Cyberdefense/VulnWhisperer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55 Commits 5 Branches 7 Tags
abe8925ebc008b8d5c2c81d1bcf249fb18707a24
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE

README.md

Create actionable data from your vulnerability scans

VulnWhisperer is a vulnerability report aggregator for nessus (more scanners to come). VulnWhisperer will pull all the reports and create a file with a unique filename which is then fed into logstash. Logstash extracts data from the filename and tags all of the information inside the report (see logstash_vulnwhisp.conf file). Data is then shipped to elasticsearch to be indexed.

Requirements

  • ElasticStack
  • Python 2.7
  • Vulnerability Scanner - (Nessus)
  • Optional: Message broker such as Kafka or RabbitMQ

Currently Supports

  • Elasticsearch 2.x
  • Python 2.7
  • Nessus

Setup

Install pip:
sudo <pkg-manager> install python-pip
sudo pip install --upgrade pip

Manually install requirements:
sudo pip install pytz
sudo pip install pandas

Using requirements file:
sudo pip install -r /path/to/VulnWhisperer/requirements.txt

cd /path/to/VulnWhisperer
sudo python setup.py install

Configuration

There are a few configuration steps to setting up VulnWhisperer:

  • Configure Ini file
  • Setup Logstash File
  • Import ElasticSearch Templates
  • Import Kibana Dashboards

Run


vuln_whisperer -c configs/example.ini

For windows, you may need to type the full path of the binary in vulnWhisperer located in the bin directory.

Credit

Big thank you to Justin Henderson for his contributions to vulnWhisperer!

Description
Create actionable data from your Vulnerability Scans
elasticsearchelasticstacklogstashnessuspythonqualysvulnerability
Readme Apache-2.0 2.9 MiB
Languages
Python 92.4%
Shell 6.6%
Smarty 0.6%
Dockerfile 0.4%