shellntel / vcr Goto Github PK
View Code? Open in Web Editor NEWVulnerability Compliance Report Tool used to parse Nessus files into html reports created by SynerComm, Inc.
License: GNU General Public License v2.0
Vulnerability Compliance Report Tool used to parse Nessus files into html reports created by SynerComm, Inc.
License: GNU General Public License v2.0
I have run the script as below
.\Parse-Nessus.ps1 -NessusFilePath "C:\Temp\Test_2012_R2_DC_Compliance_fb6h13.nessus" -CustomerName "Windows 2012 - 2" -CIS -OperatingSystem "Windows 2012"
Report does not show the pass fail green red checks. Reports incorrectly where there are 3 failed, 20 errors and 198 passed, it shows 1 failed, 20 errors and 201 passed and the At-A-Glance percentage shows 91% passed, no fails and 9% failed.
Is there anything I should change?
Can't get the FQDN resolution from a Nessus scan report. Individual report shows UKNOWN and we need to change manually. When we browse the nessus file, we find the FQDN names.
I was just wondering if it is possible to change the showed IP under reports by host on the dashboard to show the username or FQDN instead? I've tried to make it so myself by changing the variable, but my Powershell skills aren't very high..
Any plans to provide a report view with DNS names?
Is there a way to disable MaxCharactersInDocument setting or increase the limit? I have a rather large Nessus file with thousands of hosts. When I run the script, I get following error:
Select-Xml : The file 'C:\vcr-master\InternalScan.nessus' cannot be read: The input document has exceeded a limit set by MaxCharactersInDocument.
At C:\vcr-master\Parse-Nessus.ps1:903 char:18
+ ... portitems = Select-Xml -Path $path -XPath "/NessusClientData_v2/Repor ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (C:\vcr-master\InternalScan.nessus:String) [Select-Xml], ArgumentException
+ FullyQualifiedErrorId : ProcessingFile,Microsoft.PowerShell.Commands.SelectXmlCommand
Thanks.
Your tool/software has been inventoried on Rawsec's CyberSecurity Inventory.
https://inventory.rawsec.ml/tools.html#vcr
An inventory of tools and resources about CyberSecurity. This inventory aims to help people to find everything related to CyberSecurity.
More details about features here.
Note: the inventory is a FLOSS (Free, Libre and Open-Source Software) project.
Mainly because this is giving visibility to your tool, more and more people are using the Rawsec's CyberSecurity Inventory, this helps them find what they need.
The badge shows to your community that your are inventoried. This also shows you care about your project and want it growing, that your tool is not an abandonware.
Feel free to claim your badge here: http://inventory.rawsec.ml/features.html#badges, it looks like that , but there are several styles available.
If you want to thank us, you can help make the project better known by tweeting about it! For example:
That's all, this message is just to notify you if you care.
I do get an end report (very nice btw), however the script errors on each host creating the html report with this:
"At C:\Local\NessusResults\Parse-Nessus.ps1:607 char:10
$data | Set-Content -Path $findingssavepath
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
I also get errors creating the ipsbyvuln.txt with this error:
Out-File : Could not find a part of the path 'C:\Local\NessusResults\org
At C:\Local\NessusResults\Parse-Nessus.ps1:1326 char:12
$output | Out-File "$extraspath\ipsbyvuln.txt"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Running in debug, here is the error we get:
PS C:\inetpub\scans> C:\Scripts\Nessus_Schedule.ps1
DEBUG: NessusFilePath: \ZZZ\nessus\6923.nessus
DEBUG: CustomerName: ZZZ
DEBUG: Current Dir: C:\inetpub\scans
DEBUG: TemplatePath: C:\Scripts\vcr-master\template-networkscan
DEBUG: NewFolderPath: C:\inetpub\scans\ZZZ-20191231021514
[] Performing PreReq Checks...
[] Parsing Nessus File (could take a while)...
DEBUG: Parse-NessusFile: Entered Parse-NessusFile
DEBUG: Parse-NessusFile: Successfully loaded xml into memory
Exception calling "ContainsKey" with "1" argument(s): "Key cannot be null.
Parameter name: key"
At C:\Scripts\vcr-master\Parse-Nessus.ps1:935 char:6
if ($vulnnames.ContainsKey($vulnname) -eq $false)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Line 935 of the script:
#region NESSUS FILE PARSING
function Update-UniqueVulns($vulnname, $criticality)
{
if ($vulnnames.ContainsKey($vulnname) -eq $false)
{
$script:vulnnames.Add($vulnname, $criticality)
Write-Debug "Update-UniqueVulns: Added uniqe vulnn to $ vulnnames: $vulnname"
}
}
Something in the format of the Nessus file changed so $vulnname variable is returning null.
Does this support multiple .nessus files and merge into one output?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.