Re: Script to create Style Sheet for Nessus XML

From: D.Snezhkov (dsnezhkov@gmail.com)
Date: Wed Mar 22 2006 - 14:00:51 EST

• Next message: Joshua Shaffer: "Re: War dialing"
• Previous message: Felix Gröbert: "Re: Masquerade windows as linux"
• In reply to: Julian Anderson: "Re: Script to create Style Sheet for Nessus XML"
• Next in thread: jgervacio@seguridad.unam.mx: "Re: Script to create Style Sheet for Nessus XML"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi,

this may be OS specific but you can :
1. Dump report in NBE format ( which is universal )
2. Convert NBE format into XML/HTML
   a) modify html via sed
   b) modify report realtime like this :

-----------------
#!/bin/bash

[ -f /tmp/pipe.html ] && /bin/rm /tmp/pipe.html

mkfifo -m a=r /tmp/pipe.html

/opt/nessus/bin/nessus -i /var/www/nessus/reports/UnixServers.nbe -o
/tmp/pipe.html &

cat /tmp/pipe.html | while read line
do
        echo "LINE to Modify : $line "
done

--------------------

Hope that helps.
Dimitry.

On 3/22/06, Julian Anderson <anderson.julian@gmail.com> wrote:
> So what if I want to tweek that interface a bit..is there a tool for doing so?
>
> Thanks
>
> On 3/21/06, Kevin Willock (IGSN Security) <kevin@igsn.com> wrote:
> > nessus will do this automatically, use the following switch;
> >
> > -T html
> >
> > Kevin Willock
> >
> >
> > On 20-Mar-06, at 7:14 PM, joshuaperrymon@gmail.com wrote:
> >
> > > Hey Guys,
> > >
> > > I am looking for a script for Nessus..
> > >
> > > I can't remember if it takes .xml or .nbe files..
> > > But what it does is creates the .html and a Style Sheet that puts
> > > the info in a nice format. This is similar to the nmap .xml
> > > parser.. it takes nmap files and creates the html..
> > >
> > > JP
> > >
> > > ----------------------------------------------------------------------
> > > --------
> > > This List Sponsored by: Cenzic
> > >
> > > Concerned about Web Application Security?
> > > As attacks through web applications continue to rise, you need to
> > > proactively
> > > protect your applications from hackers. Cenzic has the most
> > > comprehensive
> > > solutions to meet your application security penetration testing and
> > > vulnerability management needs. You have an option to go with a
> > > managed
> > > service (Cenzic ClickToSecure) or an enterprise software (Cenzic
> > > Hailstorm).
> > > Download FREE whitepaper on how a managed service can help you:
> > > http://www.cenzic.com/forms/ec.php?pubid=10025
> > > And, now for a limited time we can do a FREE audit for you to
> > > confirm your
> > > results from other product. Contact us at request@cenzic.com
> > > ----------------------------------------------------------------------
> > > --------
> > >
> >
> >
> > ------------------------------------------------------------------------------
> > This List Sponsored by: Cenzic
> >
> > Concerned about Web Application Security?
> > As attacks through web applications continue to rise, you need to proactively
> > protect your applications from hackers. Cenzic has the most comprehensive
> > solutions to meet your application security penetration testing and
> > vulnerability management needs. You have an option to go with a managed
> > service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm).
> > Download FREE whitepaper on how a managed service can help you:
> > http://www.cenzic.com/forms/ec.php?pubid=10025
> > And, now for a limited time we can do a FREE audit for you to confirm your
> > results from other product. Contact us at request@cenzic.com
> > ------------------------------------------------------------------------------
> >
> >
>
> ------------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Concerned about Web Application Security?
> As attacks through web applications continue to rise, you need to proactively
> protect your applications from hackers. Cenzic has the most comprehensive
> solutions to meet your application security penetration testing and
> vulnerability management needs. You have an option to go with a managed
> service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm).
> Download FREE whitepaper on how a managed service can help you:
> http://www.cenzic.com/forms/ec.php?pubid=10025
> And, now for a limited time we can do a FREE audit for you to confirm your
> results from other product. Contact us at request@cenzic.com
> ------------------------------------------------------------------------------
>
>

------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security?
As attacks through web applications continue to rise, you need to proactively
protect your applications from hackers. Cenzic has the most comprehensive
solutions to meet your application security penetration testing and
vulnerability management needs. You have an option to go with a managed
service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm).
Download FREE whitepaper on how a managed service can help you:
http://www.cenzic.com/forms/ec.php?pubid=10025
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request@cenzic.com
------------------------------------------------------------------------------

• Next message: Joshua Shaffer: "Re: War dialing"
• Previous message: Felix Gröbert: "Re: Masquerade windows as linux"
• In reply to: Julian Anderson: "Re: Script to create Style Sheet for Nessus XML"
• Next in thread: jgervacio@seguridad.unam.mx: "Re: Script to create Style Sheet for Nessus XML"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:43 EDT