forked from ozuma/Nessus-XML
-
Notifications
You must be signed in to change notification settings - Fork 0
/
nessus2csv.py
executable file
·46 lines (39 loc) · 1.59 KB
/
nessus2csv.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
#!/usr/bin/python
from sys import argv
import xml.etree.ElementTree as ET
tree = ET.parse(argv[1])
# XML structure:
#
# <NessusClientData_v2>
# <Report name="Win NT 4.0" xmlns:cm="http://www.nessus.org/cm">
# <ReportHost name="myscan">
# ......
# <ReportItem port="139" svc_name="smb" protocol="tcp" severity="4" pluginID="34477" pluginName="MS08-067: Microsoft Windows Server Service Crafted RPC Request Handling Remote Code Execution (958644) (ECLIPSEDWING) (uncredentialed check)" pluginFamily="Windows">
# ......
# <plugin_name>MS08-067: Microsoft Windows Server Service Crafted RPC Request Handling Remote Code Execution (958644) (ECLIPSEDWING) (uncredentialed check)</plugin_name>
# <plugin_publication_date>2008/10/23</plugin_publication_date>
# <plugin_type>local</plugin_type>
# <risk_factor>Critical</risk_factor>
# ......
# <xref>CWE:94</xref>
# </ReportItem>
# <ReportItem port="139" svc_name="smb" protocol="tcp" severity="0" pluginID="106716" pluginName="Microsoft Windows SMB2 Dialects Supported (remote check)" pluginFamily="Windows">
# ......
# </ReportHost>
# </Report>
# </NessusClientData_v2>
for host in tree.findall('Report/ReportHost'):
ipaddr = host.find("HostProperties/tag/[@name='host-ip']").text
for item in host.findall('ReportItem'):
risk_factor = item.find('risk_factor').text
pluginID = item.get('pluginID')
pluginName = item.get('pluginName')
port = item.get('port')
protocol = item.get('protocol')
print(
ipaddr + ',' + \
risk_factor + ',' + \
port + '/' + protocol + ',' + \
pluginID + ',' + \
'"' + pluginName + '"'
)