SlideShare ist ein Scribd-Unternehmen logo
1 von 15
Downloaden Sie, um offline zu lesen
XML Interfaces to the
Popular Nessus
Scanner
Rajesh Deo
Network Intelligence India Pvt. Ltd.
29/03/2012
NULL Mumbai Chapter
The Venerable Nessus Scanner
• A comprehensive vulnerability scanner
• Can perform network tests, system audits, patch
  management, compliance tests such as PCI DSS, SCADA
  vulnerability audits, and so on…
• Proprietary - Tenable Network Security
• Started by Renaud Deraison in 1998 to provide to
  the Internet community with a free remote security scanner
  similar to SATAN and NetSaint.
• Nessus 5.0 was released on Feb 15th, 2012.
  • http://www.nessus.org/products/nessus
Open-source Tools
• Perl/Net::Nessus::XMLRPC
  • Vlatko Košturjak
  • http://search.cpan.org/~kost/Net-Nessus-XMLRPC-
    0.30/lib/Net/Nessus/XMLRPC.pm
  • Perl 5 License (Artistic 1 & GPL 1)
  • https://github.com/kost/nessus-xmlrpc-perl
     • Also develops similar library for Rapid 7’s NeXpose
• Ruby/nessus-xmlrpc
  • http://nessus-xmlrpc.rubyforge.org/
  • GPL/BSD, by author of Net::Nessus::XMLRPC
• Python/nessus-xmlrpc
  • http://code.google.com/p/nessusxmlrpc/
  • Apache License 2.0
  • Kurtis Miller
Why do we need these tools?
•   Automation
•   Automation
•   Automation
•   Custom reporting
•   Custom reporting
•   Custom reporting
    • XML/XSL
    • XPATH/XQUERY
• CLI
• http://seclists.org/metasploit/2010/q3/378
    • Bridges to awesome software 
    • By Zate Burg
Why are we using Python/nessus-
xmlrpc?
• I know Python a little bit
  • Matplotlib for charting/graphs
  • Numpy/SciPy or Interface to R for numerical computations and
    statistics.
• Not as well developed as Perl/Ruby modules but pretty close
  • Last upload in Dec. 2010
  • There is scope to contribute...
  • ..and perhaps integrate with different tools
Automation: XML-RPC API in Ruby




• Write custom scripts, simple one-off tools
• Monitor long-running scans
• Get reports in XML for parsing and
  custom reporting.
• Large similarity between Perl and Ruby
  APIs.
CLI for shell lovers




• Automate with your favorite shell: Bash, Tcsh, Zsh
• Grep, sed and awk
• With an XML/RPC interface you can tunnel your scan requests to
  your central Nessus server with professional feed over SSH/HTTPS
  directly from within python/perl/ruby.
    • Great for doing external penetration tests.
Multiple Targets?
• Home Feed limits you to 15 targets only at a time, good
  enough for development.
• XML-RPC interface same between Professional Feed and
  Home Feed.
                                                           Multiple targets
                                                        separated by “,” or “n”
Automation with Python


           Email and
            xsltproc


                       • Possibilities
                       • Have report emailed to
                         management desktop
                       • Write custom xsl reports,
                         process with xsltproc on Linux.
                       • Import into CMS solutions
The XML-RPC Interface for Nessus
• Partially documented
  • http://www.tenable.com/documentation/nessus_XMLRPC_proto
    col_guide.pdf
• An unofficial test.html from Renaud Deraison is here
  • http://nessus-xmlrpc.rubyforge.org/test.html
• An update to XML docs will be available in a week, last post 2
  days ago.
  • https://discussions.nessus.org/message/14693;jsessionid=E2130
    C8DA7ACFC58DC1850D9EFE828FE
• http://blog.upbeat.fr/tagged/Nessus?
  • Unofficial documentation on .nessus v2 XML report format
  • Automation using wget
     • But please use ruby/perl/python interfaces, far cleaner and you can
       add custom features.
Nessus v2 XML report format
                                          Vulnerability
• Microsoft Excel is your friend           References




                                 Host
                              Inventory
                                            Is there a
                                            Metasploit
                                            module for
                                               this?
Custom Reports: MS Patches


               With python use lxml, output to csv,
                   xls, sql, html or xml again!
                Python constructs make it easy to
                         write clean code.
Vulnerability Management/Delta
Reporting
• Seccubus: http://seccubus.com/
  • Seccubus automates regular vulnerability scans with Nessus and
    OpenVAS and provides delta reporting.
  • Frank Breedijk
• Perl/Javascript based.
• Need to integrate custom reporting with change management
  and inventory management etc.
• Bridges to proprietary software: SharePoint, MS SQL Server,
  integration into standard business workflows of IT
  departments. Both Perl/Python provide modules to generate
  standard business format documents.
Improve the tools
• Goals: Integration
  • Custom reports
     • Python/XML foo OK.
     • We are doing one-off scripts right now.
• Reporting/Tracking should not be painful
  • Web-based reports best
     • Export to PDF
     • Summarize and drill down interactive capability
  • Need awesome reporting and charting capability
     • Ruby/Ruport
     • J-Query/Ext JS/Node.js
     • Java/Processing
Questions?
             Please send us your
             ideas/comments/questions at
             rajesh.deo@niiconsulting.com


                 Acknowledgements:

                 Tuhin Goswami
                 Our esteemed client where we
                 implemented some of the tools
                 presented.
                 Wasim Halani and
                 K. K. Mookhey for guidance.

Weitere ähnliche Inhalte

Was ist angesagt?

From vagrant to production - Mark Eijsermans
From vagrant to production - Mark EijsermansFrom vagrant to production - Mark Eijsermans
From vagrant to production - Mark EijsermansDevopsdays
 
Building Enterprise Grade Front-End Applications with JavaScript Frameworks
Building Enterprise Grade Front-End Applications with JavaScript FrameworksBuilding Enterprise Grade Front-End Applications with JavaScript Frameworks
Building Enterprise Grade Front-End Applications with JavaScript FrameworksFITC
 
ActiveMQ Performance Tuning
ActiveMQ Performance TuningActiveMQ Performance Tuning
ActiveMQ Performance TuningChristian Posta
 
BP-10 Keeping Your Sanity – Rapid Development & Deployment Tools
BP-10 Keeping Your Sanity – Rapid Development & Deployment ToolsBP-10 Keeping Your Sanity – Rapid Development & Deployment Tools
BP-10 Keeping Your Sanity – Rapid Development & Deployment ToolsAlfresco Software
 
Building a smarter application Stack by Tomas Doran from Yelp
Building a smarter application Stack by Tomas Doran from YelpBuilding a smarter application Stack by Tomas Doran from Yelp
Building a smarter application Stack by Tomas Doran from YelpdotCloud
 
SQL Server: Now It's Everywhere You Want to Be
SQL Server: Now It's Everywhere You Want to BeSQL Server: Now It's Everywhere You Want to Be
SQL Server: Now It's Everywhere You Want to BeEd Leighton-Dick
 
The Pivotal Engineering Dojo: Earning Your Black Belt in Cloud Foundry Engine...
The Pivotal Engineering Dojo: Earning Your Black Belt in Cloud Foundry Engine...The Pivotal Engineering Dojo: Earning Your Black Belt in Cloud Foundry Engine...
The Pivotal Engineering Dojo: Earning Your Black Belt in Cloud Foundry Engine...VMware Tanzu
 
Growing an ecosystem on the JVM
Growing an ecosystem on the JVMGrowing an ecosystem on the JVM
Growing an ecosystem on the JVMIulian Dragos
 
Parallel and Asynchronous Programming - ITProDevConnections 2012 (Greek)
Parallel and Asynchronous Programming -  ITProDevConnections 2012 (Greek)Parallel and Asynchronous Programming -  ITProDevConnections 2012 (Greek)
Parallel and Asynchronous Programming - ITProDevConnections 2012 (Greek)Panagiotis Kanavos
 
IBM Connections Adminblast - Soccnx 12 Edition
IBM Connections Adminblast - Soccnx 12 EditionIBM Connections Adminblast - Soccnx 12 Edition
IBM Connections Adminblast - Soccnx 12 Editionpanagenda
 
DownTheRabbitHole.js – How to Stay Sane in an Insane Ecosystem
DownTheRabbitHole.js – How to Stay Sane in an Insane EcosystemDownTheRabbitHole.js – How to Stay Sane in an Insane Ecosystem
DownTheRabbitHole.js – How to Stay Sane in an Insane EcosystemFITC
 
Velocity - NxtGen Oxford
Velocity - NxtGen OxfordVelocity - NxtGen Oxford
Velocity - NxtGen OxfordPhil Pursglove
 
Improved development workflows using vagrant
Improved development workflows using vagrantImproved development workflows using vagrant
Improved development workflows using vagrantMakis Asimidis
 
Ansible benelux meetup - Amsterdam 27-5-2015
Ansible benelux meetup - Amsterdam 27-5-2015Ansible benelux meetup - Amsterdam 27-5-2015
Ansible benelux meetup - Amsterdam 27-5-2015Pavel Chunyayev
 
Automate IBM Connections Installations and more
Automate IBM Connections Installations and moreAutomate IBM Connections Installations and more
Automate IBM Connections Installations and morepanagenda
 
Data-Center Replication with Apache Accumulo
Data-Center Replication with Apache AccumuloData-Center Replication with Apache Accumulo
Data-Center Replication with Apache AccumuloJosh Elser
 
Scaling High Traffic Web Applications
Scaling High Traffic Web ApplicationsScaling High Traffic Web Applications
Scaling High Traffic Web ApplicationsAchievers Tech
 
Markup languages and warp-speed documentation
Markup languages and warp-speed documentationMarkup languages and warp-speed documentation
Markup languages and warp-speed documentationLois Patterson
 

Was ist angesagt? (20)

Venkata
VenkataVenkata
Venkata
 
Be faster then rabbits
Be faster then rabbitsBe faster then rabbits
Be faster then rabbits
 
From vagrant to production - Mark Eijsermans
From vagrant to production - Mark EijsermansFrom vagrant to production - Mark Eijsermans
From vagrant to production - Mark Eijsermans
 
Building Enterprise Grade Front-End Applications with JavaScript Frameworks
Building Enterprise Grade Front-End Applications with JavaScript FrameworksBuilding Enterprise Grade Front-End Applications with JavaScript Frameworks
Building Enterprise Grade Front-End Applications with JavaScript Frameworks
 
ActiveMQ Performance Tuning
ActiveMQ Performance TuningActiveMQ Performance Tuning
ActiveMQ Performance Tuning
 
BP-10 Keeping Your Sanity – Rapid Development & Deployment Tools
BP-10 Keeping Your Sanity – Rapid Development & Deployment ToolsBP-10 Keeping Your Sanity – Rapid Development & Deployment Tools
BP-10 Keeping Your Sanity – Rapid Development & Deployment Tools
 
Building a smarter application Stack by Tomas Doran from Yelp
Building a smarter application Stack by Tomas Doran from YelpBuilding a smarter application Stack by Tomas Doran from Yelp
Building a smarter application Stack by Tomas Doran from Yelp
 
SQL Server: Now It's Everywhere You Want to Be
SQL Server: Now It's Everywhere You Want to BeSQL Server: Now It's Everywhere You Want to Be
SQL Server: Now It's Everywhere You Want to Be
 
The Pivotal Engineering Dojo: Earning Your Black Belt in Cloud Foundry Engine...
The Pivotal Engineering Dojo: Earning Your Black Belt in Cloud Foundry Engine...The Pivotal Engineering Dojo: Earning Your Black Belt in Cloud Foundry Engine...
The Pivotal Engineering Dojo: Earning Your Black Belt in Cloud Foundry Engine...
 
Growing an ecosystem on the JVM
Growing an ecosystem on the JVMGrowing an ecosystem on the JVM
Growing an ecosystem on the JVM
 
Parallel and Asynchronous Programming - ITProDevConnections 2012 (Greek)
Parallel and Asynchronous Programming -  ITProDevConnections 2012 (Greek)Parallel and Asynchronous Programming -  ITProDevConnections 2012 (Greek)
Parallel and Asynchronous Programming - ITProDevConnections 2012 (Greek)
 
IBM Connections Adminblast - Soccnx 12 Edition
IBM Connections Adminblast - Soccnx 12 EditionIBM Connections Adminblast - Soccnx 12 Edition
IBM Connections Adminblast - Soccnx 12 Edition
 
DownTheRabbitHole.js – How to Stay Sane in an Insane Ecosystem
DownTheRabbitHole.js – How to Stay Sane in an Insane EcosystemDownTheRabbitHole.js – How to Stay Sane in an Insane Ecosystem
DownTheRabbitHole.js – How to Stay Sane in an Insane Ecosystem
 
Velocity - NxtGen Oxford
Velocity - NxtGen OxfordVelocity - NxtGen Oxford
Velocity - NxtGen Oxford
 
Improved development workflows using vagrant
Improved development workflows using vagrantImproved development workflows using vagrant
Improved development workflows using vagrant
 
Ansible benelux meetup - Amsterdam 27-5-2015
Ansible benelux meetup - Amsterdam 27-5-2015Ansible benelux meetup - Amsterdam 27-5-2015
Ansible benelux meetup - Amsterdam 27-5-2015
 
Automate IBM Connections Installations and more
Automate IBM Connections Installations and moreAutomate IBM Connections Installations and more
Automate IBM Connections Installations and more
 
Data-Center Replication with Apache Accumulo
Data-Center Replication with Apache AccumuloData-Center Replication with Apache Accumulo
Data-Center Replication with Apache Accumulo
 
Scaling High Traffic Web Applications
Scaling High Traffic Web ApplicationsScaling High Traffic Web Applications
Scaling High Traffic Web Applications
 
Markup languages and warp-speed documentation
Markup languages and warp-speed documentationMarkup languages and warp-speed documentation
Markup languages and warp-speed documentation
 

Ähnlich wie Xml interfaces to the popular nessus scanner

Delivering big content at NBC News with RavenDB
Delivering big content at NBC News with RavenDBDelivering big content at NBC News with RavenDB
Delivering big content at NBC News with RavenDBJohn Bennett
 
Service-oriented architecture
Service-oriented architectureService-oriented architecture
Service-oriented architectureShalva Usubov
 
WSO2 Intro Webinar - Simplifying Enterprise Integration with Configurable WS...
WSO2 Intro Webinar -  Simplifying Enterprise Integration with Configurable WS...WSO2 Intro Webinar -  Simplifying Enterprise Integration with Configurable WS...
WSO2 Intro Webinar - Simplifying Enterprise Integration with Configurable WS...WSO2
 
IBM Connect 2017: Your Data In the Major Leagues: A Practical Guide to REST S...
IBM Connect 2017: Your Data In the Major Leagues: A Practical Guide to REST S...IBM Connect 2017: Your Data In the Major Leagues: A Practical Guide to REST S...
IBM Connect 2017: Your Data In the Major Leagues: A Practical Guide to REST S...Serdar Basegmez
 
Integration in the age of DevOps
Integration in the age of DevOpsIntegration in the age of DevOps
Integration in the age of DevOpsAlbert Wong
 
Top 10 dev ops tools (1)
Top 10 dev ops tools (1)Top 10 dev ops tools (1)
Top 10 dev ops tools (1)yalini97
 
Effective admin and development in iib
Effective admin and development in iibEffective admin and development in iib
Effective admin and development in iibm16k
 
.Net Core 3.0. What’s inside? Павло Голубович
.Net Core 3.0. What’s inside? Павло Голубович.Net Core 3.0. What’s inside? Павло Голубович
.Net Core 3.0. What’s inside? Павло ГолубовичSigma Software
 
Node.js 101 with Rami Sayar
Node.js 101 with Rami SayarNode.js 101 with Rami Sayar
Node.js 101 with Rami SayarFITC
 
Microsoft SQL server 2017 Level 300 technical deck
Microsoft SQL server 2017 Level 300 technical deckMicrosoft SQL server 2017 Level 300 technical deck
Microsoft SQL server 2017 Level 300 technical deckGeorge Walters
 
Introduction to Apache Mesos and DC/OS
Introduction to Apache Mesos and DC/OSIntroduction to Apache Mesos and DC/OS
Introduction to Apache Mesos and DC/OSSteve Wong
 
Ankit Chohan - Java
Ankit Chohan - JavaAnkit Chohan - Java
Ankit Chohan - JavaAnkit Chohan
 
FITC - Node.js 101
FITC - Node.js 101FITC - Node.js 101
FITC - Node.js 101Rami Sayar
 

Ähnlich wie Xml interfaces to the popular nessus scanner (20)

Cv fayaz
Cv fayazCv fayaz
Cv fayaz
 
Delivering big content at NBC News with RavenDB
Delivering big content at NBC News with RavenDBDelivering big content at NBC News with RavenDB
Delivering big content at NBC News with RavenDB
 
Service-oriented architecture
Service-oriented architectureService-oriented architecture
Service-oriented architecture
 
WSO2 Intro Webinar - Simplifying Enterprise Integration with Configurable WS...
WSO2 Intro Webinar -  Simplifying Enterprise Integration with Configurable WS...WSO2 Intro Webinar -  Simplifying Enterprise Integration with Configurable WS...
WSO2 Intro Webinar - Simplifying Enterprise Integration with Configurable WS...
 
IBM Connect 2017: Your Data In the Major Leagues: A Practical Guide to REST S...
IBM Connect 2017: Your Data In the Major Leagues: A Practical Guide to REST S...IBM Connect 2017: Your Data In the Major Leagues: A Practical Guide to REST S...
IBM Connect 2017: Your Data In the Major Leagues: A Practical Guide to REST S...
 
resume
resumeresume
resume
 
Integration in the age of DevOps
Integration in the age of DevOpsIntegration in the age of DevOps
Integration in the age of DevOps
 
Top 10 dev ops tools (1)
Top 10 dev ops tools (1)Top 10 dev ops tools (1)
Top 10 dev ops tools (1)
 
KumarDevOpsEngineer
KumarDevOpsEngineerKumarDevOpsEngineer
KumarDevOpsEngineer
 
shazia resume
shazia resumeshazia resume
shazia resume
 
Effective admin and development in iib
Effective admin and development in iibEffective admin and development in iib
Effective admin and development in iib
 
.Net Core 3.0. What’s inside? Павло Голубович
.Net Core 3.0. What’s inside? Павло Голубович.Net Core 3.0. What’s inside? Павло Голубович
.Net Core 3.0. What’s inside? Павло Голубович
 
Jineesh
JineeshJineesh
Jineesh
 
Node.js 101 with Rami Sayar
Node.js 101 with Rami SayarNode.js 101 with Rami Sayar
Node.js 101 with Rami Sayar
 
From 0 to syncing
From 0 to syncingFrom 0 to syncing
From 0 to syncing
 
Microsoft SQL server 2017 Level 300 technical deck
Microsoft SQL server 2017 Level 300 technical deckMicrosoft SQL server 2017 Level 300 technical deck
Microsoft SQL server 2017 Level 300 technical deck
 
Introduction to Apache Mesos and DC/OS
Introduction to Apache Mesos and DC/OSIntroduction to Apache Mesos and DC/OS
Introduction to Apache Mesos and DC/OS
 
Ankit Chohan - Java
Ankit Chohan - JavaAnkit Chohan - Java
Ankit Chohan - Java
 
Apache Drill (ver. 0.2)
Apache Drill (ver. 0.2)Apache Drill (ver. 0.2)
Apache Drill (ver. 0.2)
 
FITC - Node.js 101
FITC - Node.js 101FITC - Node.js 101
FITC - Node.js 101
 

Mehr von n|u - The Open Security Community

Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...n|u - The Open Security Community
 

Mehr von n|u - The Open Security Community (20)

Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)
 
Osint primer
Osint primerOsint primer
Osint primer
 
SSRF exploit the trust relationship
SSRF exploit the trust relationshipSSRF exploit the trust relationship
SSRF exploit the trust relationship
 
Nmap basics
Nmap basicsNmap basics
Nmap basics
 
Metasploit primary
Metasploit primaryMetasploit primary
Metasploit primary
 
Api security-testing
Api security-testingApi security-testing
Api security-testing
 
Introduction to TLS 1.3
Introduction to TLS 1.3Introduction to TLS 1.3
Introduction to TLS 1.3
 
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
 
Talking About SSRF,CRLF
Talking About SSRF,CRLFTalking About SSRF,CRLF
Talking About SSRF,CRLF
 
Building active directory lab for red teaming
Building active directory lab for red teamingBuilding active directory lab for red teaming
Building active directory lab for red teaming
 
Owning a company through their logs
Owning a company through their logsOwning a company through their logs
Owning a company through their logs
 
Introduction to shodan
Introduction to shodanIntroduction to shodan
Introduction to shodan
 
Cloud security
Cloud security Cloud security
Cloud security
 
Detecting persistence in windows
Detecting persistence in windowsDetecting persistence in windows
Detecting persistence in windows
 
Frida - Objection Tool Usage
Frida - Objection Tool UsageFrida - Objection Tool Usage
Frida - Objection Tool Usage
 
OSQuery - Monitoring System Process
OSQuery - Monitoring System ProcessOSQuery - Monitoring System Process
OSQuery - Monitoring System Process
 
DevSecOps Jenkins Pipeline -Security
DevSecOps Jenkins Pipeline -SecurityDevSecOps Jenkins Pipeline -Security
DevSecOps Jenkins Pipeline -Security
 
Extensible markup language attacks
Extensible markup language attacksExtensible markup language attacks
Extensible markup language attacks
 
Linux for hackers
Linux for hackersLinux for hackers
Linux for hackers
 
Android Pentesting
Android PentestingAndroid Pentesting
Android Pentesting
 

Kürzlich hochgeladen

Practical Research 1 Lesson 9 Scope and delimitation.pptx
Practical Research 1 Lesson 9 Scope and delimitation.pptxPractical Research 1 Lesson 9 Scope and delimitation.pptx
Practical Research 1 Lesson 9 Scope and delimitation.pptxKatherine Villaluna
 
How to Add a New Field in Existing Kanban View in Odoo 17
How to Add a New Field in Existing Kanban View in Odoo 17How to Add a New Field in Existing Kanban View in Odoo 17
How to Add a New Field in Existing Kanban View in Odoo 17Celine George
 
The Singapore Teaching Practice document
The Singapore Teaching Practice documentThe Singapore Teaching Practice document
The Singapore Teaching Practice documentXsasf Sfdfasd
 
Practical Research 1: Lesson 8 Writing the Thesis Statement.pptx
Practical Research 1: Lesson 8 Writing the Thesis Statement.pptxPractical Research 1: Lesson 8 Writing the Thesis Statement.pptx
Practical Research 1: Lesson 8 Writing the Thesis Statement.pptxKatherine Villaluna
 
How to Manage Cross-Selling in Odoo 17 Sales
How to Manage Cross-Selling in Odoo 17 SalesHow to Manage Cross-Selling in Odoo 17 Sales
How to Manage Cross-Selling in Odoo 17 SalesCeline George
 
2024.03.23 What do successful readers do - Sandy Millin for PARK.pptx
2024.03.23 What do successful readers do - Sandy Millin for PARK.pptx2024.03.23 What do successful readers do - Sandy Millin for PARK.pptx
2024.03.23 What do successful readers do - Sandy Millin for PARK.pptxSandy Millin
 
M-2- General Reactions of amino acids.pptx
M-2- General Reactions of amino acids.pptxM-2- General Reactions of amino acids.pptx
M-2- General Reactions of amino acids.pptxDr. Santhosh Kumar. N
 
What is the Future of QuickBooks DeskTop?
What is the Future of QuickBooks DeskTop?What is the Future of QuickBooks DeskTop?
What is the Future of QuickBooks DeskTop?TechSoup
 
HED Office Sohayok Exam Question Solution 2023.pdf
HED Office Sohayok Exam Question Solution 2023.pdfHED Office Sohayok Exam Question Solution 2023.pdf
HED Office Sohayok Exam Question Solution 2023.pdfMohonDas
 
How to Solve Singleton Error in the Odoo 17
How to Solve Singleton Error in the  Odoo 17How to Solve Singleton Error in the  Odoo 17
How to Solve Singleton Error in the Odoo 17Celine George
 
5 charts on South Africa as a source country for international student recrui...
5 charts on South Africa as a source country for international student recrui...5 charts on South Africa as a source country for international student recrui...
5 charts on South Africa as a source country for international student recrui...CaraSkikne1
 
How to Use api.constrains ( ) in Odoo 17
How to Use api.constrains ( ) in Odoo 17How to Use api.constrains ( ) in Odoo 17
How to Use api.constrains ( ) in Odoo 17Celine George
 
Patient Counselling. Definition of patient counseling; steps involved in pati...
Patient Counselling. Definition of patient counseling; steps involved in pati...Patient Counselling. Definition of patient counseling; steps involved in pati...
Patient Counselling. Definition of patient counseling; steps involved in pati...raviapr7
 
P4C x ELT = P4ELT: Its Theoretical Background (Kanazawa, 2024 March).pdf
P4C x ELT = P4ELT: Its Theoretical Background (Kanazawa, 2024 March).pdfP4C x ELT = P4ELT: Its Theoretical Background (Kanazawa, 2024 March).pdf
P4C x ELT = P4ELT: Its Theoretical Background (Kanazawa, 2024 March).pdfYu Kanazawa / Osaka University
 
Ultra structure and life cycle of Plasmodium.pptx
Ultra structure and life cycle of Plasmodium.pptxUltra structure and life cycle of Plasmodium.pptx
Ultra structure and life cycle of Plasmodium.pptxDr. Asif Anas
 
How to Show Error_Warning Messages in Odoo 17
How to Show Error_Warning Messages in Odoo 17How to Show Error_Warning Messages in Odoo 17
How to Show Error_Warning Messages in Odoo 17Celine George
 
CAULIFLOWER BREEDING 1 Parmar pptx
CAULIFLOWER BREEDING 1 Parmar pptxCAULIFLOWER BREEDING 1 Parmar pptx
CAULIFLOWER BREEDING 1 Parmar pptxSaurabhParmar42
 
DUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRA
DUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRADUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRA
DUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRATanmoy Mishra
 
Patterns of Written Texts Across Disciplines.pptx
Patterns of Written Texts Across Disciplines.pptxPatterns of Written Texts Across Disciplines.pptx
Patterns of Written Texts Across Disciplines.pptxMYDA ANGELICA SUAN
 

Kürzlich hochgeladen (20)

Practical Research 1 Lesson 9 Scope and delimitation.pptx
Practical Research 1 Lesson 9 Scope and delimitation.pptxPractical Research 1 Lesson 9 Scope and delimitation.pptx
Practical Research 1 Lesson 9 Scope and delimitation.pptx
 
How to Add a New Field in Existing Kanban View in Odoo 17
How to Add a New Field in Existing Kanban View in Odoo 17How to Add a New Field in Existing Kanban View in Odoo 17
How to Add a New Field in Existing Kanban View in Odoo 17
 
The Singapore Teaching Practice document
The Singapore Teaching Practice documentThe Singapore Teaching Practice document
The Singapore Teaching Practice document
 
Practical Research 1: Lesson 8 Writing the Thesis Statement.pptx
Practical Research 1: Lesson 8 Writing the Thesis Statement.pptxPractical Research 1: Lesson 8 Writing the Thesis Statement.pptx
Practical Research 1: Lesson 8 Writing the Thesis Statement.pptx
 
How to Manage Cross-Selling in Odoo 17 Sales
How to Manage Cross-Selling in Odoo 17 SalesHow to Manage Cross-Selling in Odoo 17 Sales
How to Manage Cross-Selling in Odoo 17 Sales
 
2024.03.23 What do successful readers do - Sandy Millin for PARK.pptx
2024.03.23 What do successful readers do - Sandy Millin for PARK.pptx2024.03.23 What do successful readers do - Sandy Millin for PARK.pptx
2024.03.23 What do successful readers do - Sandy Millin for PARK.pptx
 
M-2- General Reactions of amino acids.pptx
M-2- General Reactions of amino acids.pptxM-2- General Reactions of amino acids.pptx
M-2- General Reactions of amino acids.pptx
 
What is the Future of QuickBooks DeskTop?
What is the Future of QuickBooks DeskTop?What is the Future of QuickBooks DeskTop?
What is the Future of QuickBooks DeskTop?
 
HED Office Sohayok Exam Question Solution 2023.pdf
HED Office Sohayok Exam Question Solution 2023.pdfHED Office Sohayok Exam Question Solution 2023.pdf
HED Office Sohayok Exam Question Solution 2023.pdf
 
How to Solve Singleton Error in the Odoo 17
How to Solve Singleton Error in the  Odoo 17How to Solve Singleton Error in the  Odoo 17
How to Solve Singleton Error in the Odoo 17
 
5 charts on South Africa as a source country for international student recrui...
5 charts on South Africa as a source country for international student recrui...5 charts on South Africa as a source country for international student recrui...
5 charts on South Africa as a source country for international student recrui...
 
How to Use api.constrains ( ) in Odoo 17
How to Use api.constrains ( ) in Odoo 17How to Use api.constrains ( ) in Odoo 17
How to Use api.constrains ( ) in Odoo 17
 
Patient Counselling. Definition of patient counseling; steps involved in pati...
Patient Counselling. Definition of patient counseling; steps involved in pati...Patient Counselling. Definition of patient counseling; steps involved in pati...
Patient Counselling. Definition of patient counseling; steps involved in pati...
 
P4C x ELT = P4ELT: Its Theoretical Background (Kanazawa, 2024 March).pdf
P4C x ELT = P4ELT: Its Theoretical Background (Kanazawa, 2024 March).pdfP4C x ELT = P4ELT: Its Theoretical Background (Kanazawa, 2024 March).pdf
P4C x ELT = P4ELT: Its Theoretical Background (Kanazawa, 2024 March).pdf
 
Ultra structure and life cycle of Plasmodium.pptx
Ultra structure and life cycle of Plasmodium.pptxUltra structure and life cycle of Plasmodium.pptx
Ultra structure and life cycle of Plasmodium.pptx
 
How to Show Error_Warning Messages in Odoo 17
How to Show Error_Warning Messages in Odoo 17How to Show Error_Warning Messages in Odoo 17
How to Show Error_Warning Messages in Odoo 17
 
CAULIFLOWER BREEDING 1 Parmar pptx
CAULIFLOWER BREEDING 1 Parmar pptxCAULIFLOWER BREEDING 1 Parmar pptx
CAULIFLOWER BREEDING 1 Parmar pptx
 
DUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRA
DUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRADUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRA
DUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRA
 
Patterns of Written Texts Across Disciplines.pptx
Patterns of Written Texts Across Disciplines.pptxPatterns of Written Texts Across Disciplines.pptx
Patterns of Written Texts Across Disciplines.pptx
 
Personal Resilience in Project Management 2 - TV Edit 1a.pdf
Personal Resilience in Project Management 2 - TV Edit 1a.pdfPersonal Resilience in Project Management 2 - TV Edit 1a.pdf
Personal Resilience in Project Management 2 - TV Edit 1a.pdf
 

Xml interfaces to the popular nessus scanner

  • 1. XML Interfaces to the Popular Nessus Scanner Rajesh Deo Network Intelligence India Pvt. Ltd. 29/03/2012 NULL Mumbai Chapter
  • 2. The Venerable Nessus Scanner • A comprehensive vulnerability scanner • Can perform network tests, system audits, patch management, compliance tests such as PCI DSS, SCADA vulnerability audits, and so on… • Proprietary - Tenable Network Security • Started by Renaud Deraison in 1998 to provide to the Internet community with a free remote security scanner similar to SATAN and NetSaint. • Nessus 5.0 was released on Feb 15th, 2012. • http://www.nessus.org/products/nessus
  • 3. Open-source Tools • Perl/Net::Nessus::XMLRPC • Vlatko Košturjak • http://search.cpan.org/~kost/Net-Nessus-XMLRPC- 0.30/lib/Net/Nessus/XMLRPC.pm • Perl 5 License (Artistic 1 & GPL 1) • https://github.com/kost/nessus-xmlrpc-perl • Also develops similar library for Rapid 7’s NeXpose • Ruby/nessus-xmlrpc • http://nessus-xmlrpc.rubyforge.org/ • GPL/BSD, by author of Net::Nessus::XMLRPC • Python/nessus-xmlrpc • http://code.google.com/p/nessusxmlrpc/ • Apache License 2.0 • Kurtis Miller
  • 4. Why do we need these tools? • Automation • Automation • Automation • Custom reporting • Custom reporting • Custom reporting • XML/XSL • XPATH/XQUERY • CLI • http://seclists.org/metasploit/2010/q3/378 • Bridges to awesome software  • By Zate Burg
  • 5. Why are we using Python/nessus- xmlrpc? • I know Python a little bit • Matplotlib for charting/graphs • Numpy/SciPy or Interface to R for numerical computations and statistics. • Not as well developed as Perl/Ruby modules but pretty close • Last upload in Dec. 2010 • There is scope to contribute... • ..and perhaps integrate with different tools
  • 6. Automation: XML-RPC API in Ruby • Write custom scripts, simple one-off tools • Monitor long-running scans • Get reports in XML for parsing and custom reporting. • Large similarity between Perl and Ruby APIs.
  • 7. CLI for shell lovers • Automate with your favorite shell: Bash, Tcsh, Zsh • Grep, sed and awk • With an XML/RPC interface you can tunnel your scan requests to your central Nessus server with professional feed over SSH/HTTPS directly from within python/perl/ruby. • Great for doing external penetration tests.
  • 8. Multiple Targets? • Home Feed limits you to 15 targets only at a time, good enough for development. • XML-RPC interface same between Professional Feed and Home Feed. Multiple targets separated by “,” or “n”
  • 9. Automation with Python Email and xsltproc • Possibilities • Have report emailed to management desktop • Write custom xsl reports, process with xsltproc on Linux. • Import into CMS solutions
  • 10. The XML-RPC Interface for Nessus • Partially documented • http://www.tenable.com/documentation/nessus_XMLRPC_proto col_guide.pdf • An unofficial test.html from Renaud Deraison is here • http://nessus-xmlrpc.rubyforge.org/test.html • An update to XML docs will be available in a week, last post 2 days ago. • https://discussions.nessus.org/message/14693;jsessionid=E2130 C8DA7ACFC58DC1850D9EFE828FE • http://blog.upbeat.fr/tagged/Nessus? • Unofficial documentation on .nessus v2 XML report format • Automation using wget • But please use ruby/perl/python interfaces, far cleaner and you can add custom features.
  • 11. Nessus v2 XML report format Vulnerability • Microsoft Excel is your friend References Host Inventory Is there a Metasploit module for this?
  • 12. Custom Reports: MS Patches With python use lxml, output to csv, xls, sql, html or xml again! Python constructs make it easy to write clean code.
  • 13. Vulnerability Management/Delta Reporting • Seccubus: http://seccubus.com/ • Seccubus automates regular vulnerability scans with Nessus and OpenVAS and provides delta reporting. • Frank Breedijk • Perl/Javascript based. • Need to integrate custom reporting with change management and inventory management etc. • Bridges to proprietary software: SharePoint, MS SQL Server, integration into standard business workflows of IT departments. Both Perl/Python provide modules to generate standard business format documents.
  • 14. Improve the tools • Goals: Integration • Custom reports • Python/XML foo OK. • We are doing one-off scripts right now. • Reporting/Tracking should not be painful • Web-based reports best • Export to PDF • Summarize and drill down interactive capability • Need awesome reporting and charting capability • Ruby/Ruport • J-Query/Ext JS/Node.js • Java/Processing
  • 15. Questions? Please send us your ideas/comments/questions at rajesh.deo@niiconsulting.com Acknowledgements: Tuhin Goswami Our esteemed client where we implemented some of the tools presented. Wasim Halani and K. K. Mookhey for guidance.