{"id":13841884,"url":"https://github.com/patrickhener/gonh","last_synced_at":"2025-07-11T13:32:54.927Z","repository":{"id":47725974,"uuid":"388097674","full_name":"patrickhener/gonh","owner":"patrickhener","description":"Nessus Parser and query tool written in go","archived":false,"fork":false,"pushed_at":"2023-03-13T11:28:17.000Z","size":33,"stargazers_count":3,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"main","last_synced_at":"2024-08-05T17:29:41.866Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/patrickhener.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-07-21T11:41:23.000Z","updated_at":"2023-05-16T14:40:38.000Z","dependencies_parsed_at":"2024-06-20T21:51:01.052Z","dependency_job_id":"b58c498d-2f30-4003-a280-429cb8da9011","html_url":"https://github.com/patrickhener/gonh","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/patrickhener%2Fgonh","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/patrickhener%2Fgonh/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/patrickhener%2Fgonh/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/patrickhener%2Fgonh/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/patrickhener","download_url":"https://codeload.github.com/patrickhener/gonh/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":225729740,"owners_count":17515158,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-04T17:01:23.447Z","updated_at":"2024-11-21T12:30:34.766Z","avatar_url":"https://github.com/patrickhener.png","language":"Go","funding_links":[],"categories":["Go"],"sub_categories":[],"readme":"## Go Nessus Helper (gonh)\n\n# Motivation\n\nThis tool was motivated by a tool I know and I used to use within my daily routine as a pentester. I reimplemented this tool using go as a coding language and tweaked it to my liking.\n\n# Installation\n\nAll you need to do is either build it and use `gonh` from the root directory\n\n```bash\ngit clone https://github.com/patrickhener/gonh\ngo build .\n```\n\nor you install it to your gopath like\n\n```bash\ngo install .\n```\n\nInstead of cloning the repo you could also just do\n\n```bash\ngo get -u github.com/patrickhener/gonh\ngo install github.com/patrickhener/gonh@latest\n```\n# Usage\n\nBasically the usage page says it all\n\n```bash\nUsage: gonh -mode [query|portscan|write|list] -in /path/to/nessus-files/(file.nessus)\n\nThere are 4 valid modes, which are query, portscan, write and list.\n\n\nQuery\n=====\nThis mode will let you query different things in a collection of .nessus files and give you output like a table or a list.\nIt will print the results to standard out.\n\nUse -q for a querystring like: -q pluginid=18763,19928,29931\n\nValid query words are:\n  - ip\n  - port\n  - pluginid\n  - pluginname\n  - sev (non, low, med, hig, cri)\n\nThose query words can also be combined with 'and' and 'or'. Also it can be negated by using 'not'. In addition severity can be used like: sev\u003e=med.\n\nOutput Format:\n\nThe output format is somewhat content sensitive. So if ports of the matched hosts are not all the same, gonh will output a table. Otherwise it will output a list. For example if you query ssl and it matches hosts on port 443 and 8443 this will be a table.\n\nIf you want to overwrite what output format to use, you can do -t /path/to/template.file to use a custom template. For templating reference see README.md.\nIf you do not provide a custom template gonh will use an embedded one.\n\nExamples:\n\ngonh -mode query -in /my/project/nessus-files/specific-file.nessus -q \"pluginname=ssl and port=443\"\ngonh -mode query -in /my/project/nessus-files -q \"pluginid=15985,25216,100464 or pluginname=\"samba\" and sev\u003e=hig or pluginname=samba and not sev=non\"\ngonh -mode query -in /my/project/nessus-files -q \"pluginid=12345\" -t mycustom.tmpl\n\n\nPortscan\n========\nPortscan will display all scanned and identified ports as table. It is more or less a shortcut to '-mode query -q \"pluginid=11219,34277\"'. It can also take a custom table template via -t /path/to/custom/table.file.\n\nExamples:\n\ngonh -mode portscan -in /my/project/nessus-files\n\nWrite\n=====\nWrite will take in a predefined template file and will substitute special 'markers' with the output of the corresponding query.\n\nUse -t to define a /path/to/template.file and -out /path/to/output.file as an output file.\nThis module will also show you which plugins are not matched (processed) by your template. It will only show everything with the severity of Medium to Critical.\nNone and Low will be omitted.\n\nThe template has to have a 'marker' following a query in it to be able to substitute with content. This marker looks like this:\n\n%%%GONH:\u003cquery\u003e\n\nValid marker:\n\n%%%GONH:pluginid=97994\n\nYou can use those marker like in the query function above:\n\n%%%GONH:pluginname=PHP and sev\u003e=med\n\nYou can also include the module portscan into the module write by using:\n\n%%%GONH:portscan\n\nOutput Format:\n\nAgain you can define custom templates to be used as list and table if you provide a specific marker at the very first line of your template input file.\n\n%%%GONH:list=/path/to/list.tmpl,table=/path/to/table.tmpl\n\nYou will need to provide both, as the write module will substitute the content using the content-sensitive output.\n\nExample:\n\ngonh -mode write -in /my/project/nessus-files -t /my/project/template-file.md -out /my/outdir/output-file.md\n\nList\n====\nList does just list all plugins sorted by serverity, as you would get from the write module at the end with all unmatched plugins. This is to get a brief overview of what findings are in the nessus files.\n```\n\n# Templating\n\nAs described in the usage page you can provide custom templates to be used. `gonh` uses the go templating engine. As an example here are the two embedded templates.\n\n**list.tmpl**\n```go\n{{ range .FindingLines }}- {{ .Host }}\n{{ end }}\n```\n\n**table.tmpl**\n```go\n| Host | Port |\n| --- | --- |\n{{ range .FindingLines }}| {{ .Host }} | {{ .AffectedPorts }} |\n{{ end }}\n```\n\nSo as you can see it just loops over the input `FindingLines` and displays it either as a Markdown formatted list or table.\n\nThe input struct which is handed to the template looks like this:\n\n```go\ntype TemplateInput struct {\n\tHeader         match.Header\n\tMatchedPlugins []match.MatchedPlugin\n\tAllSamePorts   string\n\tFindingLines   []FindingLine\n}\n```\n\nHeader itself is\n\n```go\ntype Header struct {\n\tCalltime string\n\tQuery    string\n}\n```\n\nMatched plugins is a slice containing the queries matched plugins in this format:\n\n```go\ntype MatchedPlugin struct {\n\tID       string\n\tName     string\n\tSeverity string\n}\n```\n\nAllSamePorts will have a string like `80/tcp,443/tcp,8443/tcp` if the query results in all hosts having the same port(s).\n\nFindingLines is of type:\n\n```go\ntype FindingLine struct {\n\tHost          string\n\tAffectedPorts string\n\tComment       string\n}\n```\n\nHost is in format `ip (fqdn if resolved)`, AffectedPorts is in format `80/tcp, 443/tcp, 8443/tcp` and Comment will be in format `80/tcp:\u003cpluginid\u003e,\u003canother-pluginid\u003e|443/tcp:\u003cpluginid\u003e` for you to know where the finding came from.\n\nThis is an example for a more advanced template to be processed and output a table in LaTeX format:\n\n```go\n% All matched plugins\n% ==================={{ range .MatchedPlugins }}\n% {{ .ID }}: ({{ .Severity }}) {{ .Name }}{{ end }}\n% {{ if eq .AllSamePorts \"\"}}{{ else }}\n% Same Port(s) for all Systems:\n% {{ .AllSamePorts }}{{ end }}\n%\n% Metadata\n% ========\n% Calltime: {{ .Header.Calltime }}\n% Search: {{ .Header.Query }}\n\n\\begin{center}\n \\begin{tabularx}{\\linewidth{}}{ll}\n \\textbf{IP-Address} \u0026 \\textbf{Port} \\\\ \\toprule\n \\endhead\n \\bottomrule\n \\endfoot\n \\bottomrule\n \\endlastfoot\n{{ range .FindingLines }}\n{{ .Host }} \u0026 {{ .AffectedPorts }} \\\\ % {{ .Comment }}{{ end }}\n \\end{tabularx}\n\\end{center}\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpatrickhener%2Fgonh","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fpatrickhener%2Fgonh","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpatrickhener%2Fgonh/lists"}