SlideShare a Scribd company logo

Xml interfaces to the popular nessus scanner

n|u - The Open Security Community
n|u - The Open Security Community

null Mumbai Meet March 2012

EducationTechnology
1 of 15
Download to read offline
XML Interfaces to the Popular Nessus Scanner Rajesh Deo Network Intelligence India Pvt. Ltd. 29/03/2012 NULL Mumbai Chapter
The Venerable Nessus Scanner • A comprehensive vulnerability scanner • Can perform network tests, system audits, patch management, compliance tests such as PCI DSS, SCADA vulnerability audits, and so on… • Proprietary - Tenable Network Security • Started by Renaud Deraison in 1998 to provide to the Internet community with a free remote security scanner similar to SATAN and NetSaint. • Nessus 5.0 was released on Feb 15th, 2012. • http://www.nessus.org/products/nessus
Open-source Tools • Perl/Net::Nessus::XMLRPC • Vlatko Košturjak • http://search.cpan.org/~kost/Net-Nessus-XMLRPC- 0.30/lib/Net/Nessus/XMLRPC.pm • Perl 5 License (Artistic 1 & GPL 1) • https://github.com/kost/nessus-xmlrpc-perl • Also develops similar library for Rapid 7’s NeXpose • Ruby/nessus-xmlrpc • http://nessus-xmlrpc.rubyforge.org/ • GPL/BSD, by author of Net::Nessus::XMLRPC • Python/nessus-xmlrpc • http://code.google.com/p/nessusxmlrpc/ • Apache License 2.0 • Kurtis Miller
Why do we need these tools? • Automation • Automation • Automation • Custom reporting • Custom reporting • Custom reporting • XML/XSL • XPATH/XQUERY • CLI • http://seclists.org/metasploit/2010/q3/378 • Bridges to awesome software  • By Zate Burg
Why are we using Python/nessus- xmlrpc? • I know Python a little bit • Matplotlib for charting/graphs • Numpy/SciPy or Interface to R for numerical computations and statistics. • Not as well developed as Perl/Ruby modules but pretty close • Last upload in Dec. 2010 • There is scope to contribute... • ..and perhaps integrate with different tools
Automation: XML-RPC API in Ruby • Write custom scripts, simple one-off tools • Monitor long-running scans • Get reports in XML for parsing and custom reporting. • Large similarity between Perl and Ruby APIs.
CLI for shell lovers • Automate with your favorite shell: Bash, Tcsh, Zsh • Grep, sed and awk • With an XML/RPC interface you can tunnel your scan requests to your central Nessus server with professional feed over SSH/HTTPS directly from within python/perl/ruby. • Great for doing external penetration tests.
Multiple Targets? • Home Feed limits you to 15 targets only at a time, good enough for development. • XML-RPC interface same between Professional Feed and Home Feed. Multiple targets separated by “,” or “n”
Automation with Python Email and xsltproc • Possibilities • Have report emailed to management desktop • Write custom xsl reports, process with xsltproc on Linux. • Import into CMS solutions
The XML-RPC Interface for Nessus • Partially documented • http://www.tenable.com/documentation/nessus_XMLRPC_proto col_guide.pdf • An unofficial test.html from Renaud Deraison is here • http://nessus-xmlrpc.rubyforge.org/test.html • An update to XML docs will be available in a week, last post 2 days ago. • https://discussions.nessus.org/message/14693;jsessionid=E2130 C8DA7ACFC58DC1850D9EFE828FE • http://blog.upbeat.fr/tagged/Nessus? • Unofficial documentation on .nessus v2 XML report format • Automation using wget • But please use ruby/perl/python interfaces, far cleaner and you can add custom features.
Nessus v2 XML report format Vulnerability • Microsoft Excel is your friend References Host Inventory Is there a Metasploit module for this?
Custom Reports: MS Patches With python use lxml, output to csv, xls, sql, html or xml again! Python constructs make it easy to write clean code.
Vulnerability Management/Delta Reporting • Seccubus: http://seccubus.com/ • Seccubus automates regular vulnerability scans with Nessus and OpenVAS and provides delta reporting. • Frank Breedijk • Perl/Javascript based. • Need to integrate custom reporting with change management and inventory management etc. • Bridges to proprietary software: SharePoint, MS SQL Server, integration into standard business workflows of IT departments. Both Perl/Python provide modules to generate standard business format documents.
Improve the tools • Goals: Integration • Custom reports • Python/XML foo OK. • We are doing one-off scripts right now. • Reporting/Tracking should not be painful • Web-based reports best • Export to PDF • Summarize and drill down interactive capability • Need awesome reporting and charting capability • Ruby/Ruport • J-Query/Ext JS/Node.js • Java/Processing
Questions? Please send us your ideas/comments/questions at rajesh.deo@niiconsulting.com Acknowledgements: Tuhin Goswami Our esteemed client where we implemented some of the tools presented. Wasim Halani and K. K. Mookhey for guidance.

Recommended

Tuenti Release Workflow
Tuenti Release WorkflowTuenti Release Workflow
Tuenti Release WorkflowTuenti
 
Modern software architectures - PHP UK Conference 2015
Modern software architectures - PHP UK Conference 2015Modern software architectures - PHP UK Conference 2015
Modern software architectures - PHP UK Conference 2015Ricard Clau
 
Big Data! Great! Now What? #SymfonyCon 2014
Big Data! Great! Now What? #SymfonyCon 2014Big Data! Great! Now What? #SymfonyCon 2014
Big Data! Great! Now What? #SymfonyCon 2014Ricard Clau
 
DSD-INT 2020 Scripting a Delft-FEWS configuration - Verkade
DSD-INT 2020 Scripting a Delft-FEWS configuration - VerkadeDSD-INT 2020 Scripting a Delft-FEWS configuration - Verkade
DSD-INT 2020 Scripting a Delft-FEWS configuration - VerkadeDeltares
 
What’s the Deal with Containers, Anyway?
What’s the Deal with Containers, Anyway?What’s the Deal with Containers, Anyway?
What’s the Deal with Containers, Anyway?Stephen Foskett
 
SOA Latam 2015
SOA Latam 2015SOA Latam 2015
SOA Latam 2015Domingo Suarez Torres
 
Redis in 20 minutes
Redis in 20 minutesRedis in 20 minutes
Redis in 20 minutesAndrás Fehér
 
From VMs to Containers: Introducing Docker Containers for Linux and Windows S...
From VMs to Containers: Introducing Docker Containers for Linux and Windows S...From VMs to Containers: Introducing Docker Containers for Linux and Windows S...
From VMs to Containers: Introducing Docker Containers for Linux and Windows S...Ido Flatow
 

Recommended

Tuenti Release Workflow
Tuenti Release WorkflowTuenti Release Workflow
Tuenti Release WorkflowTuenti
 
Modern software architectures - PHP UK Conference 2015
Modern software architectures - PHP UK Conference 2015Modern software architectures - PHP UK Conference 2015
Modern software architectures - PHP UK Conference 2015Ricard Clau
 
Big Data! Great! Now What? #SymfonyCon 2014
Big Data! Great! Now What? #SymfonyCon 2014Big Data! Great! Now What? #SymfonyCon 2014
Big Data! Great! Now What? #SymfonyCon 2014Ricard Clau
 
DSD-INT 2020 Scripting a Delft-FEWS configuration - Verkade
DSD-INT 2020 Scripting a Delft-FEWS configuration - VerkadeDSD-INT 2020 Scripting a Delft-FEWS configuration - Verkade
DSD-INT 2020 Scripting a Delft-FEWS configuration - VerkadeDeltares
 
What’s the Deal with Containers, Anyway?
What’s the Deal with Containers, Anyway?What’s the Deal with Containers, Anyway?
What’s the Deal with Containers, Anyway?Stephen Foskett
 
SOA Latam 2015
SOA Latam 2015SOA Latam 2015
SOA Latam 2015Domingo Suarez Torres
 
Redis in 20 minutes
Redis in 20 minutesRedis in 20 minutes
Redis in 20 minutesAndrás Fehér
 
From VMs to Containers: Introducing Docker Containers for Linux and Windows S...
From VMs to Containers: Introducing Docker Containers for Linux and Windows S...From VMs to Containers: Introducing Docker Containers for Linux and Windows S...
From VMs to Containers: Introducing Docker Containers for Linux and Windows S...Ido Flatow
 
Venkata
VenkataVenkata
VenkataVenkata Kumar
 
Be faster then rabbits
Be faster then rabbitsBe faster then rabbits
Be faster then rabbitsVladislav Bauer
 
From vagrant to production - Mark Eijsermans
From vagrant to production - Mark EijsermansFrom vagrant to production - Mark Eijsermans
From vagrant to production - Mark EijsermansDevopsdays
 
Building Enterprise Grade Front-End Applications with JavaScript Frameworks
Building Enterprise Grade Front-End Applications with JavaScript FrameworksBuilding Enterprise Grade Front-End Applications with JavaScript Frameworks
Building Enterprise Grade Front-End Applications with JavaScript FrameworksFITC
 
ActiveMQ Performance Tuning
ActiveMQ Performance TuningActiveMQ Performance Tuning
ActiveMQ Performance TuningChristian Posta
 
BP-10 Keeping Your Sanity – Rapid Development & Deployment Tools
BP-10 Keeping Your Sanity – Rapid Development & Deployment ToolsBP-10 Keeping Your Sanity – Rapid Development & Deployment Tools
BP-10 Keeping Your Sanity – Rapid Development & Deployment ToolsAlfresco Software
 
Building a smarter application Stack by Tomas Doran from Yelp
Building a smarter application Stack by Tomas Doran from YelpBuilding a smarter application Stack by Tomas Doran from Yelp
Building a smarter application Stack by Tomas Doran from YelpdotCloud
 
SQL Server: Now It's Everywhere You Want to Be
SQL Server: Now It's Everywhere You Want to BeSQL Server: Now It's Everywhere You Want to Be
SQL Server: Now It's Everywhere You Want to BeEd Leighton-Dick
 
The Pivotal Engineering Dojo: Earning Your Black Belt in Cloud Foundry Engine...
The Pivotal Engineering Dojo: Earning Your Black Belt in Cloud Foundry Engine...The Pivotal Engineering Dojo: Earning Your Black Belt in Cloud Foundry Engine...
The Pivotal Engineering Dojo: Earning Your Black Belt in Cloud Foundry Engine...VMware Tanzu
 
Growing an ecosystem on the JVM
Growing an ecosystem on the JVMGrowing an ecosystem on the JVM
Growing an ecosystem on the JVMIulian Dragos
 
Parallel and Asynchronous Programming - ITProDevConnections 2012 (Greek)
Parallel and Asynchronous Programming - ITProDevConnections 2012 (Greek)Parallel and Asynchronous Programming - ITProDevConnections 2012 (Greek)
Parallel and Asynchronous Programming - ITProDevConnections 2012 (Greek)Panagiotis Kanavos
 
IBM Connections Adminblast - Soccnx 12 Edition
IBM Connections Adminblast - Soccnx 12 EditionIBM Connections Adminblast - Soccnx 12 Edition
IBM Connections Adminblast - Soccnx 12 Editionpanagenda
 
DownTheRabbitHole.js – How to Stay Sane in an Insane Ecosystem
DownTheRabbitHole.js – How to Stay Sane in an Insane EcosystemDownTheRabbitHole.js – How to Stay Sane in an Insane Ecosystem
DownTheRabbitHole.js – How to Stay Sane in an Insane EcosystemFITC
 
Velocity - NxtGen Oxford
Velocity - NxtGen OxfordVelocity - NxtGen Oxford
Velocity - NxtGen OxfordPhil Pursglove
 
Improved development workflows using vagrant
Improved development workflows using vagrantImproved development workflows using vagrant
Improved development workflows using vagrantMakis Asimidis
 
Ansible benelux meetup - Amsterdam 27-5-2015
Ansible benelux meetup - Amsterdam 27-5-2015Ansible benelux meetup - Amsterdam 27-5-2015
Ansible benelux meetup - Amsterdam 27-5-2015Pavel Chunyayev
 
Automate IBM Connections Installations and more
Automate IBM Connections Installations and moreAutomate IBM Connections Installations and more
Automate IBM Connections Installations and morepanagenda
 
Data-Center Replication with Apache Accumulo
Data-Center Replication with Apache AccumuloData-Center Replication with Apache Accumulo
Data-Center Replication with Apache AccumuloJosh Elser
 
Scaling High Traffic Web Applications
Scaling High Traffic Web ApplicationsScaling High Traffic Web Applications
Scaling High Traffic Web ApplicationsAchievers Tech
 
Markup languages and warp-speed documentation
Markup languages and warp-speed documentationMarkup languages and warp-speed documentation
Markup languages and warp-speed documentationLois Patterson
 
Cv fayaz
Cv fayazCv fayaz
Cv fayazFayaz Yusuf Khan
 
Delivering big content at NBC News with RavenDB
Delivering big content at NBC News with RavenDBDelivering big content at NBC News with RavenDB
Delivering big content at NBC News with RavenDBJohn Bennett
 

More Related Content

What's hot

From vagrant to production - Mark Eijsermans
From vagrant to production - Mark EijsermansFrom vagrant to production - Mark Eijsermans
From vagrant to production - Mark EijsermansDevopsdays
 
Building Enterprise Grade Front-End Applications with JavaScript Frameworks
Building Enterprise Grade Front-End Applications with JavaScript FrameworksBuilding Enterprise Grade Front-End Applications with JavaScript Frameworks
Building Enterprise Grade Front-End Applications with JavaScript FrameworksFITC
 
ActiveMQ Performance Tuning
ActiveMQ Performance TuningActiveMQ Performance Tuning
ActiveMQ Performance TuningChristian Posta
 
BP-10 Keeping Your Sanity – Rapid Development & Deployment Tools
BP-10 Keeping Your Sanity – Rapid Development & Deployment ToolsBP-10 Keeping Your Sanity – Rapid Development & Deployment Tools
BP-10 Keeping Your Sanity – Rapid Development & Deployment ToolsAlfresco Software
 
Building a smarter application Stack by Tomas Doran from Yelp
Building a smarter application Stack by Tomas Doran from YelpBuilding a smarter application Stack by Tomas Doran from Yelp
Building a smarter application Stack by Tomas Doran from YelpdotCloud
 
SQL Server: Now It's Everywhere You Want to Be
SQL Server: Now It's Everywhere You Want to BeSQL Server: Now It's Everywhere You Want to Be
SQL Server: Now It's Everywhere You Want to BeEd Leighton-Dick
 
The Pivotal Engineering Dojo: Earning Your Black Belt in Cloud Foundry Engine...
The Pivotal Engineering Dojo: Earning Your Black Belt in Cloud Foundry Engine...The Pivotal Engineering Dojo: Earning Your Black Belt in Cloud Foundry Engine...
The Pivotal Engineering Dojo: Earning Your Black Belt in Cloud Foundry Engine...VMware Tanzu
 
Growing an ecosystem on the JVM
Growing an ecosystem on the JVMGrowing an ecosystem on the JVM
Growing an ecosystem on the JVMIulian Dragos
 
Parallel and Asynchronous Programming - ITProDevConnections 2012 (Greek)
Parallel and Asynchronous Programming - ITProDevConnections 2012 (Greek)Parallel and Asynchronous Programming - ITProDevConnections 2012 (Greek)
Parallel and Asynchronous Programming - ITProDevConnections 2012 (Greek)Panagiotis Kanavos
 
IBM Connections Adminblast - Soccnx 12 Edition
IBM Connections Adminblast - Soccnx 12 EditionIBM Connections Adminblast - Soccnx 12 Edition
IBM Connections Adminblast - Soccnx 12 Editionpanagenda
 
DownTheRabbitHole.js – How to Stay Sane in an Insane Ecosystem
DownTheRabbitHole.js – How to Stay Sane in an Insane EcosystemDownTheRabbitHole.js – How to Stay Sane in an Insane Ecosystem
DownTheRabbitHole.js – How to Stay Sane in an Insane EcosystemFITC
 
Velocity - NxtGen Oxford
Velocity - NxtGen OxfordVelocity - NxtGen Oxford
Velocity - NxtGen OxfordPhil Pursglove
 
Improved development workflows using vagrant
Improved development workflows using vagrantImproved development workflows using vagrant
Improved development workflows using vagrantMakis Asimidis
 
Ansible benelux meetup - Amsterdam 27-5-2015
Ansible benelux meetup - Amsterdam 27-5-2015Ansible benelux meetup - Amsterdam 27-5-2015
Ansible benelux meetup - Amsterdam 27-5-2015Pavel Chunyayev
 
Automate IBM Connections Installations and more
Automate IBM Connections Installations and moreAutomate IBM Connections Installations and more
Automate IBM Connections Installations and morepanagenda
 
Data-Center Replication with Apache Accumulo
Data-Center Replication with Apache AccumuloData-Center Replication with Apache Accumulo
Data-Center Replication with Apache AccumuloJosh Elser
 
Scaling High Traffic Web Applications
Scaling High Traffic Web ApplicationsScaling High Traffic Web Applications
Scaling High Traffic Web ApplicationsAchievers Tech
 
Markup languages and warp-speed documentation
Markup languages and warp-speed documentationMarkup languages and warp-speed documentation
Markup languages and warp-speed documentationLois Patterson
 

What's hot (20)

Venkata
VenkataVenkata
Venkata
 
Be faster then rabbits
Be faster then rabbitsBe faster then rabbits
Be faster then rabbits
 
From vagrant to production - Mark Eijsermans
From vagrant to production - Mark EijsermansFrom vagrant to production - Mark Eijsermans
From vagrant to production - Mark Eijsermans
 
Building Enterprise Grade Front-End Applications with JavaScript Frameworks
Building Enterprise Grade Front-End Applications with JavaScript FrameworksBuilding Enterprise Grade Front-End Applications with JavaScript Frameworks
Building Enterprise Grade Front-End Applications with JavaScript Frameworks
 
ActiveMQ Performance Tuning
ActiveMQ Performance TuningActiveMQ Performance Tuning
ActiveMQ Performance Tuning
 
BP-10 Keeping Your Sanity – Rapid Development & Deployment Tools
BP-10 Keeping Your Sanity – Rapid Development & Deployment ToolsBP-10 Keeping Your Sanity – Rapid Development & Deployment Tools
BP-10 Keeping Your Sanity – Rapid Development & Deployment Tools
 
Building a smarter application Stack by Tomas Doran from Yelp
Building a smarter application Stack by Tomas Doran from YelpBuilding a smarter application Stack by Tomas Doran from Yelp
Building a smarter application Stack by Tomas Doran from Yelp
 
SQL Server: Now It's Everywhere You Want to Be
SQL Server: Now It's Everywhere You Want to BeSQL Server: Now It's Everywhere You Want to Be
SQL Server: Now It's Everywhere You Want to Be
 
The Pivotal Engineering Dojo: Earning Your Black Belt in Cloud Foundry Engine...
The Pivotal Engineering Dojo: Earning Your Black Belt in Cloud Foundry Engine...The Pivotal Engineering Dojo: Earning Your Black Belt in Cloud Foundry Engine...
The Pivotal Engineering Dojo: Earning Your Black Belt in Cloud Foundry Engine...
 
Growing an ecosystem on the JVM
Growing an ecosystem on the JVMGrowing an ecosystem on the JVM
Growing an ecosystem on the JVM
 
Parallel and Asynchronous Programming - ITProDevConnections 2012 (Greek)
Parallel and Asynchronous Programming - ITProDevConnections 2012 (Greek)Parallel and Asynchronous Programming - ITProDevConnections 2012 (Greek)
Parallel and Asynchronous Programming - ITProDevConnections 2012 (Greek)
 
IBM Connections Adminblast - Soccnx 12 Edition
IBM Connections Adminblast - Soccnx 12 EditionIBM Connections Adminblast - Soccnx 12 Edition
IBM Connections Adminblast - Soccnx 12 Edition
 
DownTheRabbitHole.js – How to Stay Sane in an Insane Ecosystem
DownTheRabbitHole.js – How to Stay Sane in an Insane EcosystemDownTheRabbitHole.js – How to Stay Sane in an Insane Ecosystem
DownTheRabbitHole.js – How to Stay Sane in an Insane Ecosystem
 
Velocity - NxtGen Oxford
Velocity - NxtGen OxfordVelocity - NxtGen Oxford
Velocity - NxtGen Oxford
 
Improved development workflows using vagrant
Improved development workflows using vagrantImproved development workflows using vagrant
Improved development workflows using vagrant
 
Ansible benelux meetup - Amsterdam 27-5-2015
Ansible benelux meetup - Amsterdam 27-5-2015Ansible benelux meetup - Amsterdam 27-5-2015
Ansible benelux meetup - Amsterdam 27-5-2015
 
Automate IBM Connections Installations and more
Automate IBM Connections Installations and moreAutomate IBM Connections Installations and more
Automate IBM Connections Installations and more
 
Data-Center Replication with Apache Accumulo
Data-Center Replication with Apache AccumuloData-Center Replication with Apache Accumulo
Data-Center Replication with Apache Accumulo
 
Scaling High Traffic Web Applications
Scaling High Traffic Web ApplicationsScaling High Traffic Web Applications
Scaling High Traffic Web Applications
 
Markup languages and warp-speed documentation
Markup languages and warp-speed documentationMarkup languages and warp-speed documentation
Markup languages and warp-speed documentation
 

Similar to Xml interfaces to the popular nessus scanner

Delivering big content at NBC News with RavenDB
Delivering big content at NBC News with RavenDBDelivering big content at NBC News with RavenDB
Delivering big content at NBC News with RavenDBJohn Bennett
 
Service-oriented architecture
Service-oriented architectureService-oriented architecture
Service-oriented architectureShalva Usubov
 
WSO2 Intro Webinar - Simplifying Enterprise Integration with Configurable WS...
WSO2 Intro Webinar - Simplifying Enterprise Integration with Configurable WS...WSO2 Intro Webinar - Simplifying Enterprise Integration with Configurable WS...
WSO2 Intro Webinar - Simplifying Enterprise Integration with Configurable WS...WSO2
 
IBM Connect 2017: Your Data In the Major Leagues: A Practical Guide to REST S...
IBM Connect 2017: Your Data In the Major Leagues: A Practical Guide to REST S...IBM Connect 2017: Your Data In the Major Leagues: A Practical Guide to REST S...
IBM Connect 2017: Your Data In the Major Leagues: A Practical Guide to REST S...Serdar Basegmez
 
Integration in the age of DevOps
Integration in the age of DevOpsIntegration in the age of DevOps
Integration in the age of DevOpsAlbert Wong
 
Top 10 dev ops tools (1)
Top 10 dev ops tools (1)Top 10 dev ops tools (1)
Top 10 dev ops tools (1)yalini97
 
Effective admin and development in iib
Effective admin and development in iibEffective admin and development in iib
Effective admin and development in iibm16k
 
.Net Core 3.0. What’s inside? Павло Голубович
.Net Core 3.0. What’s inside? Павло Голубович.Net Core 3.0. What’s inside? Павло Голубович
.Net Core 3.0. What’s inside? Павло ГолубовичSigma Software
 
Node.js 101 with Rami Sayar
Node.js 101 with Rami SayarNode.js 101 with Rami Sayar
Node.js 101 with Rami SayarFITC
 
Microsoft SQL server 2017 Level 300 technical deck
Microsoft SQL server 2017 Level 300 technical deckMicrosoft SQL server 2017 Level 300 technical deck
Microsoft SQL server 2017 Level 300 technical deckGeorge Walters
 
Introduction to Apache Mesos and DC/OS
Introduction to Apache Mesos and DC/OSIntroduction to Apache Mesos and DC/OS
Introduction to Apache Mesos and DC/OSSteve Wong
 
Ankit Chohan - Java
Ankit Chohan - JavaAnkit Chohan - Java
Ankit Chohan - JavaAnkit Chohan
 
FITC - Node.js 101
FITC - Node.js 101FITC - Node.js 101
FITC - Node.js 101Rami Sayar
 

Similar to Xml interfaces to the popular nessus scanner (20)

Cv fayaz
Cv fayazCv fayaz
Cv fayaz
 
Delivering big content at NBC News with RavenDB
Delivering big content at NBC News with RavenDBDelivering big content at NBC News with RavenDB
Delivering big content at NBC News with RavenDB
 
Service-oriented architecture
Service-oriented architectureService-oriented architecture
Service-oriented architecture
 
WSO2 Intro Webinar - Simplifying Enterprise Integration with Configurable WS...
WSO2 Intro Webinar - Simplifying Enterprise Integration with Configurable WS...WSO2 Intro Webinar - Simplifying Enterprise Integration with Configurable WS...
WSO2 Intro Webinar - Simplifying Enterprise Integration with Configurable WS...
 
IBM Connect 2017: Your Data In the Major Leagues: A Practical Guide to REST S...
IBM Connect 2017: Your Data In the Major Leagues: A Practical Guide to REST S...IBM Connect 2017: Your Data In the Major Leagues: A Practical Guide to REST S...
IBM Connect 2017: Your Data In the Major Leagues: A Practical Guide to REST S...
 
resume
resumeresume
resume
 
Integration in the age of DevOps
Integration in the age of DevOpsIntegration in the age of DevOps
Integration in the age of DevOps
 
Top 10 dev ops tools (1)
Top 10 dev ops tools (1)Top 10 dev ops tools (1)
Top 10 dev ops tools (1)
 
KumarDevOpsEngineer
KumarDevOpsEngineerKumarDevOpsEngineer
KumarDevOpsEngineer
 
shazia resume
shazia resumeshazia resume
shazia resume
 
Effective admin and development in iib
Effective admin and development in iibEffective admin and development in iib
Effective admin and development in iib
 
.Net Core 3.0. What’s inside? Павло Голубович
.Net Core 3.0. What’s inside? Павло Голубович.Net Core 3.0. What’s inside? Павло Голубович
.Net Core 3.0. What’s inside? Павло Голубович
 
Jineesh
JineeshJineesh
Jineesh
 
Node.js 101 with Rami Sayar
Node.js 101 with Rami SayarNode.js 101 with Rami Sayar
Node.js 101 with Rami Sayar
 
From 0 to syncing
From 0 to syncingFrom 0 to syncing
From 0 to syncing
 
Microsoft SQL server 2017 Level 300 technical deck
Microsoft SQL server 2017 Level 300 technical deckMicrosoft SQL server 2017 Level 300 technical deck
Microsoft SQL server 2017 Level 300 technical deck
 
Introduction to Apache Mesos and DC/OS
Introduction to Apache Mesos and DC/OSIntroduction to Apache Mesos and DC/OS
Introduction to Apache Mesos and DC/OS
 
Ankit Chohan - Java
Ankit Chohan - JavaAnkit Chohan - Java
Ankit Chohan - Java
 
Apache Drill (ver. 0.2)
Apache Drill (ver. 0.2)Apache Drill (ver. 0.2)
Apache Drill (ver. 0.2)
 
FITC - Node.js 101
FITC - Node.js 101FITC - Node.js 101
FITC - Node.js 101
 

More from n|u - The Open Security Community

Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...n|u - The Open Security Community
 

More from n|u - The Open Security Community (20)

Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)
 
Osint primer
Osint primerOsint primer
Osint primer
 
SSRF exploit the trust relationship
SSRF exploit the trust relationshipSSRF exploit the trust relationship
SSRF exploit the trust relationship
 
Nmap basics
Nmap basicsNmap basics
Nmap basics
 
Metasploit primary
Metasploit primaryMetasploit primary
Metasploit primary
 
Api security-testing
Api security-testingApi security-testing
Api security-testing
 
Introduction to TLS 1.3
Introduction to TLS 1.3Introduction to TLS 1.3
Introduction to TLS 1.3
 
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
 
Talking About SSRF,CRLF
Talking About SSRF,CRLFTalking About SSRF,CRLF
Talking About SSRF,CRLF
 
Building active directory lab for red teaming
Building active directory lab for red teamingBuilding active directory lab for red teaming
Building active directory lab for red teaming
 
Owning a company through their logs
Owning a company through their logsOwning a company through their logs
Owning a company through their logs
 
Introduction to shodan
Introduction to shodanIntroduction to shodan
Introduction to shodan
 
Cloud security
Cloud security Cloud security
Cloud security
 
Detecting persistence in windows
Detecting persistence in windowsDetecting persistence in windows
Detecting persistence in windows
 
Frida - Objection Tool Usage
Frida - Objection Tool UsageFrida - Objection Tool Usage
Frida - Objection Tool Usage
 
OSQuery - Monitoring System Process
OSQuery - Monitoring System ProcessOSQuery - Monitoring System Process
OSQuery - Monitoring System Process
 
DevSecOps Jenkins Pipeline -Security
DevSecOps Jenkins Pipeline -SecurityDevSecOps Jenkins Pipeline -Security
DevSecOps Jenkins Pipeline -Security
 
Extensible markup language attacks
Extensible markup language attacksExtensible markup language attacks
Extensible markup language attacks
 
Linux for hackers
Linux for hackersLinux for hackers
Linux for hackers
 
Android Pentesting
Android PentestingAndroid Pentesting
Android Pentesting
 

Recently uploaded

ACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdfACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdfSpandanaRallapalli
 
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATIONTHEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATIONHumphrey A Beña
 
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxINTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxHumphrey A Beña
 
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxProudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxthorishapillay1
 
Science 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptxScience 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptxMaryGraceBautista27
 
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...Postal Advocate Inc.
 
Karra SKD Conference Presentation Revised.pptx
Karra SKD Conference Presentation Revised.pptxKarra SKD Conference Presentation Revised.pptx
Karra SKD Conference Presentation Revised.pptxAshokKarra1
 
What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPCeline George
 
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxiammrhaywood
 
Global Lehigh Strategic Initiatives (without descriptions)
Global Lehigh Strategic Initiatives (without descriptions)Global Lehigh Strategic Initiatives (without descriptions)
Global Lehigh Strategic Initiatives (without descriptions)cama23
 
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...JhezDiaz1
 
Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Celine George
 
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdfAMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdfphamnguyenenglishnb
 
Judging the Relevance and worth of ideas part 2.pptx
Judging the Relevance and worth of ideas part 2.pptxJudging the Relevance and worth of ideas part 2.pptx
Judging the Relevance and worth of ideas part 2.pptxSherlyMaeNeri
 
4.16.24 21st Century Movements for Black Lives.pptx
4.16.24 21st Century Movements for Black Lives.pptx4.16.24 21st Century Movements for Black Lives.pptx
4.16.24 21st Century Movements for Black Lives.pptxmary850239
 
How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17Celine George
 
Transaction Management in Database Management System
Transaction Management in Database Management SystemTransaction Management in Database Management System
Transaction Management in Database Management SystemChristalin Nelson
 
Choosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for ParentsChoosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for Parentsnavabharathschool99
 
Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Celine George
 
ENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choomENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choomnelietumpap1
 

Recently uploaded (20)

ACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdfACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdf
 
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATIONTHEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
 
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxINTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
 
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxProudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptx
 
Science 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptxScience 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptx
 
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
 
Karra SKD Conference Presentation Revised.pptx
Karra SKD Conference Presentation Revised.pptxKarra SKD Conference Presentation Revised.pptx
Karra SKD Conference Presentation Revised.pptx
 
What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERP
 
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
 
Global Lehigh Strategic Initiatives (without descriptions)
Global Lehigh Strategic Initiatives (without descriptions)Global Lehigh Strategic Initiatives (without descriptions)
Global Lehigh Strategic Initiatives (without descriptions)
 
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
 
Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17
 
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdfAMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
 
Judging the Relevance and worth of ideas part 2.pptx
Judging the Relevance and worth of ideas part 2.pptxJudging the Relevance and worth of ideas part 2.pptx
Judging the Relevance and worth of ideas part 2.pptx
 
4.16.24 21st Century Movements for Black Lives.pptx
4.16.24 21st Century Movements for Black Lives.pptx4.16.24 21st Century Movements for Black Lives.pptx
4.16.24 21st Century Movements for Black Lives.pptx
 
How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17
 
Transaction Management in Database Management System
Transaction Management in Database Management SystemTransaction Management in Database Management System
Transaction Management in Database Management System
 
Choosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for ParentsChoosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for Parents
 
Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17
 
ENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choomENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choom
 

Xml interfaces to the popular nessus scanner

  • 1. XML Interfaces to the Popular Nessus Scanner Rajesh Deo Network Intelligence India Pvt. Ltd. 29/03/2012 NULL Mumbai Chapter
  • 2. The Venerable Nessus Scanner • A comprehensive vulnerability scanner • Can perform network tests, system audits, patch management, compliance tests such as PCI DSS, SCADA vulnerability audits, and so on… • Proprietary - Tenable Network Security • Started by Renaud Deraison in 1998 to provide to the Internet community with a free remote security scanner similar to SATAN and NetSaint. • Nessus 5.0 was released on Feb 15th, 2012. • http://www.nessus.org/products/nessus
  • 3. Open-source Tools • Perl/Net::Nessus::XMLRPC • Vlatko Košturjak • http://search.cpan.org/~kost/Net-Nessus-XMLRPC- 0.30/lib/Net/Nessus/XMLRPC.pm • Perl 5 License (Artistic 1 & GPL 1) • https://github.com/kost/nessus-xmlrpc-perl • Also develops similar library for Rapid 7’s NeXpose • Ruby/nessus-xmlrpc • http://nessus-xmlrpc.rubyforge.org/ • GPL/BSD, by author of Net::Nessus::XMLRPC • Python/nessus-xmlrpc • http://code.google.com/p/nessusxmlrpc/ • Apache License 2.0 • Kurtis Miller
  • 4. Why do we need these tools? • Automation • Automation • Automation • Custom reporting • Custom reporting • Custom reporting • XML/XSL • XPATH/XQUERY • CLI • http://seclists.org/metasploit/2010/q3/378 • Bridges to awesome software  • By Zate Burg
  • 5. Why are we using Python/nessus- xmlrpc? • I know Python a little bit • Matplotlib for charting/graphs • Numpy/SciPy or Interface to R for numerical computations and statistics. • Not as well developed as Perl/Ruby modules but pretty close • Last upload in Dec. 2010 • There is scope to contribute... • ..and perhaps integrate with different tools
  • 6. Automation: XML-RPC API in Ruby • Write custom scripts, simple one-off tools • Monitor long-running scans • Get reports in XML for parsing and custom reporting. • Large similarity between Perl and Ruby APIs.
  • 7. CLI for shell lovers • Automate with your favorite shell: Bash, Tcsh, Zsh • Grep, sed and awk • With an XML/RPC interface you can tunnel your scan requests to your central Nessus server with professional feed over SSH/HTTPS directly from within python/perl/ruby. • Great for doing external penetration tests.
  • 8. Multiple Targets? • Home Feed limits you to 15 targets only at a time, good enough for development. • XML-RPC interface same between Professional Feed and Home Feed. Multiple targets separated by “,” or “n”
  • 9. Automation with Python Email and xsltproc • Possibilities • Have report emailed to management desktop • Write custom xsl reports, process with xsltproc on Linux. • Import into CMS solutions
  • 10. The XML-RPC Interface for Nessus • Partially documented • http://www.tenable.com/documentation/nessus_XMLRPC_proto col_guide.pdf • An unofficial test.html from Renaud Deraison is here • http://nessus-xmlrpc.rubyforge.org/test.html • An update to XML docs will be available in a week, last post 2 days ago. • https://discussions.nessus.org/message/14693;jsessionid=E2130 C8DA7ACFC58DC1850D9EFE828FE • http://blog.upbeat.fr/tagged/Nessus? • Unofficial documentation on .nessus v2 XML report format • Automation using wget • But please use ruby/perl/python interfaces, far cleaner and you can add custom features.
  • 11. Nessus v2 XML report format Vulnerability • Microsoft Excel is your friend References Host Inventory Is there a Metasploit module for this?
  • 12. Custom Reports: MS Patches With python use lxml, output to csv, xls, sql, html or xml again! Python constructs make it easy to write clean code.
  • 13. Vulnerability Management/Delta Reporting • Seccubus: http://seccubus.com/ • Seccubus automates regular vulnerability scans with Nessus and OpenVAS and provides delta reporting. • Frank Breedijk • Perl/Javascript based. • Need to integrate custom reporting with change management and inventory management etc. • Bridges to proprietary software: SharePoint, MS SQL Server, integration into standard business workflows of IT departments. Both Perl/Python provide modules to generate standard business format documents.
  • 14. Improve the tools • Goals: Integration • Custom reports • Python/XML foo OK. • We are doing one-off scripts right now. • Reporting/Tracking should not be painful • Web-based reports best • Export to PDF • Summarize and drill down interactive capability • Need awesome reporting and charting capability • Ruby/Ruport • J-Query/Ext JS/Node.js • Java/Processing
  • 15. Questions? Please send us your ideas/comments/questions at rajesh.deo@niiconsulting.com Acknowledgements: Tuhin Goswami Our esteemed client where we implemented some of the tools presented. Wasim Halani and K. K. Mookhey for guidance.