Automating Nessus Capabilities

August 23, 2013
Tools & Techniques

In the process of automating network scans for large networks there is a necessity to automate Nessus scans as well. The major advantage and most important point of this automation is that it allows you to do a Schedule scan in Home Feed version (which is only available in Pro feed) and the easiest part is your scans would run as if you are running from your Nessus web interface client.

Below Nessus automation perl script takes the first policy defined in your Nessus web browser client to run the scans. The script is based on my previous concept of Automating NMAP:

use Net::Nessus::XMLRPC;

$file = "ipadr.txt";

my $n = Net::Nessus::XMLRPC->new ('','admin','admin');#Enter nessus username and password

die "Cannot login to: ".$n->nurl."\n" unless ($n->logged_in);

print "Logged in\n";

my $polid=$n->policy_get_first;

print "Using policy ID: $polid ";

my $polname=$n->policy_get_name($polid);

print "with name: $polname\n";

my $targets;

my $scanid=$n->scan_new_file($polid,"report",$targets,$file);

print "Performing scan on:\t$scanid\n";

while (not $n->scan_finished($scanid))

{

print "$scanid: ".$n->scan_status($scanid)."\n";

sleep 15;

}

print "$scanid: ".$n->scan_status($scanid)."\n";

my $reportcont=$n->report_file_download($scanid);

my $reportfile="report.html";

open (FILE,">$reportfile") or die "Cannot open file $reportfile: $!";

print FILE $reportcont;

close (FILE);

How to Run:

1.Install perl and Net::Nessus::XMLRPC module

2.Create a file named “ipadr.txt” and dump your entire IP list here; one entry on each line. For ex:              

                         10.0.0.1      

                         10.0.0.2      

                         10.0.0.3
3 Copy the above script in a textpad and save as nessus.pl

4.Place nessus.pl and ipadr.txt in same folder. Ex: C:\Auto_Nessus

5.Go to command prompt and browse till C:\Auto_Nessus.

6.Fire command:

              perl nessus.pl
7.The report will be saved in same folder as report.html. Alternatively, you can login to Nessus web client and view your report from there as well.


The next task is to make this script to work with the Windows Scheduler. Copy the below code in a textpad and save it as “Nessus_scan.bat”:


@ECHO OFF

REM cd to folder location

cd C:\Auto_Nessus

perl nessus.pl


Open your windows scheduler and schedule the batch file to execute at your desired time.

Happy Scanning!!!

Share this post
Wordpress Security
Malware Analysis
Tools & Techniques
Pentests
PTaaS
Cyber Security
Technology
Subscribe to our newsletter

Join our newsletter today and enhance your knowledge with valuable insights. It's quick, easy, and free!

Be a Team Player
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Latest blogs

Latest updates in cybersecurity services

View All
Blacklock Blog Image
Wordpress CMS Security
June 9, 2016
Wordpress CMS Security
Tools & Techniques
August 8, 2014
Tools & Techniques