Converts Scanning Experiences To A Tabular Format

Converts Scanning Reports To A Tabular Format


Converts Scanning Reports To A Tabular Format

This software takes a scanning software’s output file, and converts it to a tabular format (CSV, XLSX, or textual content desk). This software can course of output from the next instruments:

  1. Nmap (XML);
  2. Nessus (XML);
  3. Nikto (XML);
  4. Dirble (XML);
  5. Testssl (JSON);
  6. Fortify (FPR).

Rationale

This software can provide a human-readable, tabular format which you’ll be able to tie to any observations you will have drafted in your report. Why? As a result of then your reviewers can inform that you simply, the pentester, investigated all discovered open ports, and checked out all scanning reports.

Dependencies

  1. argparse (dev-python/argparse);
  2. prettytable (dev-python/prettytable);
  3. python (dev-lang/python);
  4. xlsxwriter (dev-python/xlsxwriter).

Install

Using Pip:

pip install --user sr2t

Usage

You can use sr2t in two ways:

$ sr2t --help
usage: sr2t [-h] [--nessus NESSUS [NESSUS ...]] [--nmap NMAP [NMAP ...]]
[--nikto NIKTO [NIKTO ...]] [--dirble DIRBLE [DIRBLE ...]]
[--testssl TESTSSL [TESTSSL ...]]
[--fortify FORTIFY [FORTIFY ...]] [--nmap-state NMAP_STATE]
[--nmap-services] [--no-nessus-autoclassify]
[--nessus-autoclassify-file NESSUS_AUTOCLASSIFY_FILE]
[--nessus-tls-file NESSUS_TLS_FILE]
[--nessus-x509-file NESSUS_X509_FILE]
[--nessus-http-file NESSUS_HTTP_FILE]
[--nessus-smb-file NESSUS_SMB_FILE]
[--nessus-rdp-file NESSUS_RDP_FILE]
[--nessus-ssh-file NESSUS_SSH_FILE]
[--nessus-min-severity NESSUS_MIN_SEVERITY]
[--nessus-plugin-name-width NESSUS_PLUGIN_NAME_WIDTH]
[--nessus-sort-by NESSUS_SORT_BY]
[--nikto-description-width NIKTO_DESCRIPTION_WIDTH]< br/> [--fortify-details] [--annotation-width ANNOTATION_WIDTH]
[-oC OUTPUT_CSV] [-oT OUTPUT_TXT] [-oX OUTPUT_XLSX]
[-oA OUTPUT_ALL]

Converting scanning reports to a tabular format

optional arguments:
-h, --help show this help message and exit
--nmap-state NMAP_STATE
Specify the desired state to filter (e.g.
open|filtered).
--nmap-services Specify to ouput a supplemental list of detected
services.
--no-nessus-autoclassify
Specify to not autoclassify Nessus results.
--nessus-autoclassify-file NESSUS_AUTOCLASSIFY_FILE
Specify to override a custom Nessus autoclassify YAML
file.
--nessus-tls-file NESSUS_TLS_FILE
Specify to override a custom Nessus TLS findings YAML
file.
--nessus-x509-file NESSUS_X509_FILE
Specify to override a custom Nessus X.509 findings
YAML file.
--nessus-http-file NESSUS_HTTP_FILE
Specify to override a custom Nessus HTTP findings YAML
file.
--nessus-smb-file NESSUS_SMB_FILE
Specify to override a custom Nessus SMB findings YAML
file.
--nessus-rdp-file NESSUS_RDP_FILE
Specify to override a custom Nessus RDP findings YAML
file.
--nessus-ssh-file NESSUS_SSH_FILE
Specify to override a custom Nessus SSH findings YAML
file.
--nessus-min-severity NESSUS_MIN_SEVERITY
Specify the minimum severity to output (e.g. 1).
--nessus-plugin-name-width NESSUS_PLUGIN_NAME_WIDTH
Specify the width of the pluginid column (e.g. 30).
--nessus-sort-by NESSUS_SORT_BY
Specify to sort output by ip-address, port, plugin-id,
plugin-name or severity.
--nikto-description-width NIKTO_DESCRIPTION_WIDTH
Specify the width of the description column (e.g. 30).
--fortify-details Specify to include the Fortify abstracts, explanations
and recommendations for each vulnerability.
--annotation-width ANNOTATION_WIDTH
Specify the width of the annotation column (e.g. 30).
-oC OUTPUT_CSV, --output-csv OUTPUT_CSV
Specify the output CSV basename (e.g. output).
-oT OUTPUT_TXT, --output-txt OUTPUT_TXT
Specify the output TXT file (e.g. output.txt).
-oX OUTPUT_XLSX, --output-xlsx OUTPUT_XLSX
Specify the outpu t XLSX file (e.g. output.xlsx). Only
for Nessus at the moment
-oA OUTPUT_ALL, --output-all OUTPUT_ALL
Specify the output basename to output to all formats
(e.g. output).

specify at least one:
--nessus NESSUS [NESSUS ...]
Specify (multiple) Nessus XML files.
--nmap NMAP [NMAP ...]
Specify (multiple) Nmap XML files.
--nikto NIKTO [NIKTO ...]
Specify (multiple) Nikto XML files.
--dirble DIRBLE [DIRBLE ...]
Specify (multiple) Dirble XML files.
--testssl TESTSSL [TESTSSL ...]
Specify (multiple) Testssl JSON files.
--fortify FORTIFY [FORTIFY ...]
Specify (multiple) HP Fortify FPR files.

Example

A few examples

Nessus

To produce an XLSX format:

$ sr2t --nessus example/nessus.nessus --no-nessus-autoclassify -oX example.xlsx

1711197810 631 Converts Scanning Reports To A Tabular Format

1711197810 205 Converts Scanning Reports To A Tabular Format

Converts Scanning Reports To A Tabular Format

1711197811 960 Converts Scanning Reports To A Tabular Format

To provide an textual content tabular format to stdout:

$ sr2t --nessus instance/nessus.nessus
+---------------+-------+-----------+-----------------------------------------------------------------------------+----------+-------------+
| host | port | plugin id | plugin identify | severity | annotations |
+---------------+-------+-----------+-----------------------------------------------------------------------------+----------+-------------+
| 192.168.142.4 | 3389 | 42873 | SSL Medium Power Cipher Suites Supported (SWEET32) | 2 | X |
| 192.168.142.4 | 443 | 42873 | SSL Medium Power Cipher Suites Supported (SWEET32) | 2 | X |
| 192.168.142.4 | 3389 | 18405 | Microsoft Home windows Distant Desktop Protocol Server Man-in-the-Center Weak spot | 2 | X |
| 192.168.142.4 | 3389 | 30218 | Terminal Providers Encryption Degree is not FIPS-140 Compliant | 1 | X |
| 192.168.142.4 | 3389 | 57690 | Terminal Providers Encryption Degree is Medium or Low | 2 | X |
| 192.168.142.4 | 3389 | 58453 | Terminal Providers Does not Use Community Degree Authentication (NLA) Solely | 2 | X |
| 192.168.142.4 | 3389 | 45411 | SSL Certificates with Improper Hostname | 2 | X |
| 192.168.142.4 | 443 | 45411 | SSL Certificates with Improper Hostname | 2 | X |
| 192.168.142.4 | 3389 | 35291 | SSL Certificates Signed Utilizing Weak Hashing Algorithm | 2 | X |
| 192.168.142.4 | 3389 | 57582 | SSL Self-Signed Certificates | 2 | X |
| 192.168.142.4 | 3389 | 51192 | SSL Certificates Can not Be Trusted | 2 | X |
| 192.168.142.2 | 3389 | 42873 | SSL Medium Power Cipher Suites Supported (SWEET32) | 2 | X |
| 192.168.142.2 | 443 | 42873 | SSL Medium Power Cipher Suites Supported (SWEET32) | 2 | X |
| 192.168.142.2 | 3389 | 18405 | Microsoft Home windows Distant Desktop Protocol Server Man-in-the-Center Weak spot | 2 | X |
| 192.168.142.2 | 3389 | 30218 | Terminal Providers Encryption Degree is just not FIPS-140 Compliant | 1 | X |
| 192.168.142.2 | 3389 | 57690 | Terminal Providers Encryption Degree is Medium or Low | 2 | X |
| 192.168.142.2 | 3389 | 58453 | Terminal Providers Does not Use Community Degree Authentication (NLA) Solely | 2 | X |
| 192.168.142.2 | 3389 | 45411 | S SL Certificates with Improper Hostname | 2 | X |
| 192.168.142.2 | 443 | 45411 | SSL Certificates with Improper Hostname | 2 | X |
| 192.168.142.2 | 3389 | 35291 | SSL Certificates Signed Utilizing Weak Hashing Algorithm | 2 | X |
| 192.168.142.2 | 3389 | 57582 | SSL Self-Signed Certificates | 2 | X |
| 192.168.142.2 | 3389 | 51192 | SSL Certificates Can't Be Trusted | 2 | X |
| 192.168.142.2 | 445 | 57608 | SMB Signing not required | 2 | X |
+---------------+-------+-----------+-----------------------------------------------------------------------------+----------+-------------+

Or to output a CSV file:

$ sr2t --nessus instance/nessus.nessus -oC instance
$ cat example_nessus.csv
host,port,plugin id,plugin identify,severity,annotations
192.168.142.4,3389,42873,SSL Medium Power Cipher Suites Supported (SWEET32),2,X
192.168.142.4,443,42873,SSL Medium Power Cipher Suites Supported (SWEET32),2,X
192.168.142.4,3389,18405,Microsoft Home windows Distant Desktop Protocol Server Man-in-the-Center Weak spot,2,X
192.168.142.4,3389,30218,Terminal Providers Encryption Degree is just not FIPS-140 Compliant,1,X
192.168.142.4,3389,57690,Terminal Providers Encryption Degree is Medium or Low,2,X
192.168.142.4,3389,58453,Terminal Providers Does not Use Community Degree Authentication (NLA) Solely,2,X
192.168.142.4,3389,45411,SSL Certificates with Improper Hostname,2,X
192.168.142.4,443,45411,SSL Certificates with Improper Hostname,2,X
192.168.142.4,3389,35291,SSL Certificates Signed Utilizing Weak Hashing Algorithm,2,X
192.168.142.4,3389,57582,SSL Self-Signed Certificates,2,X
192.168.142.4,3389,51192,SSL Certificates Can't Be Trusted,2,X
192.168.142.2,3389,42873,SSL Medium Power Cipher Suites Supported (SWEET32),2,X
192.168.142.2,443,42873,SSL Medium Power Cipher Suites Supported (SWEET32),2,X
192.168.142.2,3389,18405,Microsoft Home windows Distant Desktop Protocol Server Man-in-the-Center Weak spot,2,X
192.168.142.2,3389,30218,Terminal Providers Encryption Degree is just not FIPS-140 Compliant,1,X
192.168.142.2,3389,57690,Terminal Providers Encryption Degree is Medium or Low,2,X
192.168.142.2,3389,58453,Terminal Providers Does not Use Community Degree Authentication (NLA) Solely,2,X
192.168.142.2,3389,45411,SSL Certificates with Improper Hostname,2,X
192.168.142.2,443,45411,SSL Certificates with Improper Hostname,2,X
192.168.142.2,3389,35291,SSL Certificates Signed Utilizing Weak Hashing Algorithm,2,X
192.168.142.2,3389,57582,SSL Self-Signed Certificates,2,X
192.168.142.2,3389,51192,SSL Certificates Can't Be Trusted,2,X
192.168.142.2,44 5,57608,SMB Signing not required,2,X

Nmap

To provide an XLSX format:

$ sr2t --nmap instance/nmap.xml -oX instance.xlsx

1711197811 490 Converts Scanning Reports To A Tabular Format

To provide an textual content tabular format to stdout:

$ sr2t --nmap instance/nmap.xml --nmap-services
Nmap TCP:
+-----------------+----+----+----+-----+-----+-----+-----+------+------+------+
| | 53 | 80 | 88 | 135 | 139 | 389 | 445 | 3389 | 5800 | 5900 |
+-----------------+----+----+----+-----+-----+-----+-----+------+------+------+
| 192.168.23.78 | X | | X | X | X | X | X | X | | |
| 192.168.27.243 | | | | X | X | | X | X | X | X |
| 192.168.99.164 | | | | X | X | | X | X | X | X |
| 192.168.228.211 | | X | | | | | | | | |
| 192.168.171.74 | | | | X | X | | X | X | X | X |
+-----------------+----+----+----+-----+-----+-----+-----+------+------+------+

Nmap Providers:
+-----------------+------+-------+---------------+-------+
| ip tackle | port | proto | service | state |
+--------------- --+------+-------+---------------+-------+
| 192.168.23.78 | 53 | tcp | area | open |
| 192.168.23.78 | 88 | tcp | kerberos-sec | open |
| 192.168.23.78 | 135 | tcp | msrpc | open |
| 192.168.23.78 | 139 | tcp | netbios-ssn | open |
| 192.168.23.78 | 389 | tcp | ldap | open |
| 192.168.23.78 | 445 | tcp | microsoft-ds | open |
| 192.168.23.78 | 3389 | tcp | ms-wbt-server | open |
| 192.168.27.243 | 135 | tcp | msrpc | open |
| 192.168.27.243 | 139 | tcp | netbios-ssn | open |
| 192.168.27.243 | 445 | tcp | microsoft-ds | open |
| 192.168.27.243 | 3389 | tcp | ms-wbt-server | open |
| 192.168.27.243 | 5800 | tcp | vnc-http | open |
| 192.168.27.243 | 5900 | tcp | vnc | open |
| 192.168.99.164 | 135 | tcp | msrpc | open |
| 192.168.99.164 | 139 | tcp | netbios-ssn | open |
| 192 .168.99.164 | 445 | tcp | microsoft-ds | open |
| 192.168.99.164 | 3389 | tcp | ms-wbt-server | open |
| 192.168.99.164 | 5800 | tcp | vnc-http | open |
| 192.168.99.164 | 5900 | tcp | vnc | open |
| 192.168.228.211 | 80 | tcp | http | open |
| 192.168.171.74 | 135 | tcp | msrpc | open |
| 192.168.171.74 | 139 | tcp | netbios-ssn | open |
| 192.168.171.74 | 445 | tcp | microsoft-ds | open |
| 192.168.171.74 | 3389 | tcp | ms-wbt-server | open |
| 192.168.171.74 | 5800 | tcp | vnc-http | open |
| 192.168.171.74 | 5900 | tcp | vnc | open |
+-----------------+------+-------+---------------+-------+

Or to output a CSV file:

$ sr2t --nmap instance/nmap.xml -oC instance
$ cat example_nmap_tcp.csv
ip tackle,53,80,88,135,139,389,445,3389,5800,5900
192.168.23.78,X,,X,X,X,X,X,X,,
192.168.27.243,,,,X,X,,X,X,X,X
192.168.99.164,,,,X,X,,X,X,X,X
192.168.228.211,,X,,,,,,,,
192.168.171.74,,,,X,X,,X,X,X,X

Nikto

To provide an XLSX format:

$ sr2t --nikto instance/nikto.xml -oX instance/nikto.xlsx

1711197811 134 Converts Scanning Reports To A Tabular Format

To provide an textual content tabular format to stdout:

$ sr2t --nikto instance/nikto.xml
+----------------+-----------------+-------------+----------------------------------------------------------------------------------+-------------+
| goal ip | goal hostname | goal port | description | annotations |
+----------------+-----------------+-------------+----------------------------------------------------------------------------------+-------------+
| 192.168.178.10 | 192.168.178.10 | 80 | The anti-clickjacking X-Body-Choices header is just not current. | X |
| 192.168.178.10 | 192.168.178.10 | 80 | The X-XSS-Safety header is just not outlined. This header can trace to the consumer | X |
| | | | agent to guard towards some types of XSS | |
| 192.168.178.10 | 192.168.178.10 | 8 0 | The X-Content material-Sort-Choices header is just not set. This might enable the consumer agent to | X |
| | | | render the content material of the location in a distinct trend to the MIME kind | |
+----------------+-----------------+-------------+----------------------------------------------------------------------------------+-------------+

Or to output a CSV file:

$ sr2t --nikto instance/nikto.xml -oC instance
$ cat example_nikto.csv
goal ip,goal hostname,goal port,description,annotations
192.168.178.10,192.168.178.10,80,The anti-clickjacking X-Body-Choices header is just not current.,X
192.168.178.10,192.168.178.10,80,"The X-XSS-Safety header is just not outlined. This header can trace to the consumer
agent to guard towards some types of XSS",X
192.168.178.10,192.168.178.10,80,"The X-Content material-Sort-Choices header is just not set. This might enable the consumer agent to
render the content material of the location in a distinct trend to the MIME kind",X

Dirble

To provide an XLSX format:

$ sr2t --dirble instance/dirble.xml -oX instance.xlsx

1711197812 609 Converts Scanning Reports To A Tabular Format

To provide an textual content tabular format to stdout:

$ sr2t --dirble instance/dirble.xml
+-----------------------------------+------+-------------+--------------+-------------+---------------------+--------------+-------------+
| url | code | content material len | is listing | is listable | discovered from listable | redirect url | annotations |
+-----------------------------------+------+-------------+--------------+-------------+---------------------+--------------+-------------+
| http://instance.org/flv | 0 | 0 | false | false | false | | X |
| http://instance.org/rent | 0 | 0 | false | false | false | | X |
| http://instance.org/phpSQLiteAdmin | 0 | 0 | false | false | false | | X |
| http://instance.org/print_order | 0 | 0 | false | false | fa lse | | X |
| http://instance.org/putty | 0 | 0 | false | false | false | | X |
| http://instance.org/receipts | 0 | 0 | false | false | false | | X |
+-----------------------------------+------+-------------+--------------+-------------+---------------------+--------------+-------------+

Or to output a CSV file:

$ sr2t --dirble instance/dirble.xml -oC instance
$ cat example_dirble.csv
url,code,content material len,is listing,is listable,discovered from listable,redirect url,annotations
http://instance.org/flv,0,0,false,false,false,,X
http://instance.org/rent,0,0,false,false,false,,X
http://instance.org/phpSQLiteAdmin,0,0,false,false,false,,X
http://instance.org/print_order,0,0,false,false,false,,X
http://instance.org/putty,0,0,false,false,false,,X
http://instance.org/receipts,0,0,false,false,false,,X

Testssl

To provide an XLSX format:

$ sr2t --testssl instance/testssl.json -oX instance.xlsx

1711197812 789 Converts Scanning Reports To A Tabular Format

To provide an textual content tabular format to stdout:

$ sr2t --testssl instance/testssl.json
+-----------------------------------+------+--------+---------+--------+------------+-----+---------+---------+----------+
| ip tackle | port | BREACH | No HSTS | No PFS | No TLSv1.3 | RC4 | TLSv1.0 | TLSv1.1 | Wildcard |
+-----------------------------------+------+--------+---------+--------+------------+-----+---------+---------+----------+
| rc4-md5.badssl.com/104.154.89.105 | 443 | X | X | X | X | X | X | X | X |
+-----------------------------------+------+--------+---------+--------+------------+-----+---------+---------+----------+

Or to output a CSV file:

$ sr2t --testssl instance/testssl.json -oC instance
$ cat example_testssl.csv
ip tackle,port,BREACH,No HSTS,No PFS,No TLSv1.3,RC4,TLSv1.0,TLSv1.1,Wildcard
rc4-md5.badssl.com/104.154.89.105,443,X,X,X,X,X,X,X,X

Fortify

To provide an XLSX format:

$ sr2t --fortify instance/fortify.fpr -oX instance.xlsx

1711197812 21 Converts Scanning Reports To A Tabular Format

To provide an textual content tabular format to stdout:

$ sr2t --fortify instance/fortify.fpr
+--------------------------+-----------------------+-------------------------------+----------+------------+-------------+
| | kind | subtype | severity | confidence | annotations |
+--------------------------+-----------------------+-------------------------------+----------+------------+-------------+
| example1/internet.xml:135:135 | J2EE Misconfiguration | Insecure Transport | 3.0 | 5.0 | X |
| example2/internet.xml:150:150 | J2EE Misconfiguration | Insecure Transport | 3.0 | 5.0 | X |
| example3/internet.xml:109:109 | J2EE Misconfiguration | Incomplete Error Dealing with | 3.0 | 5.0 | X |
| example4/internet.xml:108:108 | J2EE Misconfiguration | Incomplete Error Dealing with | 3.0 | 5.0 | X |
| example5/internet.xml:166:166 | J2EE Misconfiguration | Inse treatment Transport | 3.0 | 5.0 | X |
| example6/internet.xml:2:2 | J2EE Misconfiguration | Extreme Session Timeout | 3.0 | 5.0 | X |
| example7/internet.xml:162:162 | J2EE Misconfiguration | Lacking Authentication Methodology | 3.0 | 5.0 | X |
+--------------------------+-----------------------+-------------------------------+----------+------------+-------------+

Or to output a CSV file:

$ sr2t --fortify instance/fortify.fpr -oC instance
$ cat example_fortify.csv
,kind,subtype,severity,confidence,annotations
example1/internet.xml:135:135,J2EE Misconfiguration,Insecure Transport,3.0,5.0,X
example2/internet.xml:150:150,J2EE Misconfiguration,Insecure Transport,3.0,5.0,X
example3/internet.xml:109:109,J2EE Misconfiguration,Incomplete Error Dealing with,3.0,5.0,X
example4/internet.xml:108:108,J2EE Misconfiguration,Incomplete Error Dealing with,3.0,5.0,X
example5/internet.xml:166:166,J2EE Misconfiguration,Insecure Transport,3.0,5.0,X
example6/internet.xml:2:2,J2EE Misconfiguration,Extreme Session Timeout,3.0,5.0,X
example7/internet.xml:162:162,J2EE Misconfiguration,Lacking Authentication Methodology,3.0,5.0,X
  • WOW: WW4L3VCX11zWgKPX51TRw2RENe8STkbCkh5wTV4GuQnbZ1fKYmPFobZhEfS1G9G3vwjBhzioi3vx8JgBx2xLxe4N1gtJee8Mp



Supply: www.kitploit.com

Total
0
Shares
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments
Previous Post
Malware

Russian Hackers Use ‘WINELOADER’ Malware to Goal German Political Events

Next Post
Pwn2Own Vancouver 2024 Security Researchers Rack Up 113M with 29

Pwn2Own Vancouver 2024: Safety Researchers Rack Up $1.13M with 29 Zero-Day Exploits

Related Posts