LAMP setup for .nessus v2 custom report generation.

James Edge Installing & Using Tools, Scripts

I created Project RF to have a reporting framework that provides  consistent reports for various vulnerability scanning tools.  The  project started with support for Nessus back when I would parse nbe files.   I’ve  since included reporting for eEye Retina, Nmap, HP WebInpect,  AppScan AppDetective,  Kismet, and GFI Languard.  This project is still in its alpha stages as  I’m not a top notch web program developer.  Scan results are exported to  XML which is then uploaded, parsed, and imported into a backend MySQL  database.  I have found this framework very useful in generating reports  for my workpapers.  I still continue to work on this project even though I’m no longer an auditor.  Recently I stripped it down to just Nessus and I rewrote the Nessus portion to support the .nesses v2 xml output.  Installation and setup instructions can be found here.

This framework supports many options for report generation and executive reporting.

Twitter
Follow by Email
LinkedIn
YouTube
Google+
RSS

2 thoughts to “LAMP setup for .nessus v2 custom report generation.”

  1. Hai there,

    I very interest with your post, i also need this to generate report,
    btw, metasploit also provide this framework to import scan result with db_import *.nessus, but some tag not parsed by there ( ……………),,,, i need information about Operating System. can you help me to custom metasploit parser … ?

    (sori, i dont have good english)

    if you want to brain strom or share knowledge, i wait your email ,…. thx brotha ,,,

  2. The Metasploit parser that you mention, it will parse both versions of the .nessus file and include the operating system information (os_name, os_flavor, & os_sp) in the table called “hosts” of the database you created when you run db_connect. Would you want me to write code to create a report on what information is contained in the Metasploit DB tables? That is something I can look into but those tables do not contain nearly as much information that is parsed by my script. If you use the Metasploit command “db_hosts” it will list the Operating System information. This is information collected from importing XML information from all of the scanners supported by Metasploit (Nessus, Nmap, Qualys, etc.). Below is an example of the output.

    msf > db_hosts

Hosts
=====

address        mac                name           os_name            os_flavor  os_sp   purpose  info  comments
-------        ---                ----           -------            ---------  -----   -------  ----  --------
192.168.0.1    00:18:39:7A:98:B9  192.168.0.1
192.168.0.16   20:7C:8F:4F:BA:E0  j-laptop.lan   Microsoft Windows  7                  device
192.168.0.172  00:24:2B:33:D0:A6  192.168.0.172  Microsoft Windows  2000               device
192.168.0.182  08:00:27:FB:50:C4  bt.lan         Linux                         2.6.35  device
192.168.0.214  08:00:27:DB:E3:9A  win2k3.lan     Microsoft Windows  2003       SP2     device
192.168.0.242  08:00:27:4E:C9:D7  w2kserver.lan  Microsoft Windows  2000               device
192.168.0.254  00:02:17:61:AC:53  192.168.0.254  CISCO IOS 12.1(3)                     device
192.168.2.103  08:00:27:4E:C9:D7  w2kserver      Microsoft Windows  XP                 device

Leave a Reply

Your email address will not be published. Required fields are marked *

 

This site uses Akismet to reduce spam. Learn how your comment data is processed.