Fork me on GitHub
Its the Code garbage collector. Mind dumps of daily coding antics from a frustrated silly little man. VBS, PHP, TCL, TK, PERL, C++, JAVA....what now? Ruby?
No Wait.. It should be just RUBY!

20070323

Comparing Common Vulnerability Result Sets

One of the major things I've been working on is bring together vulnerability result information. I found that it was a major pain in ass to be able to remove duplicate entries from result sets. I was finally able to come up with listing for based on CVE / BID tracking numbers:

An example corresponding file could be something like this

Tenable Nessus 3.0 - to - Harris Guardian Scanner [download txt]

Just extracting Nessus Information can be a huge problem. Because of the lack of structure within the nasl scripting language, there are many many variations on the output generated by the plugins. I've made some additional changes to an old tool.

nessus_extract.pl (version 1.7) [download perl]

I added pipes into the fray, generating a recursive style csv to separate BID and CVE numbers as well as a more robust double-quote word qualifier.

One huge help is the Open Source Vulnerability Data Base (osvdb) which has come a long way.

1 comment:

Shadowbq said...

Added a couple extra fixes to the nessus-extract.pl file.

I've hosted nessus_extract.pl and nessus-extract.pl both on answorld.com

These are both at 1.7.1 version.

Additional features include are

# CHANGELOG:
# Version 1.7.1
# Added Pipes into the delimitation of CVE and BID numbers
# Added Tenable Nessus default windows location
# Added XLS output format which provides a more detailed cvs output format