Home > Nessus > SANS Penetration Testing Blog

SANS Penetration Testing Blog

April 29th, 2014

This is really kool stuff Ed Skoudis and Kevin Fiscus, both SANS instructors, are talking about my parser. I have been working on a new version, I guess this is a sign I need to get working harder:)

Data, Data, Everywhere What to do with Volumes of Nessus Output

Categories: Nessus Tags: , ,
  1. BKJ
    May 2nd, 2014 at 07:07 | #1

    Because it is the best Nessus parser out there. :) I use it all of the time. Keep up the good work and look forward to the new version. Can you give an update what the new version will include? Thanks in advance!

  2. May 2nd, 2014 at 08:28 | #2

    Here is a short list..
    1. Autorun parsing
    2. OWASP Top 10
    3. Detection Plugin Summary

  3. Hal
    June 18th, 2014 at 14:20 | #3

    I have run into a problem with very large(1-2G) nessus files, with the script running out of memory. I realize perl eats whatever memory you have available, but other than getting a system with greater than 8G of memory(what it has now) is there anything that can be done to remedy this problem?
    Right now, anything over 1 Gig dies due to memory issues.

  4. John H
    July 29th, 2014 at 16:18 | #4

    Would there be a way to add a field/report section that could give me the age of the different levels of vulnerabilities?

    I know there’s a patch_publication_date field.

    What would be great to see (for mgmt reporting) would be the percentage of vulnerabilities < 30 days old, 30-60 days old and maybe +90 days. or something along that line.

  5. Liston
    August 10th, 2014 at 16:49 | #5

    First of all great application, I’ve just come across it.

    I have a question, and it may be just a case of me not delving deeply into the reports, but for your Critical, High, Medium and low tabs you have not included the IP address column. From a remediation point of view would you not think it would be beneficial to home in on the most vulnerable items on the network.

  6. djy
    September 23rd, 2014 at 15:49 | #6

    I saw this page while looking for ways to streamline my reporting from Nessus. I tried using the tool installing the dependencies but I keep getting this error.

    ################################################################################
    NESSUS PARSER V0.20
    ################################################################################
    Creating Spreadsheet Data
    Preparing Hosts Data

    Finished Parsing XML Data

    Create General Vulnerability Data
    Creating Policy Compliance Data
    Creating Nessus Report Spreadsheet
    Can’t call method “add_worksheet” on an undefined value at parse_nessus_xml.v20.pl line 1443.

    Anyone have any ideas?

  7. SucKle
    October 1st, 2014 at 11:47 | #7

    Want to add to the praise; I can’t even count how much time this tool has saved me!
    Really appreciate it, simply an excellent effort.

    Where does one go with “bugs”? I’ll be very happy to find out I’ve got user-error-itis if that’s the case.

    I’m passing an explicit file with -f, path enclosed in “”.
    The first part of the script’s logic declares the file valid in format terms, then says “No such file or directory – /path/to/file.nessus at ./parse_nessus_xml.v20.pl line 808”

    Help?

  8. October 20th, 2014 at 19:52 | #8

    This is a limitation in perl itself just running out of memory. I have been able to run on a 1 GB data sets, so try to keep it under 1GB.

  9. October 20th, 2014 at 20:07 | #9

    In parse_nessus_xml.v21.pl, release date 20 Oct 2014, the plugin release dates are part of the columns.

  10. October 20th, 2014 at 20:10 | #10

    IN the new version “parse_nessus_xml.v21.pl” there is a table with this data.

  11. October 20th, 2014 at 20:21 | #11

    Did you ever get this to work?

  12. October 20th, 2014 at 20:25 | #12

    Try without spaces in the name.

Comments are closed.