I wrote two scripts to help parse through nessus results from a penetration test or vulnerability assessment. The first is to convert a nbe file to an sqlite database called nbe2sql. The second script takes the sqlite database and outputs all IPs with TCP and UDP ports open, in a csv format to help on report generation.

The next piece I want to write is a gui frontend to help explore and verify results from the nessus scan. Some features planned are grouping of results by IP, vulnerability, or port. Analyst notes would be entered directly into the application, which would also help on report generation.

nessus_tools-screen1.jpg

Code: