I previously wrote about processing .Nessus files using Posh-NVS. I found my needs to be a little different from what that project provides, so I decided to take a crack at my own script for reading .Nessus files. Unlike Posh-NVS, it has no modules to install and my Convert-Nessus.ps1 adds the host information onto the line with the vulnerability data. Although it creates a larger file, it is nice to have the IP Address, OS, MAC addresses, and NETBIOS Name in the same line for the file. Update: Convert-Nessus4.ps1 adds a GUI to select what properties you want in the output.Script Text
Posts Tagged ‘Nessus’
Tenable Nessus is a commonly used scanner in the enterprise. The native (version 2) .nessus files which it creates are XML files which contain information about the scan settings, plus the data collected about the hosts. Parsing these files is typically done with a Python script — a Google search yields over 140K results. Looking for something in PowerShell will lead you to the Posh-NVS module written by Carlos Perez, at http://www.darkoperator.com.
You can get the Posh-NVS module from https://github.com/darkoperator/Posh-NVS. Download the ZIP and extract it. Rename the folder to Posh-NVS, Before you copy or move the Posh-NVS under your modules folder., you should remove all streams from the files in the Posh-NVS folder. I used the command:
gci -Recurse | Remove-Item -Stream *
If you fail to do this you may get an “Operation is not supported” error importing the module.
There are many interesting cmdlets in the Posh-NVS module, but I was most interested in reading a .nessus file. The cmdlet for this is Import-NessusV2Report. When you use this cmdlet, the result is a hash table which needs to be expanded to be in a format we want. Import-NessusReport.ps1 is an example script which prompts for a .nessus file and then converts the file and exports as CSV. It could easily be modified to do a bulk insert into SQL.
I corresponded with Mr. Perez several times trying to get this to work. I hope this helps spread the word and ease installation.