Network Configuration Builders

Here is a useful script I created a few months ago that a few people have asked for. This is PERL, yes a Perl Script, that using the SecurityCenter API to maps IP,DNS Name,OS CPE,OS,NetBIOS Name, and MAC Address through a few different tools found in SecurityCenter.

The script preforms the following tasks:
Collect a list IP’s using the IP Summary tool.
Collect the OS Details from plugin 11936.
Maps the IP Summary and OS Details together.
For the IP’s that don’t have match for the 11936, we try other methods including the lists tool.
The output is a CSV file that looks like this:

To run the script you need to install Perl and the following modules:
sudo cpan install JSON
sudo cpan install URI::Escape
sudo cpan install LWP::UserAgent
sudo cpan install HTTP::Cookies
sudo cpan install Data::Dump
sudo cpan install XML::Hash::XS
sudo cpan install MIME::Base64

Attached is a zip file with a sample output and the perl script.
host_dns_os_api.zip

I am sorry for the long wait, Tenable has kept me really busy.

These are the new features with version 21

1. Created new tab for Plugin 71246 LOCAL GROUP Membership
2. Fixed a few misc spelling issues.
3. Added the date fields to each of the severity tabs.
4. Added a 2 new tabs for the plugin 70329 – MS Process info
5. Added Vulnerability to IP Summary Tab, lists all the IP for each vuln and the severity.
6. Added Solution and Synopsis to severity tabs.
7. Fixed issue with User account formatting changes.
8. Updated Audit file processing, also created code to dynamically add new audit types.
9. Fixed a bug in the host configuration table for password policies

parse_nessus_xml.v21.pl

This is really kool stuff Ed Skoudis and Kevin Fiscus, both SANS instructors, are talking about my parser. I have been working on a new version, I guess this is a sign I need to get working harder:)

Data, Data, Everywhere What to do with Volumes of Nessus Output