Automated Nessus vulnerability scanning
Since Nessus 6, automation of the Nessus scanner is very limited. This project uses the limited capabilities of the shipped API to build an automated workflow for vulnerability management.
The API is abstracted into Python objects, all http requests are handled in the background.
Set up a connection to the nessus backend by providing your login credentials in the config.json
file:
from nesspy import ConnectionManager
with open('config.json', 'r') as infile:
config = json.load(infile)
nessus = ConnectionManager(**config)
List all scans saved in the backend
scans = nessus.list_scans()
print(scans)
id | name | creation_date | status | |
---|---|---|---|---|
0 | 8 | My Basic Network Scan | 1595850410 | completed |
1 | 11 | Discovery | 1595589928 | completed |
Export a .nessus/xml file
xml_string = nessus.export_scan(8)
print(xml_string)
<?xml version="1.0" ?>\n<NessusClientData_v2>\n<Policy><policyName>Basic Network Scan</policyName>\n<Preferences><ServerPreferences><preference><name>scan.enable_utf8_output</name>\n<value>no</value>\n</pr
Export a .csv file
from nessus_parser import parser
cvs = parser(xml)
print(csv)
- Install & run the Nessus Scanner on your local machine.
- Start/schedule a vulnerability scan on the webinterface (default: https://localhost:8834)
- Run the export automation script
- Run the parser scripts to generate a sanitized .csv file
- Import the .csv into your favorite monitoring platform (tested with Splunk)
Under active development, limited functionality.
- Nessus (tested with 8.11.0)
- Python 3.x
- packages from requirements.txt
This package builds on previous work:
Autonessus is a python2 cli-interface to nessus https://github.com/redteamsecurity/AutoNessus