Skip to content
/ nessrest Public
forked from xorrbit/nessrest

A python library for using the new Nessus REST API.

License

Notifications You must be signed in to change notification settings

cfzlp/nessrest

This branch is 65 commits ahead of xorrbit/nessrest:master.

Folders and files

NameName
Last commit message
Last commit date

Latest commit

author
Scott Walsh
Jun 15, 2016
2d0b171 · Jun 15, 2016
Jun 15, 2016
May 20, 2016
Feb 22, 2016
Dec 17, 2014
Feb 3, 2015
Dec 4, 2014
Sep 11, 2015
Feb 18, 2015
Dec 30, 2014
Dec 4, 2014
Feb 3, 2015

Repository files navigation

ness6rest.py - a REST interface to Nessus 6

Build Status PyPI Version

Dependencies:

  • Nessus 6.4.x
  • Python 2.7+ or 3.3+
  • requests module (install via pip)
  • The dependencies can be satisfied via pip install -r requirements.txt

Quick Install

pip install nessrest

Features:

  • Logins

    scan = ness6rest.Scanner(url="https://nessusscanner:8834", login="username", password="password")
    
    creds = [credentials.WindowsPassword(username="administrator", password="foobar"),
             credentials.WindowsPassword(username="administrator", password="barfoo"),
             credentials.SshPassword(username="nessususer", password="foobar")]
    
    scan.policy_add_creds(credentials=creds)
  • Build policies

    scan.upload(upload_file="file.audit")
    scan._policy_add_audit(category="Windows", filename="file.audit")
    scan.policy_add(name="Scripted Scan", plugins="21156")
  • Launch scans

    scan.scan_add(targets="192.168.0.1")
    scan.scan_run()
  • Parse scan results

    scan.scan_results()
  • Download KB for target

    kbs = scan.download_kbs()
    
    for hostname in kbs.keys():
        f = open(hostname, "w")
        f.write(kbs[hostname])
        f.close()
  • Output for ticketing/wiki format

Feature Requests:

  • Deleting of scan/schedule/policy
  • Ability to change "tag" from CLI via config/CLI arg
  • Enforce supported versions of Nessus

Notes:

  • Proxies are not supported, although transparent proxies should work... transparently

nessrest - an example client

Dependencies:

  • argparse module (install via pip)

Suggested installation:

  • Find the path to your "site-packages" with: python -c "import sys; print(sys.path)"
  • Symlink ness6rest.py in the Git repo in the "site-packages" or "dist-packages" directory.
  • Test by issuing import ness6rest inside the Python interactive interpreter.

Specifying a ca_bundle

If you are using a corporate or self-signed SSL certificate, you can specify the path to a ca_bundle to use for verification by passing it to the Scanner initializer:

scan = ness6rest.Scanner(url="https://nessusscanner:8834", login="username", password="password", ca_bundle="/path/to/ca_bundle.pem")

If you are using the ness_rest client, you can pass this path on the command line using the --ca_bundle option.

Self-signed certificates

If you're running Nessus with a self-signed certificate, and you wish to disable SSL certificate checking, you can pass insecure=True to the Scanner initializer:

scan = ness6rest.Scanner(url="https://nessusscanner:8834", login="username", password="password", insecure=True)

If you're using the nessrest example client, it has an --insecure option that will do this.

Note that this will disable invalid SSL cerficate errors and should be used with caution.

Configuration file:

  • Copy ness_rest.conf.example to ness_rest.conf and configure for your scanner.
  • There are several valid paths for the location of the config file(in order):
  • The path passed from the CLI with --config
  • A permanent config file is searched for in the following locations:
    • $HOME/.ness_rest.conf
    • $HOME/.ness_rest/ness_rest.conf
    • /etc/ness_rest.conf
    • /etc/ness_rest/ness_rest.conf
    • $PWD/ness_rest.conf

Building modules:

  • To build a package to install via pip or easy_install, execute:
    • python setup.py sdist
  • The resulting build will be in $PWD/dist/nessrest-<version>.tar.gz

About

A python library for using the new Nessus REST API.

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • Python 100.0%