The Taming of the Nessus Monkey
- May 25th, 2010
- By nino
- Write comment
I’m doing quite a bit of onsite testing at the minute and I currently have nessus results for 30+ /24 networks. It can be quite time consuming to weed out the crap findings of each file so i wrote a quick and dirty python script to combine the .nessus output for each range:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 | #! /usr/bin/python import xml.dom.minidom import urllib2 import urllib import os import time import sys def main(): #write out the start of the xml shizzle fileHandle = open ( 'combined.nessus', 'a' ) fileHandle.write ( '<?xml version="1.0" ?>\n<NessusClientData>\n<Report>\n<ReportName>Combined</ReportName>\n' ) #list the files fileList = [] counter = 0 for root, subFolders, files in os.walk(sys.argv[1]): for file in files: fileList.append(os.path.join(root,file)) #enumerate the files and pick out the .nessus files for fname in fileList: if ('nessus' in fname) and ('combined.nessus' not in fname) : counter += 1 print "Parsing: " + fname from xml.dom import minidom xmldoc = minidom.parse(fname) reflist = xmldoc.getElementsByTagName('ReportHost') for x in range(0 , reflist.length): fileHandle.write ( reflist[x].toxml() ) #write the end of the xml fileHandle.write ( '</Report> \n </NessusClientData>') fileHandle.close() print 'Combined a total of ' + str(counter) + ' files.' if __name__ == '__main__': main() |
combine_nessus.py (1.4 KiB, 59 hits)
Give the script your top level directory as the first argument and it will recusively find the .nessus files and ouput a file called combined.nessus then you can import it into the nessus client / parse as you normally would, job done
update:pasted the wrong code snippet, the attachment was correct tho!
Update 2: found and issue where by if you had the script generate the output file in the same directory that the .nessus files are the script would eat its own head, added a quick check.