Alan's Blog

"Yeah. I wrote a script that will do that."

PowerShell and .Nessus File Revisited

Posted on October 11th, 2014

I previously wrote about processing .Nessus files using Posh-NVS.  I found my needs to be a little different from what that project provides, so I decided to take a crack at my own script for reading .Nessus files.  Unlike Posh-NVS, it has no modules to install and my Convert-Nessus.ps1 adds the host information onto the line with the vulnerability data.  Although it creates a larger file, it is nice to have the IP Address, OS, MAC addresses, and NETBIOS Name in the same line for the file. Update:  Convert-Nessus4.ps1 adds a GUI to select what properties you want in the output.

Script Text

Tags: ,
Filed under PowerShell, Scripting, Security | No Comments »

PowerShell and .Nessus files

Posted on October 1st, 2014

Tenable Nessus is a commonly used scanner in the enterprise.  The native (version 2) .nessus files which it creates are XML files which contain information about the scan settings, plus the data collected about the hosts.  Parsing these files is typically done with a Python script — a Google search yields over 140K results.  Looking for something in PowerShell will lead you to the Posh-NVS module written by Carlos Perez, at http://www.darkoperator.com.

You can get the Posh-NVS module from https://github.com/darkoperator/Posh-NVS.  Download the ZIP and extract it.  Rename the folder to Posh-NVS,  Before you copy or move the Posh-NVS under your modules folder., you should remove all streams from the files in the Posh-NVS folder.  I used the command:
gci -Recurse |  Remove-Item -Stream *

If you fail to do this you may get an “Operation is not supported” error importing the module.

There are many interesting cmdlets in the Posh-NVS module, but I was most interested in reading a .nessus file.  The cmdlet for this is Import-NessusV2Report.  When you use this cmdlet, the result is a hash table which needs to be expanded to be in a format we want.  Import-NessusReport.ps1 is an example script which prompts for a .nessus file and then converts the file and exports as CSV.  It could easily be modified to do a bulk insert into SQL.

I corresponded with Mr. Perez several times trying to get this to work.  I hope this helps spread the word and ease installation.

UPDATE:  I have written my own PowerShell .Nessus file converter which does not require a module.
Script Text

Tags: ,
Filed under PowerShell, Scripting, Security | No Comments »

Please Note

All the scripts are saved as .txt files. Newer files have a "View Script" button which will let you save or open a script in notepad. For earlier posts, the easiest way to download with IE is to right click on the link and use "Save Target As". Rename file from Name_ext.txt to Name.ext.

To see a full post after searching, please click on the title.

PowerShell Scripts were written with Version 3 or 4.

https connections are supported.

All new users accounts must be approved, as are comments. Please be patient. It is pretty easy to figure out my email address from the scripts, and you are welcome to contact me that way.

Site Search

Categories

Archives

SQL Site

Bad Behavior has blocked 169 access attempts in the last 7 days.