Cyberdefense/VulnWhisperer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #4 from austin-taylor/master

Browse Source 
Fork Sync
This commit is contained in:
Austin Taylor
2018-01-04 16:44:30 -05:00
committed by GitHub
parent 0ab53890ca a1b9ff6273
commit 4ea72650df
2 changed files with 50 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

55
README.md
View File

@ -12,20 +12,12 @@ VulnWhisperer is a vulnerability data and report aggregator. VulnWhisperer will
[![MIT License](https://img.shields.io/badge/license-MIT-blue.svg?style=flat)](http://choosealicense.com/licenses/mit/) [![MIT License](https://img.shields.io/badge/license-MIT-blue.svg?style=flat)](http://choosealicense.com/licenses/mit/)
Requirements
-------------
####
* ElasticStack 5.x
* Python 2.7
* Vulnerability Scanner
* Optional: Message broker such as Kafka or RabbitMQ
Currently Supports Currently Supports
----------------- -----------------
### Vulnerability Frameworks ### Vulnerability Frameworks
- [X] Nessus V6 - [X] Nessus (v6 & **v7**)
- [X] Qualys Web Applications - [X] Qualys Web Applications
- [ ] Qualys Vulnerability Management (_in progress_) - [ ] Qualys Vulnerability Management (_in progress_)
- [ ] OpenVAS - [ ] OpenVAS
@ -34,18 +26,32 @@ Currently Supports
- [ ] NMAP - [ ] NMAP
- [ ] More to come - [ ] More to come
Getting Started
Setup
=============== ===============
```python 1) Follow the [install requirements](#installreq)
Install pip: 2) Fill out the section you want to process in <a href="https://github.com/austin-taylor/VulnWhisperer/blob/master/configs/frameworks_example.ini">example.ini file</a>
sudo <pkg-manager> install python-pip 3) Modify the IP settings in the <a href="https://github.com/austin-taylor/VulnWhisperer/tree/master/logstash">logstash files to accomodate your environment</a> and import them to your logstash conf directory (default is /etc/logstash/conf.d/)
sudo pip install --upgrade pip 4) Import the <a href="https://github.com/austin-taylor/VulnWhisperer/tree/master/kibana/vuln_whisp_kibana">kibana visualizations</a>
5) [Run Vulnwhisperer](#run)
Manually install requirements: Requirements
sudo pip install pytz -------------
sudo pip install pandas ####
* ElasticStack 5.x
* Python 2.7
* Vulnerability Scanner
* Optional: Message broker such as Kafka or RabbitMQ
<a id="installreq">Install Requirements</a>
--------------------
```python
Install dependant modules
cd deps/qualysapi
python setup.py install
Using requirements file: Using requirements file:
sudo pip install -r /path/to/VulnWhisperer/requirements.txt sudo pip install -r /path/to/VulnWhisperer/requirements.txt
@ -68,7 +74,7 @@ There are a few configuration steps to setting up VulnWhisperer:
<p align="left" style="width:200px"><img src="https://github.com/austin-taylor/vulnwhisperer/blob/master/docs/source/config_example.png" style="width:200px"></p> <p align="left" style="width:200px"><img src="https://github.com/austin-taylor/vulnwhisperer/blob/master/docs/source/config_example.png" style="width:200px"></p>
Run <a id="run">Run</a>
----- -----
To run, fill out the configuration file with your vulnerability scanner settings. Then you can execute from the command line. To run, fill out the configuration file with your vulnerability scanner settings. Then you can execute from the command line.
```python ```python
@ -81,6 +87,17 @@ vuln_whisperer -c configs/example.ini -s qualys
<p align="center" style="width:300px"><img src="https://github.com/austin-taylor/vulnwhisperer/blob/master/docs/source/running_vuln_whisperer.png" style="width:400px"></p> <p align="center" style="width:300px"><img src="https://github.com/austin-taylor/vulnwhisperer/blob/master/docs/source/running_vuln_whisperer.png" style="width:400px"></p>
Next you'll need to import the visualizations into Kibana and setup your logstash config. A more thorough README is underway with setup instructions. Next you'll need to import the visualizations into Kibana and setup your logstash config. A more thorough README is underway with setup instructions.
Running Nightly
---------------
If you're running linux, be sure to setup a cronjob to remove old files that get stored in the database. Be sure to change .csv if you're using json.
Setup crontab -e with the following config (modify to your environment) - this will run vulnwhisperer each night at 0130:
`00 1 * * * /usr/bin/find /opt/vulnwhisp/ -type f -name '*.csv' -ctime +3 -exec rm {} \;`
`30 1 * * * /usr/local/bin/vuln_whisperer -c /opt/vulnwhisp/configs/example.ini`
_For windows, you may need to type the full path of the binary in vulnWhisperer located in the bin directory._ _For windows, you may need to type the full path of the binary in vulnWhisperer located in the bin directory._
Credit Credit

17
bin/vuln_whisperer
View File

@ -29,16 +29,13 @@ def main():
parser.add_argument('-p', '--password', dest='password', required=False, default=None, type=lambda x: x.strip(), help='The NESSUS password') parser.add_argument('-p', '--password', dest='password', required=False, default=None, type=lambda x: x.strip(), help='The NESSUS password')
args = parser.parse_args() args = parser.parse_args()
vw = vulnWhisperer(config=args.config,
profile=args.section,
verbose=args.verbose,
username=args.username,
password=args.password)
vw.whisper_vulnerabilities()
'''
try: try:
if args.config and not args.section:
print('{red} ERROR: {error}{endc}'.format(red=bcolors.FAIL,
error='Please specify a section using -s. \
\nExample vuln_whisperer -c config.ini -s nessus',
endc=bcolors.ENDC))
else:
vw = vulnWhisperer(config=args.config, vw = vulnWhisperer(config=args.config,
profile=args.section, profile=args.section,
verbose=args.verbose, verbose=args.verbose,
@ -52,7 +49,7 @@ def main():
if args.verbose: if args.verbose:
print('{red} ERROR: {error}{endc}'.format(red=bcolors.FAIL, error=e, endc=bcolors.ENDC)) print('{red} ERROR: {error}{endc}'.format(red=bcolors.FAIL, error=e, endc=bcolors.ENDC))
sys.exit(2) sys.exit(2)
'''
if __name__ == '__main__': if __name__ == '__main__':
main() main()