Skip to content
/ NessusNibbler Public

🔍 NessusNibbler: An easy-to-use Nessus parser that extracts specific findings and data from your .nessus files, helping you swiftly discover missing patches and outdated software.

License

Apache-2.0 license
4 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

W-GOULD/NessusNibbler

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

23 Commits

__pycache__

__pycache__

 
 

static

static

 
 

templates

templates

 
 

uploads

uploads

 
 

utils

utils

 
 

.gitignore

.gitignore

 
 

Dockerfile

Dockerfile

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

app.py

app.py

 
 

main.py

main.py

 
 

requirements.txt

requirements.txt

 
 

styles.py

styles.py

 
 

Repository files navigation

NessusNibbler

This is a Nessus parser tool that can be used through a command line interface or a web application, that processes XML exports from the Nessus vulnerability scanner and generates an output in .docx or .txt format. The script filters Microsoft patches and third-party vulnerabilities, processes unquoted service path vulnerabilities, and explores Nessus files to collect relevant data.

Features

  • Parses Microsoft patches and third-party vulnerabilities.
  • Processes unquoted service path vulnerabilities.
  • Outputs in .docx or .txt format.
  • Explores Nessus files to collect relevant data.

Requirements

  • Python 3.x
  • python-docx library
  • Flask
  • An XML export file from Nessus

To install the python-docx library and Flask, run the following command:

pip install python-docx Flask

Usage

  1. Clone the repository or download the nessus_parser.py script and the styles.py script.
  2. Place the Nessus XML export file in the same directory as the scripts.
  3. Run the script with the appropriate command line arguments.
python nessus_parser.py -f input.nessus -o output.docx

Command Line Arguments

-f, --file          The Nessus XML file to parse
-o, --output        The output file (either .docx or .txt)
-m, --microsoft     Include Microsoft patches in the output
-t, --third-party   Include third-party vulnerabilities in the output
-u, --unquoted      Include unquoted service path vulnerabilities in the output

Web Application

The web application provides a user-friendly interface for parsing and analyzing .nessus files. It is built using Flask and can be run inside a Docker container. You can find the source code for the web application in app.py.

Running the web application with Docker

To run the web application using Docker, follow these steps:

  1. Install Docker on your system, if you haven't already.

  2. Build the Docker image:

$ docker build -t nessusnibbler .
  1. Run the Docker container:
$ docker run -d -p 8000:8000 nessusnibbler

The web application will be accessible at http://localhost:8000.

Web Application Features

The web application offers the following features:

  • Upload .nessus files.
  • View and manage uploaded files.
  • Parse and analyze .nessus files using various filters.
  • Export the results in different formats (e.g., CSV, JSON, etc.).
  • Explore and search .nessus files based on various criteria.

Refer to the code in app.py for more details about the implementation of these features.

Dockerfile

The Dockerfile is provided for building the Docker image of the web application. The Dockerfile sets up a Python 3.9 environment, installs the required packages from requirements.txt, copies the application files, and runs the application.

About

🔍 NessusNibbler: An easy-to-use Nessus parser that extracts specific findings and data from your .nessus files, helping you swiftly discover missing patches and outdated software.

Topics

python docker flask security parser nessus

Resources

Readme

License

Apache-2.0 license
Activity

Stars

4 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages