Powershell: extracting a comma-separated list of IPs?
I'm dealing with a .csv export from Nessus, where essentially I have a column of Host IPs and a column with Plugin IDs My customer wants an output where, for example, Plugin X would be in a column,...
View ArticleHow to change Policy Scan type using nessus API?
I am following documentation present at https://localhost:8834/api/# fro nessus. I listed policies and created new scan with template uuid as "Host Discovery" uuid fetched from the policies list....
View ArticleCurl and Nessus API (Session Hijacking)
I am currently working with Nessus Automation using API. I prefer to use CURL for the requirement. I see that everytime to get data from Nessus, I need to use token (session id). If I send this token...
View ArticleHow can i send nessus log over syslog?
I've been ask to send the logs from a Nessus scanner remotely on a syslog server, But I can't find a way to bind it to syslog. Is there a way to do it ?
View ArticleUnable to automate scan with Nessus 7 professional
I am evaluating the product Nessus 7 to perform vulnerability scans on the systems in my network.I am able to perform the scans successfully, but I am unable to automate it with a python Nessrest...
View ArticleHow can I use nessrest api (python) to export nessus scan reports in xml?
I am trying to automate the running of and downloading nessus scans using python. I have been using the nessrest api for python, and am able to successfully run a scan, but am not being successfully...
View ArticleLinq XML Xelement with Namespace Returns Null
I am parsing an .nessus file generated from an offline config file audit. I've set up a Linq for the ReportItem node and verified the namespace works, but when I try to get the cm:compliance-solution...
View ArticleAnsible win_package stuck forever
I am using win_package module for installing "Nessus" in Windows 2016 server. But whenever I execute it, it hangs forever without response. Even after waiting for an hour, there is no response. I have...
View ArticleHow can get the reproduce/test procedure for the vulnerabilities reported by...
My NESSUS scanning gives report that there are vulnerabilities in my host, such as: > Vulnerabilities by PluginExpand All | Collapse All > **11801 (1) - HTTP Method Remote Format String-** >...
View ArticleIs there a way to get the MS KB associated with a [Tenable] Nessus plugin ID?
I have a large CSV file containing a list of Nessus plugin ID's. I'd like to know if there's an API you can call (via Powershell maybe?) that can tell if the plugin is associated with an MS KB, and if...
View ArticleNessus File upload REST API
I'm trying to upload an exported scan (.nessus) file to a Nessus Community Edition server using python and the Nessus REST API (func POST /file/upload) however I keep getting the response null like...
View ArticleGet specific element data from xml
I am trying to parse a nessus xml report and am trying to get the specific description and plugin_output but can't seem to get it for some reason I have the following xml data: <ReportHost...
View ArticleHow to obtain different report formats using nessus command line?
I have written a script to run a nessus scan.However the output that I get from the scan is in XML format. I would like to experiment with different output formats preferably HTML or CSV. I run the...
View ArticleHow to read JSON (in mentioned format)?
I have to parse and get the 'id' field value alone (i.e 13 in this case) from the below JSON response. My JSON response will be in the below format. This is get policies nessus call {'policies':...
View ArticleHow to login to a webpage in Nessus and perform a SecTest?
I am trying to test a webpage using Nessus. I have tested all the stuff about the Server. But now I want to proceed by login to the webpage and test all possible pages behind the login form. But I...
View ArticleChef Nessus Agent Install
I am trying to write a cookbook to download and install Nessus Agent found here: https://www.tenable.com/downloads/nessus-agents But am having trouble due to an explicit download url not being...
View Articlepython tenable_io export to CSV class call
may this question is answerd fast from you, but i am new to Python and having some struggle. i want to call a function or a class in python. i have the following example from here:...
View ArticleShould we consider info level issues reported by nessus as vulnerabilities
While running a nessus scan it reported few issues with severity as "info". Should we consider these as security vulnerabilities against that product/module. Nessus documentation is not very clear on...
View ArticleHow to fix IP address revelation found by Nessus scanning
Did a Nessus scan and found the below vulnerability Nessus was able to exploit the issue using the following request : GET / HTTP/1.0 Accept-Charset: iso-8859-1,utf-8;q=0.9,*;q=0.1 Accept-Language: en...
View ArticleOpenVAS: CLI Vulnerability Scanning [CentOS]
I have been trying to figure out how I can execute tasks from the command line with OpenVAS (without any interactions with their web gui) I've tried running this command: omp --port=9392...
View Article