• Stars
    star
    386
  • Rank 111,213 (Top 3 %)
  • Language
    Python
  • License
    Other
  • Created almost 10 years ago
  • Updated about 4 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

A python library for using the new Nessus REST API.

ness6rest.py - a REST interface to Nessus 6

Build Status PyPI Version

Dependencies:

  • Nessus 6.4.x
  • Python 2.7+ or 3.3+
  • requests module (install via pip)
  • The dependencies can be satisfied via pip install -r requirements.txt

Quick Install

pip install nessrest

Features:

  • Logins

    scan = ness6rest.Scanner(url="https://nessusscanner:8834", login="username", password="password")
    
    creds = [credentials.WindowsPassword(username="administrator", password="foobar"),
             credentials.WindowsPassword(username="administrator", password="barfoo"),
             credentials.SshPassword(username="nessususer", password="foobar")]
    
    scan.policy_add_creds(credentials=creds)
  • Build policies

    scan.upload(upload_file="file.audit")
    scan._policy_add_audit(category="Windows", filename="file.audit")
    scan.policy_add(name="Scripted Scan", plugins="21156")
  • Launch scans

    scan.scan_add(targets="192.168.0.1")
    scan.scan_run()
  • Schedule scans

    scan.scan_add(targets="192.168.0.1", start="YYYYMMDDTHHMMSS")
  • Parse scan results

    scan.scan_results()
  • Download KB for target

    kbs = scan.download_kbs()
    
    for hostname in kbs.keys():
        f = open(hostname, "w")
        f.write(kbs[hostname])
        f.close()
  • Output for ticketing/wiki format

Feature Requests:

  • Deleting of a schedule
  • Ability to change "tag" from CLI via config/CLI arg
  • Enforce supported versions of Nessus

Notes:

  • Proxies are not supported, although transparent proxies should work... transparently

nessrest - an example client

Suggested installation:

  • Find the path to your "site-packages" with: python -c "import sys; print(sys.path)"
  • Symlink ness6rest.py in the Git repo in the "site-packages" or "dist-packages" directory.
  • Test by issuing import ness6rest inside the Python interactive interpreter.

Specifying a ca_bundle

If you are using a corporate or self-signed SSL certificate, you can specify the path to a ca_bundle to use for verification by passing it to the Scanner initializer:

scan = ness6rest.Scanner(url="https://nessusscanner:8834", login="username", password="password", ca_bundle="/path/to/ca_bundle.pem")

If you are using the ness_rest client, you can pass this path on the command line using the --ca_bundle option.

Self-signed certificates

If you're running Nessus with a self-signed certificate, and you wish to disable SSL certificate checking, you can pass insecure=True to the Scanner initializer:

scan = ness6rest.Scanner(url="https://nessusscanner:8834", login="username", password="password", insecure=True)

If you're using the nessrest example client, it has an --insecure option that will do this.

Note that this will disable invalid SSL cerficate errors and should be used with caution.

Configuration file:

  • Copy ness_rest.conf.example to ness_rest.conf and configure for your scanner.
  • There are several valid paths for the location of the config file(in order):
  • The path passed from the CLI with --config
  • A permanent config file is searched for in the following locations:
    • $HOME/.ness_rest.conf
    • $HOME/.ness_rest/ness_rest.conf
    • /etc/ness_rest.conf
    • /etc/ness_rest/ness_rest.conf
    • $PWD/ness_rest.conf

Building modules:

  • To build a package to install via pip or easy_install, execute:
    • python setup.py sdist
  • The resulting build will be in $PWD/dist/nessrest-<version>.tar.gz

More Repositories

1

terrascan

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
Go
4,701
star
2

poc

Proof of Concepts
Python
1,210
star
3

routeros

RouterOS Security Research Tooling and Proof of Concepts
C++
866
star
4

awesome-llm-cybersecurity-tools

A curated list of large language model tools for cybersecurity research.
379
star
5

pyTenable

Python Library for interfacing into Tenable's platform APIs
Python
350
star
6

ghidra_tools

A collection of Ghidra scripts, including the GPT-3 powered code analyser and annotator, G-3PO.
Python
293
star
7

cnappgoat

CNAPPgoat is an open source project designed to modularly provision vulnerable-by-design components in cloud environments.
Go
265
star
8

access-undenied-aws

Access Undenied parses AWS AccessDenied CloudTrail events, explains the reasons for them, and offers actionable remediation steps. Open-sourced by Ermetic.
Python
255
star
9

pi_sniffer

The pocket-sized wireless sniffer
C++
204
star
10

router_badusb

BadUSB in Routers
Shell
190
star
11

upnp_info

A simple script for discovery and analysis of UPnP servers
Python
165
star
12

esp32_image_parser

A toolkit for helping you reverse engineer ESP32 firmware.
Python
159
star
13

DiscordClient

Python
98
star
14

EscalateGPT

An AI-powered tool for discovering privilege escalation opportunities in AWS IAM configurations.
Python
93
star
15

KaiMonkey

KaiMonkey provides vulnerable infrastructure as code (IaC) to help explore and understand common cloud security threats exposed via IaC.
HCL
93
star
16

Burp-extension-for-GPT

an extension for Burp Suite to allow researchers to utilize GPT for analys is of HTTP requests and responses
Python
90
star
17

Posh-Nessus

PowerShell Module for automating Tenable Nessus Vulnerability Scanner.
PowerShell
88
star
18

Tenable.io-SDK-for-Python

Tenable.io SDK offers a scalable and safe way to integrate with the Tenable.io platform.
Python
83
star
19

audit_scripts

Scripts to help work with configuration audit files
Python
79
star
20

integration-jira-cloud

Python
68
star
21

yara-rules

Repository of yara rules
YARA
60
star
22

terrascan-action

Terrascan GitHub action. Scan infrastructure as code including Terraform, Kubernetes, Helm, and Kustomize file for security best practices.
Shell
49
star
23

nasl

A parser for NASL.
Ruby
44
star
24

flask-logging-demo

Demo files for 'The Boring Stuff - Flask Logging' blog post
Python
34
star
25

mIDA

C++
33
star
26

audit_files

Nessus Audit files
30
star
27

Security-Hub

For use in our Tenable.IO to AWS Security Hub integration
Python
27
star
28

terrascan-rego-editor

Visual Studio Code extension for writing Terrascan Rego policies
TypeScript
20
star
29

hidden-services-revealer

Python
20
star
30

nasldoc

A documentation generator for NASL.
Ruby
17
star
31

cnappgoat-scenarios

This repository provides a comprehensive collection of Pulumi scenarios utilized by cnappgoat
Go
17
star
32

accurics-action

The Accurics GitHub Action scans Infrastructure as Code files checked into the respository to help ensure that cloud resources are secure and compliant from creation.
Shell
14
star
33

pedant

A static analysis framework for NASL.
Ruby
14
star
34

sublimetext-nasl

13
star
35

Kastle

A purely functional, effectful, resource-safe, kafka library for Scala
Scala
12
star
36

csup

Tenable.io Container Security Uploading and Reporting Commandline Tool
Python
11
star
37

microfrontend-demo-app

JavaScript
11
star
38

SinCity

Python
11
star
39

integration-asc

Python
10
star
40

vim-nasl

Vim extensions for programming in NASL
Vim Script
9
star
41

runterrascan.io

CSS
8
star
42

cloud-security-training

HCL
7
star
43

golden-ami-pipeline-with-tenable-sample

The golden AMI pipeline enables creation, distribution, verification, launch-compliance, and decommissioning of the golden AMI out of the box. This version of the pipeline integrates with Tenable.io for vulnerability assessments.
6
star
44

container-security-action

Tenable's Container security action which helps scan docker images.
Python
6
star
45

cloud-security-actions

Shell
6
star
46

notepadpp-nasl

5
star
47

integration-cef

Python
5
star
48

was-action

Github action to trigger WAS
Python
5
star
49

entra-id-federation-abuse-research-required-roles

PowerShell
5
star
50

cloud-snapshot-automation

Templates for creating Cloud Snapshots
HCL
4
star
51

splunk-app-pvs

This app provides Splunk dashboards and reporting for Tenable PVS
HTML
4
star
52

integrations-ibm-cloudpak-for-security

Python
4
star
53

Tenable.ad-EventsLogs-Subscriber

Tenable.ad IOA module event logs listener
Rust
4
star
54

emacs-nasl

Emacs Lisp
4
star
55

UncoverDCShadow

PowerShell
3
star
56

integration-cscc

Tenable.io to Google Cloud Security Command Center Bridge
Python
3
star
57

tenablecs_demo

HCL
2
star
58

WSUSpendu

PowerShell
2
star
59

asm-python-examples

Bit Discovery REST API scripts
Python
2
star
60

labs

1
star
61

asm-asset-importer

Scripts to integrate BitDiscovery data with Tenable
Python
1
star
62

accurics-vscode

TypeScript
1
star
63

nasl-layer

Spacemacs layer for NASL
1
star
64

atom-grammar-nessuskb

Grammar file for Nessus KB files.
CoffeeScript
1
star
65

accurics-orb

The Accurics CircleCI Orb scans IaC (Infrastructure as Code) to help identify vulnerabilities prior to cloud deployment.
Shell
1
star
66

helm-charts

Smarty
1
star