diff --git a/README.md b/README.md index dc315c9..288781f 100644 --- a/README.md +++ b/README.md @@ -12,20 +12,12 @@ VulnWhisperer is a vulnerability data and report aggregator. VulnWhisperer will [![MIT License](https://img.shields.io/badge/license-MIT-blue.svg?style=flat)](http://choosealicense.com/licenses/mit/) -Requirements -------------- -#### -* ElasticStack 5.x -* Python 2.7 -* Vulnerability Scanner -* Optional: Message broker such as Kafka or RabbitMQ - Currently Supports ----------------- ### Vulnerability Frameworks -- [X] Nessus V6 +- [X] Nessus (v6 & **v7**) - [X] Qualys Web Applications - [ ] Qualys Vulnerability Management (_in progress_) - [ ] OpenVAS @@ -34,18 +26,32 @@ Currently Supports - [ ] NMAP - [ ] More to come - -Setup +Getting Started =============== -```python -Install pip: -sudo install python-pip -sudo pip install --upgrade pip +1) Follow the [install requirements](#installreq) +2) Fill out the section you want to process in example.ini file +3) Modify the IP settings in the logstash files to accomodate your environment and import them to your logstash conf directory (default is /etc/logstash/conf.d/) +4) Import the kibana visualizations +5) [Run Vulnwhisperer](#run) -Manually install requirements: -sudo pip install pytz -sudo pip install pandas +Requirements +------------- +#### +* ElasticStack 5.x +* Python 2.7 +* Vulnerability Scanner +* Optional: Message broker such as Kafka or RabbitMQ + +Install Requirements +-------------------- + + +```python + +Install dependant modules +cd deps/qualysapi +python setup.py install Using requirements file: sudo pip install -r /path/to/VulnWhisperer/requirements.txt @@ -68,7 +74,7 @@ There are a few configuration steps to setting up VulnWhisperer:

-Run +Run ----- To run, fill out the configuration file with your vulnerability scanner settings. Then you can execute from the command line. ```python @@ -81,6 +87,17 @@ vuln_whisperer -c configs/example.ini -s qualys

Next you'll need to import the visualizations into Kibana and setup your logstash config. A more thorough README is underway with setup instructions. +Running Nightly +--------------- +If you're running linux, be sure to setup a cronjob to remove old files that get stored in the database. Be sure to change .csv if you're using json. + +Setup crontab -e with the following config (modify to your environment) - this will run vulnwhisperer each night at 0130: + +`00 1 * * * /usr/bin/find /opt/vulnwhisp/ -type f -name '*.csv' -ctime +3 -exec rm {} \;` + +`30 1 * * * /usr/local/bin/vuln_whisperer -c /opt/vulnwhisp/configs/example.ini` + + _For windows, you may need to type the full path of the binary in vulnWhisperer located in the bin directory._ Credit diff --git a/bin/vuln_whisperer b/bin/vuln_whisperer index c131769..5c4645e 100644 --- a/bin/vuln_whisperer +++ b/bin/vuln_whisperer @@ -29,30 +29,27 @@ def main(): parser.add_argument('-p', '--password', dest='password', required=False, default=None, type=lambda x: x.strip(), help='The NESSUS password') args = parser.parse_args() - vw = vulnWhisperer(config=args.config, - profile=args.section, - verbose=args.verbose, - username=args.username, - password=args.password) - - vw.whisper_vulnerabilities() - ''' try: + if args.config and not args.section: + print('{red} ERROR: {error}{endc}'.format(red=bcolors.FAIL, + error='Please specify a section using -s. \ + \nExample vuln_whisperer -c config.ini -s nessus', + endc=bcolors.ENDC)) + else: + vw = vulnWhisperer(config=args.config, + profile=args.section, + verbose=args.verbose, + username=args.username, + password=args.password) - vw = vulnWhisperer(config=args.config, - profile=args.section, - verbose=args.verbose, - username=args.username, - password=args.password) - - vw.whisper_vulnerabilities() - sys.exit(1) + vw.whisper_vulnerabilities() + sys.exit(1) except Exception as e: if args.verbose: print('{red} ERROR: {error}{endc}'.format(red=bcolors.FAIL, error=e, endc=bcolors.ENDC)) sys.exit(2) - ''' + if __name__ == '__main__': main() \ No newline at end of file