Nessus Pro is a great vulnerability scanner but analysing results quickly becomes unwieldy once you have more than a couple of scheduled scans or a large scan space. So I wrote a tool to export Nessus results using the API into a relational database.
For those unfamiliar with SQL, I've included some stored procedures that you might find useful. The one I use the most is get_folder_results, this stored procedure will pull all vulnerabilities for a given folder. Currently, the stored procedure takes 3 parameters:
- folder_id, which folder you want to aggregate results from.
- plugin_id, if you want to filter results for a specific plugin_id you can specify a id, otherwise leave as NULL.
- offset, an offset of 0 will pull the most recent scan run results for each scan in the folder, an offset of 1 will pull the second most recent scan run for each scan in the folder.
Usage Example - get_folder_results: I want to find out all occurrences of SSL Self-Signed Certificates in the Internal folder across all the scans.
The URL bar shows the folder_id that we can use in the stored procedure when we click on the folder we are interested in.
By drilling down to the vulnerability in any of the scans we can find the plugin_id.
Finally, since I'm only interested in the most recent scan results, offset can be set to 0.
Calling the stored procedure with these arguments gives us the following results in my home network. These results can be copy pasted into reports, emails or wherever else you might need them.
Usage Example - get_folder_stats: Show me trending stats for scans in a given folder.
Calling this stored procedure on the same folder with an offset of 0 will give you stats for the most recent set of scans.
If you increment the offset you can build trending stats pretty quickly this way. This is a useful function to embed into some report generation front end.