nessus-parser

This tool is a fork of the Nessus Report Parser by Simon Beattie (https://github.com/simonbt/nessus-report-parser)

My version of parser adds custom messages customization (based on regular expressions) to classify vulnerabilities found.

It allows to create reports that present meaningful, shorter reports instead of a huge detailed pdf documents.

REQUIREMENTS:

apache2
PHP 5.4+
php5-mysql
mysql-server

INSTALLATION:

For Kali Linux:

# apt-get install php5 apache2 php5-mysql mysql-server git

# systemctl enable apache2 ;  systemctl start apache2

# systemctl enable mysql ;  systemctl start mysql

# cd /var/www/html/

Clone the repository:

# git clone https://github.com/sglusnevs/nessus-report-parser-bulk

# cd /var/www/html/nessus-report-parser

Make uploads folder writable:

# chmod -R a+rwx /var/www/html/nessus-report-parser/Library/uploads/

Create MYSQL Database

# mysql -u root -p < Database/mysql_schema.sql

Create user for reports database

# echo 'CREATE USER "reports"@"localhost" IDENTIFIED BY "password";' | mysql -u root -p

# echo 'GRANT ALL PRIVILEGES ON reports.* TO "reports"@"localhost";' | mysql -u root -p

# echo 'FLUSH PRIVILEGES;' | mysql -u root -p

Configure System
    edit config.php with Database authentication details

Add host line within hosts file:
    sudo vi /etc/hosts
    ADD:

        127.0.0.1  reports.local

Edit the Apache Configuration:
    sudo vi /etc/apache2/sites-available/000-default.conf

    Find string starting with "DocumentRoot" and replace with:

        DocumentRoot /var/www/html/nessus-report-parser


    Add the following lines straight after that:

    <Directory /var/www/html/nessus-report-parser>
        Options Indexes FollowSymLinks MultiViews
        AllowOverride All
    </Directory>


    Enable Apache modules:

    # ln -s /etc/apache2/mods-available/rewrite.load  /etc/apache2/mods-enabled/

    # ln -s /etc/apache2/mods-available/php5.load  /etc/apache2/mods-enabled/

    Set the following in your php.ini: `upload_max_filesize = 2048M´, `post_max_size = 2048M´ to be able to upload huge reports

    # sudo vi /etc/php5/apache2/php.ini


Restart Apache
    sudo apachectl restart

Completed:
    You should now be able to navigate to the system: http://reports.local
    Default username and password is adminstvo:pa55word

UPDATING:

Run to pull all the latest changes:

# cd /var/www/html/nessus-report-parser

# git pull

CREATING NEW REPORTS:

    1. Add Nessus reports to drop-down in

    views/menus/nessusIndex.phtml

      <option value="report_tag/' . $report['id'] . '">report_name</option>

      2. Add Routes in Routes/reports.php

      3. Add SQL in Library/ReportData.php

      3. Add render into views/reports/<my_report>.phtml

KNOWN PROBLEMS:

In case if you experience problems trying to import large .nessus files, make sure you have enough RAM -- Python script performing import is pretty resource-intensive.

I recommend a decent VM with at least of couble Gigabytes of RAM.