PaulDotCom mailing list archives

Previous By Date Next
Previous By Thread Next

Nessus XML Parser

From: CDumont at nwnit.com (Cody Dumont)
Date: Fri, 21 May 2010 21:39:09 -0400
Greetings to all in Pauldotcom land....

Several weeks ago someone posted to the mailing list asking if anyone had a parsing tool for Nessus in the new XML 
format.  Well I must admit, I didn't respond because the code I had written was not all that great.  With that said, I 
still think the code is prematurely released, but is code ever really ready to be released.  LOL....so here you go...

http://www.melcara.com/wp-content/uploads/2010/05/parse_nessus_xml.v5-for-blog.pl_.zip

The blog posting can be found in my blog at http://www.melcara.com.

Here is a short summary of the posting.

The script is designed to look for all the *.XML files in defined directory.  The directory is passed as an argument, 
if no directory is specified an error will be returned.  To see the version, then add the v|V|-v|-V and a version will 
be reported.  The script will create two files, the nessus_report.xls and Nessus_data_report.txt.  The 
Nessus_data_report.txt is a text version of the data found in the actual Nessus report, but only shows all the Severity 
2 & 3 reports.  The nessus_report.xls is a multi spreadsheet workbook that contains all the findings from Nessus.  I 
then manually create a series of pivot tables as such.  I have the auto-sort on all columns and will be adding more 
formatting as time allows.

This the first Perl code I have ever released to the public.  So if you read it and would like to comment?please be 
gentle.

Enjoy code, I hope this adds value to your Nessus use.

Cody

P.S. I have also been taking the Command Line Kung Fu, Paul and gang have posted at the 
http://blog.commandlinekungfu.com, and putting some ExcelFU, if you will to their examples.  While the ExcelFu pales to 
the CLI kung Fu, I find the tools most helpful if I want to change the parameters from the examples given.  I call the 
tool a Command Builder, which can also be found at my blog http://www.melcara.com.









Note: This message and any attachments is intended solely for the use of the individual or entity to which it is 
addressed and may contain information that is non-public, proprietary, legally privileged, confidential, and/or exempt 
from disclosure.  If you are not the intended recipient, you are hereby notified that any use, dissemination, 
distribution, or copying of this communication is strictly prohibited.  If you have received this communication in 
error, please notify the original sender immediately by telephone or return email and destroy or delete this message 
along with any attachments immediately.
Previous By Date Next
Previous By Thread Next

Current thread: