Renaud & crew,
I would like to use report conversion as a filter, e.g.:
cat some-nbe-file | nessus -i - -T html -o - | some-other-processig
The problem is that in conversion mode, nessus currently won't accept
stdin (i.e., "-i -").
I've created a patch to allow that, which adds the "-I <input-type>"
flag (where <input-type> is either 'nbe' or 'nsr'), so we won't have
to depend on the input filename only to guess the type of input. If no
-I option is provided, we fall back on the file extension.
The way this would then work is as follows:
cat something | nessus -I nbe -i - -T html -o - | some-other-thing
Here's why I would really like this feature:
I want to generate HTML reports which contain security holes only. For
this, I do the following:
nessus -T nbe -q localhost 1241 <user> <password> ./targets - \
| grep '|Security Hole|' \
| nessus -I nbe -i - -T html -o report-holes-only.html
I've attached the patch providing "-I nsr|nbe" and "-i -"
to nessus-core-2.0.1 at the end of this email.
Please let me know what you think.
Thanks,
Gabriel
--
-----------------------------------------------------------------------
Gabriel L. Somlo Academic Computing & Networking Services
Colorado State University
601 Howes St., Room 612A
Fort Collins, CO 80523-2028 e-mail: somlo@acns.colostate.edu
-----------------------------------------------------------------------
I would like to use report conversion as a filter, e.g.:
cat some-nbe-file | nessus -i - -T html -o - | some-other-processig
The problem is that in conversion mode, nessus currently won't accept
stdin (i.e., "-i -").
I've created a patch to allow that, which adds the "-I <input-type>"
flag (where <input-type> is either 'nbe' or 'nsr'), so we won't have
to depend on the input filename only to guess the type of input. If no
-I option is provided, we fall back on the file extension.
The way this would then work is as follows:
cat something | nessus -I nbe -i - -T html -o - | some-other-thing
Here's why I would really like this feature:
I want to generate HTML reports which contain security holes only. For
this, I do the following:
nessus -T nbe -q localhost 1241 <user> <password> ./targets - \
| grep '|Security Hole|' \
| nessus -I nbe -i - -T html -o report-holes-only.html
I've attached the patch providing "-I nsr|nbe" and "-i -"
to nessus-core-2.0.1 at the end of this email.
Please let me know what you think.
Thanks,
Gabriel
--
-----------------------------------------------------------------------
Gabriel L. Somlo Academic Computing & Networking Services
Colorado State University
601 Howes St., Room 612A
Fort Collins, CO 80523-2028 e-mail: somlo@acns.colostate.edu
-----------------------------------------------------------------------