1.5 KiB
1.5 KiB
Create actionable data from your vulnerability scans
VulnWhisperer is a vulnerability report aggregator for nessus (more scanners to come). VulnWhisperer will pull all the reports and create a file with a unique filename which is then fed into logstash. Logstash extracts data from the filename and tags all of the information inside the report (see logstash_vulnwhisp.conf file). Data is then shipped to elasticsearch to be indexed.
Getting Started
Currently supports python 2.7
sudo pip install -r requirements.txt
python setup.py install
Requirements
- ElasticStack
- Python 2.7
- Vulnerability Scanner - (Nessus)
- Optional: Message broker such as Kafka or RabbitMQ
Currently Supports
- Nessus
Setup
Configuration
There are a few configuration steps to setting up VulnWhisperer:
- Configure Ini file
- Setup Logstash File
- Import ElasticSearch Templates
- Import Kibana Dashboards
Credit
Big thank you to Justin Henderson for his contributions to vulnWhisperer!