The Continuous-Infra-Scanner system enhances infrastructure security by leveraging NMAP to conduct thorough security assessments, offering both graphical visualizations and tabular reports that detail open ports, IP addresses, and potential vulnerabilities. These visual insights and structured data empower security teams to quickly identify and prioritize critical areas of concern.
In addition to NMAP scanning, the system integrates seamlessly with Nessus Professional, further strengthening vulnerability management by adding in-depth analysis and actionable insights into security posture. This dual integration ensures a comprehensive approach to threat detection, enabling organizations to efficiently address vulnerabilities across their infrastructure.
A key feature of Continuous-Infra-Scanner is its comprehensive logging capability. The system meticulously records all events and alerts, providing a valuable resource for incident response and historical analysis. This enables security teams to review past issues, track patterns over time, and maintain a robust audit trail, which is essential for effective monitoring and continuous improvement in security practices.
For a step-by-step walkthrough of the setup, configuration, and usage of this project, please refer to the demonstration video. https://youtu.be/DqtDd37b6xw
- Automated infrastructure scanning using Nessus
- Data storage in MongoDB for scan results
- Basic authentication for secure access to the console
- Configurable webhook notifications
Follow these instructions to set up, configure, and run the Continuous-Infra-Scanner project using Docker Compose.
- Docker installed on your machine
- Docker Compose installed
- A Nessus account and report scan ID for your infrastructure scans
- Webhook URL for notifications (Google Chat, Slack, Telegram, etc.)
Clone this repository to your local machine:
git clone https://github.com/hacker50120/Continuous-Infra-Scanner.git
cd Continuous-Infra-ScannerIn the root directory of the project, create a .env file to configure environment variables for the application.
Here’s a template for the .env file:
# Basic Authentication Credentials for Console Access
CONSOLE_USERNAME=admin
CONSOLE_PASSWORD=StrongPassword@123 # Change to a secure password of your choice
# MongoDB Credentials
MONGO_INITDB_ROOT_USERNAME=MongoDBUser
MONGO_INITDB_ROOT_PASSWORD=MongoDBPassword
MONGO_URI=mongodb://MongoDBUser:MongoDBPassword@mongodb:27017/mydatabase?authSource=admin
# Nessus Credentials
NESSUS_HOSTNAME=nessus.com
NESSUS_USERNAME=nessus_username
NESSUS_PASSWORD=nessus_password
REPORT_NUMBER_ID=<Nessus Report ID> # Replace with your actual Nessus report ID
# Webhook URL for Notifications
WEBHOOK_URL=https://chat.googleapis.com/v1/spaces/<token>
CONSOLE_USERNAMEandCONSOLE_PASSWORD: Basic authentication credentials for accessing the scanner console. Set a strong password.MONGO_INITDB_ROOT_USERNAME,MONGO_INITDB_ROOT_PASSWORD, andMONGO_URI: MongoDB credentials and connection URI for storing scan results.NESSUS_HOSTNAME,NESSUS_USERNAME, andNESSUS_PASSWORD: Nessus credentials to authenticate with your Nessus account.REPORT_NUMBER_ID: The unique ID of the Nessus scan report. You can find it in the report URL:https://nessus.com/#/scans/reports/<ID>/hosts.WEBHOOK_URL: URL for the notification webhook. The default example is for Google Chat, but you can customize it for other platforms.
Run Docker Compose to build and start the project in detached mode:
docker-compose up -d
This command builds the Continuous-Infra-Scanner image and starts both MongoDB and the scanner app.
After launching, you can access the scanner console in your web browser:
- URL:
http://localhost:8180 - Username:
admin(or the value ofCONSOLE_USERNAMEin your .env file) - Password: The value of
CONSOLE_PASSWORDin your.envfile
By default, the project is set up to send notifications through Google Chat. To use a different platform like Slack or Telegram, update the WEBHOOK_URL in your .env file and modify the webhook formatting in the code to match the target platform’s API.
Example Webhook URLs
- Google Chat:
https://chat.googleapis.com/v1/spaces/<token> - Slack:
https://hooks.slack.com/services/<token> - Telegram: Set up a bot using the Telegram Bot API and get the webhook URL.
To configure REPORT_NUMBER_ID:
Log into Nessus and navigate to your scan reports.
Locate the report ID in the URL of the scan report, such as https://nessus.com/#/scans/reports/123344/hosts, where 123344 is the report ID.
Set REPORT_NUMBER_ID to this ID in your .env file.
Common Issues
- Authentication Errors: Verify that your
NESSUS_USERNAME,NESSUS_PASSWORD,CONSOLE_USERNAME, andCONSOLE_PASSWORDare correctly set in the.envfile. - MongoDB Connection: Ensure the
MONGO_URImatches the credentials provided forMONGO_INITDB_ROOT_USERNAMEandMONGO_INITDB_ROOT_PASSWORD. - Webhook Notifications Not Sent: Check the format of the
WEBHOOK_URLand ensure it matches the format required by your notification platform (e.g., Google Chat, Slack).
Resetting the Project To reset the containers and volumes, run:
docker-compose down -v
docker-compose up -d
Feel free to fork this repository, make improvements, and submit pull requests. Contributions are welcome!
This project is licensed under the MIT License. See the LICENSE file for details.
This Markdown file includes all the necessary setup, configuration, and troubleshooting information and is formatted to be easily readable in GitHub’s Markdown viewer. You can replace `<link to demonstration video>` with the actual video link when it’s available.