem install risu\n\n## Installation with gem signature verification\n\n\t% gem cert --add \u003c(curl -Ls https://raw.github.com/hammackj/risu/master/certs/hammackj.pem\n\t% gem install risu -P MediumSecurity\n\n### Runtime Requirements\n\nThese are all available through [RubyGems](http://rubygems.org/). The should be installed automatically when you install risu, If not this command will install them all:\n\n\t% gem install rmagick gruff prawn yard mysql2 libxml-ruby rails sqlite3 logger yaml nokogiri\n\n**You my need sudo/root access depending on your system setup, Please see detailed install guides for your system!**\n\n### Developmental Requirements\n\nThese are all available through [RubyGems](http://rubygems.org/). These are required to run the tests, generate the documentation and test coverage. This command will install them all:\n\n\t% gem install simplecov yard minitest test-unit\n\n**You my need sudo/root access depending on your system setup, Please see detailed install guides for your system!**\n\nAny database that ActiveRecord supports should work. Risu has been tested with [MySQL](http://www.mysql.com/) and [SQLite3](http://sqlite.org/).\n\n## Usage\n\nThe following is some of the basic usage for risu. You must setup the database before you can start parsing in reports. All parsed reports share the same database, so all reports are combined as one inside of a database. I suggest a new database per required assessment.\n\n### Database Setup\n\n\t% risu --create-config\n\t% $EDITOR risu.cfg\n\t% risu --create-tables\n\n1. Generate the risu.cfg file.\n2. Edit the risu.cfg file, filling in the variables as needed.\n3. Migrate the database schema.\n\n### Parsing Nessus Output\n\n\t% risu report1.nessus [report2.nessus ...]\n\n1. Parse the files by passing their names on the command line.\n\n\n## Viewing Data\nThe data can be viewed with any query browser available for your database of choice.\n\n### Generating Reports\nTo generate a report please execute the following after the the data is parsed into the database.\n\n\t% risu -t \u003cTEMPLATE_NAME\u003e -o \"REPORT_NAME.pdf\"\n\n### Risu Console\n\nUsing the risu Console is just like using Rails. You can access all of the ActiveRecord models directly and pull specific data from each model. Like SQL only easier!\n\n\t$ risu --console\n\n\t      _\n\t _ __(_)___ _   _\n\t| '__| / __| | | |\n\t| |  | \\__ \\ |_| |\n\t|_|  |_|___/\\__,_|_\n\n\n\trisu Console v1.7.2\n\t\u003e\u003e Host.first\n\t=\u003e #\u003cRisu::Models::Host id: 1, report_id: 1, name: \"10.69.69.74\", os: \"Linux Kernel 2.6 on Debian 4.0 (etch)\", mac: \"XX:XX:XX:XX:XX:XX\", start: \"2011-04-20 16:29:37\", end: \"2011-04-20 16:32:14\", ip: \"10.69.69.74\", fqdn: \"redada.hammackj.net\", netbios: \"REDADA\", local_checks_proto: nil, smb_login_used: nil, ssh_auth_meth: nil, ssh_login_used: nil, pci_dss_compliance: nil, notes: nil\u003e\n\n## Templates\nSeveral templates are included, but is recommend you build your own based on what you need.\n\n\t$ risu -l\n    Available Templates\n        stig_findings_summary - DISA Stig findings summary report\n        pci_compliance - Generates a PCI Compliance Overview Report\n        technical_findings - Generates a Technical Findings Report\n        ms_patch_summary - Generates a Microsoft Patch Summary Report\n        findings_summary_with_pluginid - Generates a Findings Summary with Nessus Plugin ID\n        findings_host - Generates a findings report by host\n        exec_summary - Generates a simple executive summary.\n        finding_statistics - Generates report finding statistics\n        graphs - Generates a report with all the graphs in it\n        findings_summary - Generates a findings summary report\n        assets - Generates a Assets Summary Report\n        cover_sheet - Generates a coversheet with a logo (Example Template)\n        notable_detailed - Notable Vulnerabilities Detailed\n        ms_update_summary - Generates a Microsoft Update Summary Report\n        template - template\n        notable - Notable Vulnerabilities\n        ms_wsus_findings - Generates a report based on the findings of the Patch Management: WSUS Report plugin\n        exec_summary_detailed - Generates a detailed executive summary report\n        host_summary - Generates a Host Summary Report\n\t$\n\nThe templates are written in ruby using [prawn](http://prawn.majesticseacreature.com/), they are fairly easy to make. I will add any templates as requested. See the 'template' example for creating your own template.\n\n# Contributing\nIf you would like to contribute templates/bug fixes/etc to risu. The easiest way is to fork the project on [github](http://github.com/hammackj/risu) and make the changes in your fork and the submit a pull request to the project on the dev branch. Please include unit tests for anything non trivial.\n\n# Contact / Issues\nIf you have any problems, bugs, questions or feature requests please use the [github issue tracker](http://github.com/hammackj/risu/issues).\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhammackj%2Frisu","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fhammackj%2Frisu","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhammackj%2Frisu/lists"}