A tool to convert OpenVAS XML into reports.
Project description
OpenVAS Reporting:
A tool to convert OpenVAS XML into reports.
Read the full documentation at https://openvas-reporting.stijncrevits.be
I forked OpenVAS2Report since it didn't manage to convert all reports I threw at it
and because I wanted to learn how to use Python for working with XML and creating Excel files.
Also, OpenVAS mixes their own threat levels with the CVSS scoring, the latter of which I prefer to use in my reports.
Looking for a fix and providing an actual fix through a pull request would have been too much work,
so I chose to fork the repo and try my own thing.
I reorganised some of the files, removed some functionality and added some extra, and rewrote some functions.
At this moment in time, the script only output .xlsx documents in one format, this may (not) change in the future.
Requirements
- Python version 3
- XlsxWriter
Installation
# install requirements
apt(-get) install python3 python3-pip # Debian, Ubuntu
yum -y install python3 python3-pip # CentOS
dnf install python3 python3-pip # Fedora
pip3 install -r requirements.txt
# clone repo
git clone git@github.com:TheGroundZero/openvas_to_report.git
Usage
python3 -m openvasreporting -i [OpenVAS xml file(s)] -o [Report output file.xlsx] [-l [minimal threat level (n, l, m, h, c)]]
Create Excel report from 1 OpenVAS XML report using default settings
python3 -m openvasreporting -i openvasreport.xml -o excelreport.xlsx
Create Excel report from multiple OpenVAS reports using default settings
# wildcard select
python3 -m openvasreporting -i *.xml -o excelreport.xlsx
# selective
python3 -m openvasreporting -i openvasreport1.xml -i openvasreport2.xml -o excelreport.xlsx
Create Excel report from multiple OpenVAS reports, reporting only threat level high and up
python3 -m openvasreporting -i *.xml -o excelreport.xlsx -l h
Result
The final report will then look something like this:
Worksheets are sorted according to CVSS score and are colored according to the vulnerability level.
Ideas
Some of the ideas I still have for future functionality:
- list vulnerabilities per host
- make pip installer
- filter by host (scope/exclude) as in OpenVAS2Report
- export to other formats (CSV, Word, PDF)
- select threat levels individually (e.g. none and low; but not med, high and crit)
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file OpenVAS Reporting-1.2.1.tar.gz.
File metadata
- Download URL: OpenVAS Reporting-1.2.1.tar.gz
- Upload date:
- Size: 4.6 MB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/1.11.0 pkginfo/1.4.2 requests/2.18.4 setuptools/40.2.0 requests-toolbelt/0.8.0 tqdm/4.25.0 CPython/2.7.15+
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
f21049057b51bd87292c17a4127bf148d21a75595b67ae6b0b00e445d607b263
|
|
| MD5 |
2dabe6230966967502360f10c9593bea
|
|
| BLAKE2b-256 |
716cb81520bd4362ee6f6e657b67cb398cce7c3ce10632c207a1ef863e158106
|
File details
Details for the file OpenVAS_Reporting-1.2.1-py3-none-any.whl.
File metadata
- Download URL: OpenVAS_Reporting-1.2.1-py3-none-any.whl
- Upload date:
- Size: 6.1 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/1.11.0 pkginfo/1.4.2 requests/2.18.4 setuptools/40.2.0 requests-toolbelt/0.8.0 tqdm/4.25.0 CPython/2.7.15+
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
286d6b57794d5317ea818e56bda9c887f8bfb293c5c23c6e3bdf628b33c05814
|
|
| MD5 |
87c7dd2728a28d8d3335cf65eb85f92c
|
|
| BLAKE2b-256 |
201042846d2f2e5a33ed9070a06eab22797c5bfc4f8e0105fd1091697f3a5eba
|
