Last active
December 19, 2020 04:50
-
-
Save 3lpsy/aa498b40f73f468ee14487fc41699ac7 to your computer and use it in GitHub Desktop.
Filter out lower risk vulns in .nessus file
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import sys | |
| import argparse | |
| from pathlib import Path | |
| import lxml.etree as et | |
| def run_filter(file, risks): | |
| if len(sys.argv) < 1: | |
| print("usage: [script].py nessusfile.nessus") | |
| sys.exit(1) | |
| if isinstance(file, str): | |
| file_path = Path(file) | |
| content = file_path.read_text() | |
| else: | |
| content = file.read().decode("utf-8") | |
| file.close() | |
| tree = et.fromstring(content, parser=et.XMLParser(huge_tree=True)) | |
| for bad in tree.xpath("//risk_factor"): | |
| if bad.text.lower() not in risks: | |
| # print("Filtering item") | |
| # remove item from item's parent | |
| bad.getparent().getparent().remove(bad.getparent()) | |
| print(str(et.tostring(tree, pretty_print=True).decode())) | |
| if __name__ == "__main__": | |
| parser = argparse.ArgumentParser() | |
| parser.add_argument( | |
| "-r", | |
| "--risk", | |
| action="append", | |
| help="risks to keep (default: ['critical', 'high','serious'])", | |
| ) | |
| parser.add_argument("file", type=str, help="the .nessus file to parse") | |
| args = parser.parse_args() | |
| file = args.file | |
| risks = args.risk | |
| # can't remember if it's high or serious | |
| if not args.risk: | |
| risks = ["critical", "high", "serious"] | |
| risks = [r.lower() for r in risks] | |
| run_filter(file, risks) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment