Script to transform the JSON output of Nuclei to a SQLite database.
This is a Node.js project that allows you to do X, Y, and Z. It takes input from a JSON file and performs specific actions based on the data provided. The program can be used for tasks like A, B, and C, making it useful for developers working on certain projects.
Create a Nuclei scan report in JSON format.
nuclei -tags cve -l targets_file.txt -j -o scan-report.jsonNow just pass the JSON file as argument to script.
node nuclei2sqlite.js path/to/your/scan-report.jsonReplace scan-report.json with the actual name of your JSON file.
Usage: nuclei2sqlite [options] <json_file_path>
Transform Nuclei JSON output to SQLite database
Options:
-c, --create Create the database
-d, --delete Delete existing records from the database
-h, --help display help for command
- Make sure you have Node.js and npm installed on your system.
- Clone this repository to your local machine.
- Navigate to the project directory in the terminal or command prompt.
- Run the following command to install the dependencies:
npm installSELECT ip,
host,
REPLACE(REPLACE(info_tags, '[', ''), ']', '') as tags,
extracted_results,
cve_id,
cwe_id,
cvss_metrics,
cvss_score,
description,
remediation,
info_name,
info_description,
REPLACE(REPLACE(info_reference, '[', ''), ']', '') as info_reference,
info_severity,
info_metadata_product,
info_classification_cpe
FROM scan_history
GROUP BY ip, host
ORDER BY
ip, host,
CASE info_severity
WHEN 'critical' THEN 1
WHEN 'high' THEN 2
WHEN 'medium' THEN 3
WHEN 'low' THEN 4
WHEN 'info' THEN 5
ELSE 6
END;
SELECT ip,
host,
extracted_results,
matcher_name,
meta,
info_name,
REPLACE(REPLACE(info_tags, '[', ''), ']', '') as tags,
REPLACE(REPLACE(info_reference, '[', ''), ']', '') as info_reference,
info_severity,
info_metadata_product,
info_classification_cpe
FROM scan_history
WHERE matcher_name = 'outdated_version'
GROUP BY ip, host
ORDER BY
ip, host
Example:
- bar.example.com
- foo.example.com
- subdomain1.example.com
SELECT ip,
host,
info_severity,
cve_id,
cvss_score,
info_name,
info_description,
REPLACE(REPLACE(info_reference, '[', ''), ']', '') as info_reference,
info_metadata_product,
info_classification_cpe
FROM scan_history
ORDER BY
CASE info_severity
WHEN 'critical' THEN 1
WHEN 'high' THEN 2
WHEN 'medium' THEN 3
WHEN 'low' THEN 4
WHEN 'info' THEN 5
ELSE 6
END,
CASE
WHEN INSTR( ( SUBSTR (host, INSTR(host, '://') + 3, INSTR(host, '.example.com') - 9 ) ), '.') = 0 THEN
( SUBSTR (host, INSTR(host, '://') + 3, INSTR(host, '.example.com') - 9 ) )
ELSE
SUBSTR ( ( SUBSTR (host, INSTR(host, '://') + 3, INSTR(host, '.df.gov.br') - 9 ) ) , INSTR( ( SUBSTR (host, INSTR(host, '://') + 3, INSTR(host, '.example.com') - 9 ) ), '.') +1 , LENGTH (( SUBSTR (host, INSTR(host, '://') + 3, INSTR(host, '.example.com') - 9 ) ) ))
END SELECT DATE(timestamp) as scan_date, COUNT(*) as total_vulnerabilities
FROM scan_history
GROUP BY DATE(timestamp)
ORDER BY scan_date;SELECT ip, COUNT(*) as total_vulnerabilities
FROM scan_history
GROUP BY ip
ORDER BY total_vulnerabilities DESC;SELECT host, COUNT(*) as total_vulnerabilities
FROM scan_history
GROUP BY host
ORDER BY total_vulnerabilities DESC;SELECT severity, COUNT(*) as total_vulnerabilities
FROM scan_history
GROUP BY severity
ORDER BY total_vulnerabilities DESC;SELECT template, COUNT(*) as total_vulnerabilities
FROM scan_history
GROUP BY template
ORDER BY total_vulnerabilities DESC;If you want to see a simple HTML report, run server.js script.
node server.jsNow open your browser at http://localhost:3000
This project is licensed under the MIT License.