VENEv = Volker's & Enno's Nessus Evaluation
The Nessus security scanner by Tenable is a valuable tool for security consultants performing network audits. Unfortunately it does lack a quick overview over the vulnerabilities (supposedly) found.
This tool will extract such a re-sortable overview as CSV table from a Nessus export.
Requirements
- Perl
- Nessus .NESSUS file of version 4.2 or newer
- a (Unix) shell
Usage
...see the README file.
Evaluation
Each finding will be documented twice in the CSV table.
First you will find each single finding for each single IP with a count number of -9999 (versions 9.x and older: 0 = zero). After all single findings are listed, all findings are listed again summed up per finding.
Thus you get a table similar to this (abridged) one:
Count Title IP(s)
-9999 Finding-AAA 10.1.1.2
-9999 Finding-AAA 10.1.1.3
-9999 Finding-AAA 10.1.1.4
-9999 Finding-B 10.1.1.4
-9999 Finding-CCCCC 10.1.1.4
-9999 Finding-AAA 10.1.1.5
-9999 Finding-CCCCC 10.1.1.5
4 Finding-AAA 10.1.1.2, 10.1.1.3, 10.1.1.4, 10.1.1.5,
1 Finding-B 10.1.1.4,
2 Finding-CCCCC 10.1.1.4, 10.1.1.5,
The "-9999" rows are ideal for GREPping out single hosts or findings, while the summary lines are ideal for a fast overview, for example:
- Import the CSV into your spreadsheet
- Sort by CVSS (this is the severity value set by Nessus)
- Set filter: only show rows with count > 0
- Done.
Beware: Nessus results (and thus the ones of this tool) are a to be taken with a serious grain of salt. Don't trust them blindly but verify. Nessus is "only" a tool, a useful one, but not always a reliable one. Use Nessus (like NMAP or other scanners) for the brainless grunt work and start working.
If you need a security consultant to check your network, systems or architecture, or to help you with a security problem/incident or (a better approach) check your security architecture and risks, simply contact me.
;-)
Downloads
- venev.tar.gz
- README - included with the web archive above
License
For details on licensing and support please see there.
This software is published under a 3-clause BSD License, an open source license.