spyr0-sec / helper-scripts Goto Github PK
View Code? Open in Web Editor NEWRepo of some helper scripts to try and make lives easier
License: GNU General Public License v3.0
Repo of some helper scripts to try and make lives easier
License: GNU General Public License v3.0
I saw this the other day https://github.com/sdcampbell/Nessusploitable
@lapolis not sure when I will get time to add this so you might want to take a look?
Hi,
I'm trying your helper script on a .nessus XML file from Nessus Professional 10.0.2.
This is what I get:
Traceback (most recent call last): File "/tmp/NEFFUF/nessusToExcel.py", line 1348, in <module> extractAll() File "/tmp/NEFFUF/nessusToExcel.py", line 38, in extractAll extractHosts() File "/tmp/NEFFUF/nessusToExcel.py", line 73, in extractHosts report_host_os = nfr.host.detected_os(report_host) File "/usr/local/lib/python3.10/dist-packages/nessus_file_reader/host/host.py", line 119, in detected_os if """ in operating_system: TypeError: argument of type 'NoneType' is not iterable
The issue seems to be in the "hosts" module.
Thank you!
I might be onto something :D
Implemented Pandas and filtering only in extractInstalledSoftware(). I used pandas to quickly eliminate doubles and group the rows when ['IP Address', 'Installed Version', 'Path'] are the same. The other parameters are aggregated in different ways:
'Hostname': # Keep the first non-empty
'Severity': # Keep the highest severity
'Issue': # Keep unique if not None
'Exploit': # Logic OR
'CVE': # Join with \n if not None
'Latest Version': # Keep unique if not None
'End of Support Date': # Keep unique if not None
My plan is to use pandas for everything else so we can filter etc and eventually deprecate the functions marked with #TODO.
Also, I thought that maybe some use cases requires the "raw" output as before so I added --noclean.
Small bonus point:
From this:
DEBUG - Completed Outdated Software. 493 rows took 29.5578 seconds
To this:
DEBUG - Completed Outdated Software. 195 rows took 12.6558 seconds
Now that it's all converted, it takes almost 3 times longer :D I guess we can call it a small side effect.
Commit Here
If you try my fork it will probably crash if you use any module other than extractInstalledSoftware because I started to swap the 'N.A' with None already. Also, still need a bit more testing to find all the usual weirdness but I got couple of heavy .nessus files asking for it.
I will keep converting all in the next few days. What do you think?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.