A tool to convert OpenVAS XML into reports.

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for BlueCroissant from gravatar.com BlueCroissant

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: GNU General Public License v3 or later (GPLv3+) (GPL-3.0-or-later)
  • Author: TheGroundZero (@DezeStijn)
  • Tags OpenVAS , OpenVAS-reports , Excel , xlsxwriter , xlsx , reporting , reports , report
  • Requires: Python ~=3.7
Classifiers
Report project as malware

Project description

OpenVAS Reporting:

GitHub version License Docs Known Vulnerabilities codecov Requirements Status PyPI - Format PyPI - Python Version

A tool to convert OpenVAS XML into reports.

Report example screenshot

Read the full documentation at https://openvas-reporting.stijncrevits.be

I forked OpenVAS2Report since it didn't manage to convert all reports I threw at it and because I wanted to learn how to use Python for working with XML and creating Excel files.
Also, OpenVAS mixes their own threat levels with the CVSS scoring, the latter of which I prefer to use in my reports.

Looking for a fix and providing an actual fix through a pull request would have been too much work, so I chose to fork the repo and try my own thing.
I reorganised some of the files, removed some functionality and added some extra, and rewrote some functions.

At this moment in time, the script only output .xlsx documents in one format, this may (not) change in the future.

Requirements

Installation

# install requirements
apt(-get) install python3 python3-pip # Debian, Ubuntu
yum -y install python3 python3-pip    # CentOS
dnf install python3 python3-pip       # Fedora
pip3 install -r requirements.txt
# clone repo
git clone git@github.com:TheGroundZero/openvas_to_report.git

Usage

python3 -m openvasreporting -i [OpenVAS xml file(s)] [-o [Output file]] [-f [Output format]] [-l [minimal threat level (n, l, m, h, c)]]

Parameters

Short param Long param Description Required Default value
-i --input Input file(s) YES n/a
-o --output Output filename No openvas_report
-f --format Output format No xlsx
-l --level Minimal level No n

Examples

Create Excel report from 1 OpenVAS XML report using default settings

python3 -m openvasreporting -i openvasreport.xml -f xlsx

Create Excel report from multiple OpenVAS reports using default settings

# wildcard select
python3 -m openvasreporting -i *.xml -f xlsx
# selective
python3 -m openvasreporting -i openvasreport1.xml -i openvasreport2.xml -f xlsx

Create Excel report from multiple OpenVAS reports, reporting only threat level high and up

python3 -m openvasreporting -i *.xml -o excelreport -f xlsx -l h

Result

The final report (in Excel format) will then look something like this:

Report example screenshot - Summary Report example screenshot - ToC Report example screenshot - Vuln desc

Worksheets are sorted according to CVSS score and are colored according to the vulnerability level.

Ideas

Some of the ideas I still have for future functionality:

  • list vulnerabilities per host
  • make pip installer
  • filter by host (scope/exclude) as in OpenVAS2Report
  • export to other formats (CSV, PDF)
  • select threat levels individually (e.g. none and low; but not med, high and crit)

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for BlueCroissant from gravatar.com BlueCroissant

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: GNU General Public License v3 or later (GPLv3+) (GPL-3.0-or-later)
  • Author: TheGroundZero (@DezeStijn)
  • Tags OpenVAS , OpenVAS-reports , Excel , xlsxwriter , xlsx , reporting , reports , report
  • Requires: Python ~=3.7
Classifiers

Release history Release notifications | RSS feed

1.6.1

1.5.2

1.5.1

1.5.post3

1.4.3

1.4.2

1.4.1

1.4.0

1.3.1

1.3.0

This version

1.2.3

1.2.2

1.2.1

1.2.0

1.1.0a0 pre-release

1.0.1a0 pre-release

1.0.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

OpenVAS Reporting-1.2.3.tar.gz (18.3 MB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

OpenVAS_Reporting-1.2.3-py3-none-any.whl (6.3 kB view details)

Uploaded Python 3

File details

Details for the file OpenVAS Reporting-1.2.3.tar.gz.

File metadata

  • Download URL: OpenVAS Reporting-1.2.3.tar.gz
  • Upload date:
  • Size: 18.3 MB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/1.11.0 pkginfo/1.4.2 requests/2.18.4 setuptools/40.2.0 requests-toolbelt/0.8.0 tqdm/4.25.0 CPython/2.7.15+

File hashes

Hashes for OpenVAS Reporting-1.2.3.tar.gz
Algorithm Hash digest
SHA256 856059c2d6c89b77ab3a155d6d64931746340ca3ffec65d6287b0ace3793cc4d
MD5 92b8100646fe7a16109395b17b4e73e9
BLAKE2b-256 dc3fd9b5472fc1f5b1b9e9da9fc349563e6e8f26417d92eedbfbe21beeb2ad8b

See more details on using hashes here.

File details

Details for the file OpenVAS_Reporting-1.2.3-py3-none-any.whl.

File metadata

  • Download URL: OpenVAS_Reporting-1.2.3-py3-none-any.whl
  • Upload date:
  • Size: 6.3 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/1.11.0 pkginfo/1.4.2 requests/2.18.4 setuptools/40.2.0 requests-toolbelt/0.8.0 tqdm/4.25.0 CPython/2.7.15+

File hashes

Hashes for OpenVAS_Reporting-1.2.3-py3-none-any.whl
Algorithm Hash digest
SHA256 7488d90c895f1bc81545c2445fae90e7e04c46bd11de0f4d4a1e04d3341372e7
MD5 e0f6be704ac99c4281cf4fdbe7d2fac2
BLAKE2b-256 850d5c12191da2f5d8bf0c28901a81863dc2567e76342a4656c9c29fb39c0ffa

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page