Python Client for Nessus REST API
Project description
Python Client for Nessus 5.0 REST API.
Nessus is a proprietary comprehensive vulnerability scanner which is developed by Tenable Network Security. It is free of charge for personal use in a non-enterprise environment.
Documentation
Documentation is available online at http://python-nessus-client.readthedocs.org and in the docs directory.
Installation
Install using pip
pip install python-nessus-client
Examples
REST resources are translated to methods.
For example:
Resource |
Method |
---|---|
/users/list |
object.users.list() |
/server/securesettings/&proxy%5Fport=8888 |
object.server.securesettings(proxy_port='8888') |
and so on…
To get users list https://nessus.example.com:8834/users/list we call list() method on Users class
>>> from nessus import API
>>> nessus = API('https://127.0.0.1:8834', username='user', password='pass')
>>> print nessus.users.list()
[
{
"admin": "TRUE",
"name": "test",
"lastlogin": 1416492416
}
]
To get server security settings list https://nessus.example.com:8834/server/securesettings/list we call securesettings() method on Server class
>>> from nessus import API
>>> nessus = API('https://127.0.0.1:8834', username='user', password='pass')
>>> print nessus.server.securesettings()
{
"proxysettings": {
"proxy_password": null,
"proxy_port": "8080",
"custom_host": null,
"proxy_username": null,
"user_agent": null,
"proxy": "10.0.0.1"
}
}
To set server security settings https://nessus.example.com:8834/server/securesettings we use the same securesettings() method on Server class but we pass as a argument settings to set up.
>>> from nessus import API
>>> nessus = API('https://127.0.0.1:8834', username='user', password='pass')
>>> nessus.server.securesettings(proxy_port='8081')
>>> print nessus.server.securesettings()
{
"proxysettings": {
"proxy_password": null,
"proxy_port": "8081",
"custom_host": null,
"proxy_username": null,
"user_agent": null,
"proxy": "10.0.0.1"
}
}
More examples can be found in the following subsections and in class documentation.
Authenticating a user
Login to Nessus server
>>> from nessus import API
>>> nessus = API('https://127.0.0.1:8834', username='user', password='pass')
Response is Python structure
We can acts like we work with dict.
Get configuration value
>>> print nessus.server.securesettings()['proxysettings']['proxy_port']
8080
Get name from second item in report list get list of hosts contained in a specified report
>>> second_host = nessus.report.list()[1]['name']
>>> print nessus.report.hosts(second_host)
{
"scanprogresscurrent": "0",
"scanprogresstotal": "100",
(...)
}
Make output more readable
# before
>>> print nessus.server.securesettings()
{u'proxysettings': {u'proxy_password': None, u'proxy_port': u'8080', (...)
# after
>>> import json
>>> data = nessus.server.securesettings()
>>> json.dumps(data, indent=2)
{
"proxysettings": {
"proxy_password": null,
"proxy_port": "8080",
"custom_host": null,
"proxy_username": null,
"user_agent": null,
"proxy": "10.0.0.1"
}
}
Check if report has audit trail
>>> nessus.report.has_audit_trail(name)
True
>>> if nessus.report.has_audit_trail(name):
>>> print 'Report {} has audit trail'.format(name)
Report 95c309f8-2578-fd3e-9e4d-a8aa6d6511e8b617b5a088c93309 has audit trail
Create new scan
# make list with hosts
>>> target = ['localhost', 'example.com']
>>> nessus.scan.new(target, 'test', '-37')
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
File details
Details for the file python-nessus-client-0.1.1.zip
.
File metadata
- Download URL: python-nessus-client-0.1.1.zip
- Upload date:
- Size: 28.1 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 |
8556818e31fd88bb4eab6c14513ce6ba865df19a2095e622b5c1769b0fac1f05
|
|
MD5 |
5237ebfd359a7bcc9f186f84d26f20e4
|
|
BLAKE2b-256 |
e690eae0403348cbf4f9efc9998b0ed397fc05ea4bbe38ed3e81e2fac9181579
|