RISU (former NessusDB) v1.4.5 released

Risu (NessusDB)  is Nessus XMLv2 parser, which pushes reports into an ActiveRecord database, easing report generation. Requirements ruby (Tested with 1.8.7) rubygems (Install it from source!, it is included with ruby 1.9.1+) libxml choice rails yaml logger rmagick gruff prawn mysql.

 _ _ __(_)___ _ _ | '__| / __| | | | | | | \__ \ |_| | |_| |_|___/\__,_|

Several templates are included:

  1. graphs.rb – several graphs written to disk as png’s and as a complete pdf
  2. technical_findings.rb – a detailed pdf of the high and medium findings from the assessment
  3. finding_statistics.rb – this is a pdf summary of the assessment
  4. assets.rb – this is a summary of all the hosts found during the scan
  5. pci_compliance.rb – this generates of list of hosts that pass or failed pci/dss auditing
  6. exec_summary.rb – A sample executive summary report
  7. executive_summary.rb – A more detailed sample executive summary report
  8. findings_summary.rb – A summary of all the findings report
  9. ms_update_summary.rb – a summary of all the windows update enable hosts
  10. ms_patch_summary.rb – a summary of all the missing windows patches
  11. cover_sheet.rb – a example coversheet report

Changelog

  • Implemented an modular template system, **breaks all existing templates**.
  • All templates are now implemented as Ruby classes this allows them to be dynamically loaded and removes the need to type the entire path to the template
    This allows me to implement rendering systems that will be able to write pdf/html/rtf/csv in the future without having to have templates for each type
    Updated the Severity Graph and added some auto generated text based on the graph percentages
  • Added a method to generate text for the other_os_graph
  • Added a method to generate text for the windows_os_graph
  • Added some auto generated text for unsupported operating systems to put into a report.
  • Added AIX named_scopes on the Host model (os_aix and not_os_aix)
  • Unified the colors to be the same for all the graphs
  • Added validation of the XML files for Nessus Documents
  • Added ‘system_type‘ field to the Nessus parser

Download

NJ Ouchn

"Passion is needed for any great work, and for the revolution, passion and audacity are required in big doses"
Strengthening Security: ToolsWatch Welcomes Dr. Magda Lilia Chelly and Vivek Ramachandran to Black Hat Arsenal’s Board of Review

Strengthening Security: ToolsWatch Welcomes Dr. Magda Lilia Chelly and Vivek Ramachandran to Black Hat Arsenal’s Board of Review

GISEC Armory Edition 1 Dubai 2024 – Call For Tools is Open

GISEC Armory Edition 1 Dubai 2024 – Call For Tools is Open

Black Hat Arsenal 2024 Next Stop Singapore !

Black Hat Arsenal 2024 Next Stop Singapore !

ToolsWatch introducing Armory at Gisec 2024 in Dubai: A New Arena for Cybersecurity Open Source Tools Announced

ToolsWatch introducing Armory at Gisec 2024 in Dubai: A New Arena for Cybersecurity Open Source Tools Announced

Unveiling the Awesome Lineup for Black Hat MEA Arsenal 2023 in Riyadh, KSA

Unveiling the Awesome Lineup for Black Hat MEA Arsenal 2023 in Riyadh, KSA

Announcing the First Black Hat / ToolsWatch SecTor Toronto 2023 Arsenal Tools and Their Impact on the Community

Announcing the First Black Hat / ToolsWatch SecTor Toronto 2023 Arsenal Tools and Their Impact on the Community