Wednesday 10 February 2016
0 comments
00:57:00

AutoNessus: A Script To Communicate With Nessus API



AutoNessus: A Script To Communicate With Nessus API


AutoNessus is a script that communicates only with the Nessus API. The main goal is to help with automating scans. We can easily list all the scans, all policies, start, stop, pause, and resume a scan depending on the flag issued with script. 


For automating the start or pause os scans it help to create a cron job/scheduled task depend on that whether the client is having a desired testing window or not.

It is free to use and we can manipulate or modify its code also.


Dependencies:

It requires python version 2.x and "requests" module to be installed. We can found the installation link here: http://docs.python-requests.org/en/latest/user/install/

Start & Help:

python autoNessus.py
python autoNessus.py -h

It will run the help menu and display a list of options.

Credentials:

This script authenticates to the Nessus server when supplying any other flag than -h. Correct URL and credentials must be placed on lines 52-56 of the script.

Examples:

It List all scans and scan IDs (scan IDs to be used with other flags)
python autoNessus.py -l

If we want Start scan 42
python autoNessus.py -sS 42

If we want Pause scan 42
python autoNessus --pause 42

Notes:

You have to add 'completed' to the list on line 272 if you would like to start an already completed scan. It ensure that scans would not re-run once completed.

Credits:

We thank to Stephen Haywood for writing the example script that some of the functionality for this tool used. The example script can be found here: 

https://github.com/averagesecurityguy/Nessus6/blob/master/nessus6_scan_demo.py

It is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. It is distributed WITHOUT ANY WARRANTY in the hope that it will be useful.

Download

0 comments:

Post a Comment

Note: only a member of this blog may post a comment.

 
Toggle Footer
Top