asterisklabs / prenus Goto Github PK

View Code? Open in Web Editor NEW

19.0 19.0 11.0 217 KB

Prenus - The Pretty Nessus .. thing

Home Page: http://asterisklabs.github.io/

License: MIT License

Ruby 23.29% CSS 2.12% JavaScript 74.59%

prenus's People

Contributors

Stargazers

Watchers

Forkers

yowie l3thal nanomebia ai8rahim omnifocal nazicc mreetyunjaya isabella232 peter-h-ncc kronicd noraj

prenus's Issues

Pie chart labels are sometimes being cropped

Hosts with no vulnerabilities

If there are hosts in the "All Hosts" table that don't have any vulnerabilities, do we even need to make them clickable? Since the resulting host_*.html file is empty.

Round pie chart percentages down to less decimal places

Consuming Qualys scan results

Can you please extend prenus to consume Qualys scan exports.

Don't bundle code with own version of ruby-nessus gem

Currently, the ruby-nessus gem doesn't have the ability to extract critical findings. I've had a push merged into the code-base, but, unsure if the actual gem has been updated.

As soon as that gem is published, I can update this gem to remove the internal copy - and just include the dep in the gemspec.

This will reduce the code slightly.

Pie chart labels for zero percentages

If a pie chart has zero for some severities, can we leave the zero value labels off?

Logo / branding for HTML files

Could you add a command line switch that takes an image file argument to add a logo to the top of each HTML file? It would be cool to brand the output.

Ability to markup and / or close findings

You know what would be sweet? If users could add comments to findings, mark findings as "closed" or "false positive", make minor corrections to the findings (inserting a missing hostname, correcting an OS guess).
And, for these markups to be reflected through the HTML files.

Replace "vulns" with "vulnerabilities"

s/Vulns/Vulnerabilities/g
Makes the output more professional

Pie chart sizing?

Firstly, thank you for this project! What a God-send!

Not being a prgrammer, how can I adjust the sizing of the charts in the Top 20? I have a huge scan that when the charts are populated seems to not show all of the legends properly. See the screenshot:

Also, is there any way to produce just the Top 20 (or Top 'X') hosts on its own without the host details/tables?

Thanks again!!

Better handling of null output for vulnerability detailed output

Vulnerabilities that display their detailed output as 'no output recorded' in Nessus have 'false' printed in the prenus output. Please fix to be less ambiguous.

Fails on large input files

$ ls -alFh
total 9896000
drwxr-xr-x   3 peter  staff    96B 31 Aug 09:07 ./
drwxr-xr-x+ 21 peter  staff   672B 31 Aug 09:10 ../
-rw-rw-rw-@  1 peter  staff   4.7G 31 Aug 09:00 a.nessus

$ prenus -o s0-r7 a.nessus -s0
/Users/peter/hax_shared/tools/prenus/lib/gemcache/ruby-nessus/ruby-nessus/parse.rb:17:in `read': Invalid argument @ io_fread - a.nessus (Errno::EINVAL)
	from lib/gemcache/ruby-nessus/ruby-nessus/parse.rb:17:in `initialize'
	from lib/input/nessusin.rb:37:in `new'
	from lib/input/nessusin.rb:37:in `block in import_nessus_files'
	from lib/input/nessusin.rb:35:in `each'
	from lib/input/nessusin.rb:35:in `import_nessus_files'
	from bin/prenus:160:in `<main>'

Row shading for vulnerability tables

For the vulnerability tables (in the per host HTML files), can the rows of the tables be alternating grey / off-white like the "All Hosts" table in index.html? This will make it clearer on which text belongs to which vulnerability ID.

Also, maybe consider aligning the text vertically at the top of the cells instead of vertically centred? If the rows are coloured, maybe this isn't so much of an issue. I just found in some reports it can be difficult to tell which vulnerability some of the descriptions belong to.