https://github.com/savon-noir/python-libnessus

Python Nessus Library - libnessus is a python library to enable devs to chat with nessus XMLRPC API, parse, store and diff scan results. It's wonderful.
https://github.com/savon-noir/python-libnessus

Last synced: 9 months ago
JSON representation

Python Nessus Library - libnessus is a python library to enable devs to chat with nessus XMLRPC API, parse, store and diff scan results. It's wonderful.

• Host: GitHub
• URL: https://github.com/savon-noir/python-libnessus
• Owner: savon-noir
• License: other
• Created: 2013-10-06T19:14:00.000Z (over 12 years ago)
• Default Branch: master
• Last Pushed: 2023-02-10T21:30:11.000Z (about 3 years ago)
• Last Synced: 2024-04-16T13:18:30.059Z (about 2 years ago)
• Language: Python
• Homepage:
• Size: 811 KB
• Stars: 25
• Watchers: 4
• Forks: 17
• Open Issues: 3
• Metadata Files:
  • Readme: README.rst
  • Changelog: CHANGES.txt
  • License: LICENSE.txt

Awesome Lists containing this project

• awesome-csirt - python-libnessus - libnessus is a python library to enable devs to chat with nessus XMLRPC API, parse, store and diff scan results. It's wonderful. (Tools / Satellite)

README

          
python-libnessus

==============

Code status

-----------

|Build Status| |Coverage Status| |Landscape Status|

IMPORTANT NOTICE

================

Since I'm a bit lacking of time to maintain this code, I handed over the developpement and code maintenance to @bmx0r; who was anyway maintaining and improving it since almost the beginning :p

Consequently, ensure to check his repository (https://github.com/bmx0r/python-libnessus/) and pull requests or clone from it.

https://github.com/bmx0r/python-libnessus

Thanks @bmx0r!

About

-----

libnessus is a python library to manipulate nessus process and data.

libnessus is what you were looking for if you need to implement the following:

- manipulate nessus scans results to do reporting

- compare and diff nessus scans

- store nessus scans in a datastore (mongo and Elasticsearch supported)

In the future we might implement something to discuss with nessus API

- automate or schedule nessus scans on a regular basis

- batch process scan reports

Install

-------

Dependencies : 

You might need jsonpickle,elasticsearch,pymongo if you want to use the backend plugins

You can install libnmap via pip::

    pip install libnessus

or via git::

    $ git clone https://github.com/bmx0r/python-libnessus.git 

    $ cd python-libnessus 

    $ python setup.py install

Model

-----

NessusReport:

.. code-block:: pyton

  In [32]: report = NessusParser.parse_fromfile('/home/vagrant/python-libnessus/libnessus/test/files/nessus_forgedReport_ReportItem.nessus')

  In [33]: report?

  Type:           NessusReport

  String form:    localpci 1 0:00:05

  File:           /home/vagrant/python-libnessus/libnessus/objects/report.py

  Docstring:

  This class represent a Nessus repport, it aims to manipulate

  in a easy way the content, and present some metadata

  Init docstring:

  Description: Constructor of NessusReport

  :param name: name of the report

  :type name: str

  :param hosts: list of NessusReportHost

  :type hosts: list

  :return: NessusReport

  :rtype: NessusReport

NessusReportHost:

.. code-block:: pyton

  In [34]: host = report.hosts[0]

  In [35]: host?

  Type:        NessusReportHost

  String form: 127.0.0.1 127.0.0.1 {'patch-summary-txt-79ed019e4b6ec5267fd968e511eccdb2': 'CentOS 6 : libtirpc ( <...> 2cda94fbf08': 'CentOS 5 / 6 : libxml2 (CESA-2013:0581): Update the affected libxml2 packages.')'} 5

  File:        /home/vagrant/python-libnessus/libnessus/objects/reporthost.py

  Docstring:   Description: Represent an object NessusReportHost in a nessus xml

NessusReportItem:

.. code-block:: pyton

  In [36]: reportitem = host.get_report_items[3]

  In [37]: reportitem?

  Type:           NessusReportItem

  String form:    10544:Linux Multiple statd Packages Remote Format String 4

  File:           /home/vagrant/python-libnessus/libnessus/objects/reportitem.py

  Docstring:      This class represent a ReportItem in the nessus xml

  Init docstring:

  Constructor of Vulnerability

  :param vuln_info: dict of vulnerabities as generated by

  NessusParser.parse_reportitem

  :type vuln_info: dict

Examples

--------

Here's a basic example:

.. code-block:: pyton

  # Parse a nessus report from xml and save it in Elastic search

  In [1]: from libnessus.parser import NessusParser

  In [3]: from libnessus.plugins.backendplugin import NessusBackendPlugin

  In [4]: from libnessus.plugins.backendpluginFactory import BackendPluginFactory

  In [5]: url = {'plugin_name': "es"}

  In [6]: backend = BackendPluginFactory.create(\**url)

  In [7]: nessus_obj_list = NessusParser.parse_fromfile('/home/vagrant/python-libnessus/libnessus/test/files/nessus_forgedReport_ReportItem.nessus')

  In [8]: rc = nessus_obj_list.save(backend)

  In [9]: rc

  Out[9]: 2275333

  In [10]: backend

  Out[10]: 

  In [11]: nessus_obj_list

  Out[11]: localpci 1 0:00:05

  #retrieve the report from ES 

  In [15]: ff = backend.get("2275333")

  In [16]: ff

  Out[16]: localpci 1 0:00:05

.. |Build Status| image:: https://travis-ci.org/bmx0r/python-libnessus.png?branch=master

   :target: https://travis-ci.org/bmx0r/python-libnessus

.. |Coverage Status| image:: https://coveralls.io/repos/bmx0r/python-libnessus/badge.png?branch=master 

   :target: https://coveralls.io/r/bmx0r/python-libnessus?branch=master

   

.. |Landscape Status| image:: https://landscape.io/github/bmx0r/python-libnessus/master/landscape.svg?style=flat

   :target: https://landscape.io/github/bmx0r/python-libnessus/master

   :alt: Code Health