Home > Nessus > Nessus Parser V0.10

Nessus Parser V0.10

June 4th, 2011

Nessus Parser v0.10 – This is a program to parse a series of Nessus XMLv2 files into a XLSX file. The data from the XML file is placed into a series of tabs to for easier review and reporting. New features with this edition are better reporting of policy plugin families, user account reporting, summary graphs, and a home page with summary data. For more information and questions please contact Cody Dumont from the NWN STAR team.
Email – cdumont”AT”nwnit.com and cody”AT”melcara.com

The Nessus parser requires some additional modules, they are:
• XML::TreePP;
• Data::Dumper;
• Math::Round;
• Excel::Writer::XLSX;
• Data::Table;
• Excel::Writer::XLSX::Chart;

To use the Nessus Parser simply install Perl and the modules above. Then change directory to the folder where the Nessus XMLv2 data files are stored. The enter the following command “perl parse_nessus_xml.v10.pl .” The “.” means the current directory. The parser looks in the directory passes as the command line argument and searches for XML files. Then parses through each file. Once the data from each file is collected, the parser will put the data into the XLSX file. Once the parser is finished there will be an XLSX file in the same folder passed earlier. Review the file and find the results of your Nessus scan.

I want to give a special thanks to John McNamara , John was instrumental in assisting me in creating the pie charts in this version. John is also the author of the Excel Writer perl modules.

Categories: Nessus Tags: , ,
  1. July 18th, 2011 at 16:16 | #1


    This is a great perl script and I appreciate you publishing it for the world. I did want to point out one thing that I noticed with the output.

    On the “Home Worksheet” in the field “Total High Severity Vulnerability” it seems to count the number of hosts with high severity vulnerabilities and not the total of high vulnerabilities found in the scan. So I may have a host with multiple highs but only one high from that host is counted in that field. Could you please confirm and if confirmed post a fix?



  2. July 18th, 2011 at 22:25 | #2

    You are correct, I will work on a fix for it and post it later this week.

  3. Jeff
    August 19th, 2011 at 08:33 | #3

    Great script! i did notice a small issue im having when i moved from the .8 version, it seems if i try to parse results from a system that is part of a domain the script runs into issues and is not able to complete, does anybody else have this issue?

  4. August 19th, 2011 at 08:47 | #4

    I have a newer version that might correct the issue, that just have not released jet, I will email it to you.

  5. Gabriel
    August 25th, 2011 at 17:04 | #5

    I was able to execute the script succesfully however, when I open the .xslx file is empty.
    The options to save as file in nessus are .nessus or .nessus(v1), I am not able to save the file as xml v2 could be that the problem?.


  6. August 30th, 2011 at 10:52 | #6

    This is usually caused by the XML file not having any data. If you could send me the XML file I could tell you why it seems to fail.

  7. September 16th, 2011 at 15:55 | #7

    I’m running into the same problem Gabriel is where the .xslx file contains no results. I’m certain the .nessus files I’m using contain data, most are around 10MB and I have over 40 files. I’m running nessus 4.4

    From the Nessus documentation here are the export options I have tried with parse_nessus_xml.v10.pl

    .nessus An XML-based format and the de-facto standard in Nessus
    4.2 and later. This format uses an expanded set of XML
    tags to make extracting and parsing information more
    .nessus (v1) An XML-based format used in Nessus 3.2 through 4.0.2,
    compatible with Nessus 4.x and Security Center 3.

  8. John
    October 7th, 2011 at 18:39 | #8

    I have a 53MB .nessus file from Nessus 4.4 and I am getting any data like Gabriel and Chris.
    I like your xlsx format though…

  9. John
    October 7th, 2011 at 18:40 | #9

    sorry – I meant NOT getting any data…

  10. John Snell
    October 13th, 2011 at 12:01 | #10

    v13 worked like a charm – thank you!

  11. bkj
    November 16th, 2011 at 20:53 | #11


    Any chance you can e-mail me v13? I hate the crappy reporting in SecurityCenter 4.

    Thanks in advance!

  12. November 16th, 2011 at 21:03 | #12

    The ver 14 is in the blog, and 15 will be out shortly.

  13. November 16th, 2011 at 21:07 | #13

    Also let me know how the script works with SecurityCenter I have never tested that.

  14. bkj
    November 17th, 2011 at 10:55 | #14


    Thanks for the response. However, I can’t get it to work. I get no data. SecurityCenter only allows NSR and nessus v1 export. I have tried both. I love the layout of the spreadsheet. Nicely done.

  15. November 17th, 2011 at 11:07 | #15

    Yeah my script does not do the Nessus v1. The XML structure is totally different. If you have regular Nessus you can import the v1 and the export the v2. Then run my script.

    The v1 format would require a completely different preprocessing of the data.

  16. bkj
    November 17th, 2011 at 12:25 | #16


    Thanks for the workaround but that is way to much effort for a report. After all, SecurityCenter should really do a better job at reporting.

  17. July 29th, 2013 at 17:05 | #17

    Compiled parse_nessus_xml.v18.pl so it can be portable parse_nessus_xml.v18.pl.exe I had to add PIE to the end because pp PAR::Packer does not include the types use Excel::Writer::XLSX::Chart::Pie;

    Binary :

  18. JoJoAdv
    February 24th, 2015 at 14:04 | #18

    I dont see an option to export data as XML in nessus. Am I missing something?

  19. October 28th, 2015 at 08:37 | #19

    The .nessus format is the XML format.

Comments are closed.