Create actionable data from your vulnerability scans

VulnWhisperer is a vulnerability report aggregator for nessus (more scanners to come). VulnWhisperer will pull all the reports and create a file with a unique filename which is then fed into logstash. Logstash extracts data from the filename and tags all of the information inside the report (see logstash_vulnwhisp.conf file). Data is then shipped to elasticsearch to be indexed. Requirements ------------- #### * ElasticStack * Python 2.7 * Vulnerability Scanner - (Nessus) * Optional: Message broker such as Kafka or RabbitMQ Currently Supports ------------- #### * Elasticsearch 2.x * Python 2.7 * Nessus Setup =============== ```python Install pip: sudo install python-pip sudo pip install --upgrade pip Manually install requirements: sudo pip install pytz sudo pip install pandas Using requirements file: sudo pip install -r /path/to/VulnWhisperer/requirements.txt cd /path/to/VulnWhisperer sudo python setup.py install ``` Configuration ----- There are a few configuration steps to setting up VulnWhisperer: * Configure Ini file * Setup Logstash File * Import ElasticSearch Templates * Import Kibana Dashboards Run ----- ```python vuln_whisperer -c configs/example.ini ``` _For windows, you may need to type the full path of the binary in vulnWhisperer located in the bin directory._ Credit ------ Big thank you to Justin Henderson for his contributions to vulnWhisperer!