Pause, resume, list, check the status of, or export a Nessus scan. There is also the option to schedule a pause or resume action. Telegram bot support is also included.
Project description
Lazy-Nessus
Description
I made this script for me to not have to log into Nessus every time I wanted to pause/resume a scan because I am lazy and I don't like logging into my computer at 3 AM. I also added Telegram support since I'm paranoid and want to make sure my actions actually worked.
What started as a simple script to pause/resume scans has turned into a full-fledged CLI tool for Nessus. I have added the ability to list scans, check the status of a scan, export a scan, search for a scan, pause a scan, and resume a scan. I have also added the ability to use a .env file to store your API keys and other variables. This is useful if you want to use the Telegram bot functionality. I have also added the ability to pass all variables as command line arguments if you do not want to use a .env file.
Requirements
- Python 3
- Nessus Professional or Nessus Manager
- Telegram Bot (optional)
Installation
- Pip or pipx install
pip install lazy-nessus
pipx install lazy-nessus
- Create a Telegram Bot (optional)
- Create a .env file in your home directory and add your API keys and other variables (see below) (optional)
- Run the script
Example .env file
All optional variables are added. If you do not want to use the .env file, you can pass the variables as command line arguments.
TELEGRAM_BOT_TOKEN="1234567890:ABCDEF1234567890"
TELEGRAM_CHAT_ID="1234567890"
NESSUS_API_TOKEN="1a2b3c4d-1a2b-3c4d-1a2b-3c4d1a2b3c4d"
NESSUS_X_COOKIE="1a2b3c4d1a2b3c4d1a2b3c4d1a2b3c4d1a2b3c4d1a2b3c4d"
NESSUS_PASSWORD="1a2b3c4d5e6f7g8h9i0j"
Examples
List all scans
lazy-nessus scans list
Check the status or a single scan on a given server
lazy-nessus scans check -S 192.168.250.158 -s 13
Pause a scan at a specific time with known API token and X-Cookie
lazy-nessus scans pause -S 10.10.10.10 -p 8080 -s 11 -t "2021-01-01 00:00" -tT "1234567890:ABCDEF1234567890" -tC "1234567890" -aT "1a2b3c4d-1a2b-3c4d-1a2b-3c4d1a2b3c4d" -c "1a2b3c4d1a2b3c4d1a2b3c4d1a2b3c4d1a2b3c4d1a2b3c4d" -v
Resume a localhost scan at a specific time using a password
lazy-nessus scans resume -p 8080 -s 11 -t "2021-01-01 09:45" -p "1a2b3c4d5e6f7g8h9i0j"
Export a scan as a .nessus file
lazy-nessus scans export -f nessus -s 4 -p "1a2b3c4d5e6f7g8h9i0j"
Search for a scan by name
lazy-nessus scans search -s "Scan Name"
How to obtain the Nessus API token and X-Cookie
- Log into Nessus
- Open the developer tools in your browser
- Go to the Network tab
- Click on something like "All Scans" or "My Scans" under FOLDERS
- Look for the GET request to folders and click on it
- From the Headers tab, copy the X-Cookie value AFTER "token=" and paste it into the .env file
- From the Headers tab, copy the X-API-Token value and paste it into the .env file
- Also note the scan ID from the URL (e.g. https://nessus.example.com/#/scans/reports/11/hosts)
How to obtain the Telegram bot token and chat ID
- Start a chat with the BotFather
- Send the BotFather the start message
/start
- Send the BotFather the newbot message
/newbot
- Answer the BotFather's questions to finsh setting up the bot. Keep in mind that your bot name will be searchable by all Telegram users.
- Save your bot's API key for future reference.
- Start a chat with your bot and then navigate to https://api.telegram.org/bot123456789:jbd78sadvbdy63d37gda37bd8/getUpdates and replace your API key in the URL. IT NEEDS TO START WITH 'bot' SO KEEP THAT PART OF THE URL.
- You will likely get a blank result until you send your bot another message and refresh the getUpdates URL.
- Once you see updates from the URL, note your 'chat_id'. You can use the combination of chat ID and your API key to send automated alerts.
- EXAMPLE:
curl "https://api.telegram.org/bot123456789:jbd78sadvbdy63d37gda37bd8/sendMessage?chat_id=123456&text=%22You just got a shell! Go check your C2 server!%22"
- EXAMPLE:
- Copy the "id" value and paste it into the .env file
- Copy the "token" value and paste it into the .env file
Development
Windows
- Clone this repository
git clone https://github.com/minniear/lazy-nessus.git
- Install the requirements, preferably in a virtual environment
python3 -m venv lazy-nessus
cd lazy-nessus
Scripts\activate.bat
pip install -r requirements.txt
- Create a Telegram Bot (optional)
- Create a .env file in your home directory and add your API keys and other variables (see above) (optional)
Linux/Mac
- Clone this repository
git clone
- Install the requirements, preferably in a virtual environment
python -m venv lazy-nessus
cd lazy-nessus
source bin/activate
pip install -r requirements.txt
- Create a Telegram Bot (optional)
- Create a .env file in your home directory and add your API keys and other variables (see above) (optional)
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file lazy_nessus-0.2.6.post2.tar.gz
.
File metadata
- Download URL: lazy_nessus-0.2.6.post2.tar.gz
- Upload date:
- Size: 23.1 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.0.0 CPython/3.9.18
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | 67e6d60d27f3cd546fe8f3aaef43c2096598d8cf8a9c49e22586e6ba83242850 |
|
MD5 | f1eafcc51d110c84860be62d82808cc4 |
|
BLAKE2b-256 | 0ca753253dbb7eedcdfc07d36dfd82943237f1fb81947860ca2fc7eb9b9e9dc6 |
File details
Details for the file lazy_nessus-0.2.6.post2-py3-none-any.whl
.
File metadata
- Download URL: lazy_nessus-0.2.6.post2-py3-none-any.whl
- Upload date:
- Size: 26.9 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.0.0 CPython/3.9.18
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | cacd0a1edaf488dd337077a8c1c586e056a66306deee731f3d575d6e350f0daf |
|
MD5 | a9b3019215965a6a47c68b1c3f0f36bc |
|
BLAKE2b-256 | 4eb8d1f4ae36f25bcadbafadd8a08867ba6f37be6af41c30b9c5ea2759696864 |