_ _ ____
| \ | | ___ ___ ___| _ \ _ _
| \| |/ _ \/ __/ __| |_) | | | |
| |\ | __/\__ \__ \ __/| |_| |
|_| \_|\___||___/___/_| \__, |
|___/
NessPy is a powerful Python script designed to streamline vulnerability management and security assessments with Nessus. Leveraging the capabilities of Tenable's Nessus vulnerability scanner, this tool provides a seamless interface to interact with Nessus via its RESTful API.
-
Automated Scanning: Easily initiate vulnerability scans across your network, servers, and applications with just a few lines of Python code. Automate the process of identifying security weaknesses in your systems.
-
Customization: Tailor scans to your specific needs by configuring scan policies, targets, and scan options. Flexibility is at your fingertips to adapt to your organization's unique requirements.
-
Ease of Use: Designed with simplicity in mind, the script offers a user-friendly interface to interact with the Nessus API. Documentation and code examples make it accessible for both beginners and experienced developers.
-
Security Auditing: Conduct regular security audits to identify and mitigate vulnerabilities proactively.
-
Compliance Reporting: Generate compliance reports (e.g., PCI DSS, CIS) to meet regulatory requirements.
Feel free to customize this tool to better suit your use cases.
1. Tested on Tenable Nessus Professional version 10.6.0 (#103) LINUX and version 10.6.1 (#21) WINDOWS
2. Python 3
git clone https://github.com/binderlabs/NessPy.git
cd NessPy
pip3 install progressbar requests argparse termcolor beautifulsoup4 XlsxWriter openpyxl datetime regex
Symbolic link the script to /usr/bin directory:
chmod +x /opt/NessPy/nesspy.py
sudo ln -s /opt/NessPy/nesspy.py /usr/bin/nesspy
Remember to change the url, username, password, path, compliance_path & previous_audit_path in nesspy.py.
nesspy -l
nesspy -t 127.0.0.1 -p 'my policy' -n 'My First Scan' -f 'Nessus Folder' -e 'csv,nessus,html'
(NOTE: Exported Report(s) will be stored on output/ directory.)
nesspy -T list.txt -p 'my policy' -n 'My First Scan' -f 'Nessus Folder' -e 'nessus' -o 'production-list'
(NOTE: No need to specify file extension in output filename.)
for i in `cat list.txt`; do nesspy -t $i -p 'custom policy' -f 'Nessus Folder' -e 'csv,html,nessus' -o $i;done
(NOTE: refer to list.txt attached in this repository for the format)
(NOTE: if -n nessus scan name is not provided, target ip address will be used.)
nesspy -t 192.168.173.156 -p 'RH7_Compliance' -e 'csv,html,nessus' -o 'compliance_assessment_192.168.173.156' -f 'compliance_folder' -c
- Allow users to export different types of reports
- Allow users to run different types of scans instead of just policy scan.
- Email
erictee2802@gmail.comfor any recommandations, hopefully your mail is not in my junk folder. LOL.