### 2.1 Nessus Vulnerability Scan

## Table of Contents

1. [Objective](#objective)
   - Perform a vulnerability scan using Nessus and analyze the results.
   
2. [Import Libraries](#import-libraries)
   - Import required Python libraries: `nessrest`, `pandas`, `seaborn`, `matplotlib`.

3. [Connect to Nessus API and Authenticate](#connect-to-nessus-api-and-authenticate)
   - Authenticate with the Nessus API and list available scans.

4. [Launch a Vulnerability Scan](#launch-a-vulnerability-scan)
   - Start a vulnerability scan on a specific target and monitor its status.

5. [Retrieve Scan Results](#retrieve-scan-results)
   - Download the vulnerability scan results and convert them into a Pandas DataFrame.

6. [Visualize Vulnerability Severity Levels](#visualize-vulnerability-severity-levels)
   - Create a bar chart to show the distribution of vulnerabilities by severity.

7. [Identify High-Risk Vulnerabilities](#identify-high-risk-vulnerabilities)
   - Focus on critical vulnerabilities (severity 3 and 4) for remediation.

8. [Conclusion](#conclusion)
   - Summarize the results and discuss how to prioritize high-risk vulnerabilities.


### 2.1 Nessus Vulnerability Scan

### Overview
This notebook demonstrates how to perform a vulnerability assessment using Nessus, retrieve the scan results, and analyze the vulnerabilities identified. We'll visualize the severity of the vulnerabilities to help prioritize remediation efforts.

#### 1. Objective:
- Perform a vulnerability scan using Nessus, extract the scan results via the Nessus API, and analyze the vulnerabilities found.
Visualize the severity of vulnerabilities to focus on high-risk issues.

#### 2. Logic:
- We will use Nessus REST API (via `nessrest`) to interact with Nessus, launching a scan and retrieving results programmatically.
- The scan results, including the severity, plugin name, port, and description of vulnerabilities, will be stored in a Pandas DataFrame for easy manipulation and visualization.
- We'll use Seaborn and Matplotlib to create visualizations like bar charts to analyze vulnerabilities by severity.

##### Step 1: Import Libraries

In [None]:
# Import required libraries
from nessrest import ness6rest
import pandas as pd
import seaborn as sns
import matplotlib.pyplot as plt

# Display plots inline
%matplotlib inline

---

##### Step 2: Connect to Nessus API and Authenticate

In [None]:
# Connect to the Nessus server using the Nessus API
scan = ness6rest.Scanner(url="https://localhost:8834", login="your_username", password="your_password", insecure=True)

# List all available scans
scans = scan.action(action="scans")
print(scans)


##### Why is this important?
- Nessus API Access: Connecting to the Nessus server via the API allows you to programmatically interact with the vulnerability scanner.
- Automation: Once authenticated, you can launch, manage, and retrieve scan results without manual intervention, making this process highly scalable.
- Visibility: Listing all available scans helps you manage ongoing or completed scans from the Nessus server.

---

#### Step 3: Launch a Vulnerability Scan

In [None]:
# Launch a vulnerability scan on a specific target
scan_id = 1  # Replace with your scan ID
scan.action(action="launch", scanid=scan_id)

# Check the status of the scan
status = scan.action(action="status", scanid=scan_id)
print(f"Scan Status: {status['status']}")

#### Why is this important?
- Actionable Scans: Launching a vulnerability scan enables you to assess the security of a specific target (such as a server or network). You can customize the scan configuration based on your security needs.
- Real-Time Feedback: Monitoring the status of the scan ensures you are aware of the progress and when the scan results are ready for analysis.

---

#### Step 4: Retrieve Scan Results

# Retrieve the scan results
scan.action(action="status", scanid=scan_id)
results = scan.download_scan(scanid=scan_id)

# Convert the results to a Pandas DataFrame for analysis
vuln_data = []
for vulnerability in results['vulnerabilities']:
    vuln_data.append({
        'Plugin ID': vulnerability['plugin_id'],
        'Name': vulnerability['plugin_name'],
        'Severity': vulnerability['severity'],
        'Host': vulnerability['host_id'],
        'Port': vulnerability['port'],
        'Description': vulnerability['description']
    })

df_vulns = pd.DataFrame(vuln_data)
df_vulns.head()

#### Why is this important?
- Data Extraction: Once the scan is completed, retrieving the results allows you to access crucial vulnerability data, including which ports, services, and systems are affected.
- Structured Data: By storing the results in a Pandas DataFrame, you can easily filter, manipulate, and analyze the data for further insights, which is crucial for large-scale scans with many findings.

---

#### Step 5: Visualize Vulnerability Severity Levels

In [None]:
# Visualize the number of vulnerabilities by severity level
plt.figure(figsize=(10, 6))
sns.countplot(data=df_vulns, x='Severity', palette='coolwarm')
plt.title('Vulnerabilities by Severity Level')
plt.ylabel('Count')
plt.xlabel('Severity (0 = Info, 1 = Low, 2 = Medium, 3 = High, 4 = Critical)')
plt.show()

#### Why is this important?
- Visual Understanding: By visualizing vulnerabilities based on severity, you gain a clearer picture of the distribution of vulnerabilities across different levels (Info, Low, Medium, High, Critical).
- Prioritization: Critical and high-severity vulnerabilities should be prioritized for immediate remediation. This chart helps focus security efforts where they are needed most.


---

#### Step 6: Identify High-Risk Vulnerabilities

In [None]:
# Filter for high-risk vulnerabilities (severity = 3 or 4)
high_risk_vulns = df_vulns[df_vulns['Severity'] >= 3]

# Display high-risk vulnerabilities
high_risk_vulns[['Name', 'Port', 'Description']].head()

#### Why is this important?
- Focus on Critical Issues: Filtering for high-severity vulnerabilities (e.g., 3 = High, 4 = Critical) allows you to focus on the most dangerous and impactful issues first.
- Actionable Insights: By identifying critical vulnerabilities and their affected services/ports, you can prioritize patching and mitigation efforts to reduce the risk of exploitation.


---

#### Conclusion

In this notebook, we demonstrated how to:
1. Connect to the Nessus API and authenticate.
2. Launch a vulnerability scan on a target system.
3. Retrieve the scan results and analyze the identified vulnerabilities.
4. Visualize the number of vulnerabilities by severity level.

By analyzing high-risk vulnerabilities, you can prioritize remediation efforts to secure your network against the most critical threats.

#### Why is this important?
- Holistic View: By automating the entire process, from scan initiation to vulnerability analysis, you create a streamlined workflow for ongoing vulnerability management.
- Proactive Security: Identifying and acting on high-risk vulnerabilities ensures you are focusing your resources where they matter most, improving the overall security posture of your organization.