GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → hammackj → risu

hammackj / risu

Licence: MIT license
Risu is Nessus parser, that converts the generated reports into a ActiveRecord database, this allows for easy report generation and vulnerability verification.

Programming Languages

ruby
36898 projects - #4 most used programming language

Labels

securityreportingxml-parsernessus

Projects that are alternatives of or similar to risu

PSHTMLTable
PowerShell module to spice up ad hoc notifications and reports
Stars: ✭ 34 (-45.16%)
Mutual labels:  reporting
sarna
Security Assessment Report geNerated Automatically
Stars: ✭ 26 (-58.06%)
Mutual labels:  reporting
pgbouncer wrapper
SQL wrapper around pgbouncer's console
Stars: ✭ 18 (-70.97%)
Mutual labels:  reporting
exml
Most simple Elixir wrapper for xmerl xpath
Stars: ✭ 23 (-62.9%)
Mutual labels:  xml-parser
allure-gradle
Allure Gradle Plugin
Stars: ✭ 62 (+0%)
Mutual labels:  reporting
DocSum
A tool to automatically summarize documents abstractively using the BART or PreSumm Machine Learning Model.
Stars: ✭ 58 (-6.45%)
Mutual labels:  xml-parser
cortex
📝 A headless, multitenant dynamic content platform powered by Rails, GraphQL and Elasticsearch
Stars: ✭ 28 (-54.84%)
Mutual labels:  reporting
dsm
Declarative Stream Mapping (DSM) is a stream de/serializer library for XML and JSON. DSM allows you to make custom parsing, filtering, transforming, aggregating, grouping on any JSON or XML document at stream time(read only once).
Stars: ✭ 23 (-62.9%)
Mutual labels:  xml-parser
allure-ruby
Allure integrations for Ruby test frameworks
Stars: ✭ 40 (-35.48%)
Mutual labels:  reporting
allure-docs
Allure Framework documentation
Stars: ✭ 50 (-19.35%)
Mutual labels:  reporting
Reports.JS
Stimulsoft Reports.JS is a reporting tool for Node.js and JavaScript applications.
Stars: ✭ 33 (-46.77%)
Mutual labels:  reporting
camunda-prometheus-process-engine-plugin
Monitor your KPIs!!! Camunda BPM Process Engine Plugin providing Prometheus Monitoring, Metric classes for various BPMN use, Grafana Annotations, and HTTPServer data export: Used to generate Prometheus metrics anywhere in the Engine, including BPMN, CMN, and DMN engines and instances.
Stars: ✭ 48 (-22.58%)
Mutual labels:  reporting
eaxy
Eaxy - Enjoy XML. Java library for parsing, building and iterating both simple and huge + complex XML
Stars: ✭ 52 (-16.13%)
Mutual labels:  xml-parser
allure-docker-service-ui
Allure Docker Service UI provides a friendly user interface for frankescobar/allure-docker-service API container.
Stars: ✭ 51 (-17.74%)
Mutual labels:  reporting
Samples-ASP.NET-MVC-CSharp
ASP.NET MVC C# samples for Stimulsoft Reports.Web reporting tool.
Stars: ✭ 31 (-50%)
Mutual labels:  reporting
SCCM-Zone
My ♡ collection of PowerShell scripts and SCCM related stuff :)
Stars: ✭ 73 (+17.74%)
Mutual labels:  reporting
go-test-report
Captures go test output and parses it into a single self-contained HTML file.
Stars: ✭ 68 (+9.68%)
Mutual labels:  reporting
QuestPDF
QuestPDF is an open-source, modern and battle-tested library that can help you with generating PDF documents by offering friendly, discoverable and predictable C# fluent API.
Stars: ✭ 2,872 (+4532.26%)
Mutual labels:  reporting
tap-html
📊 an html tap reporter
Stars: ✭ 17 (-72.58%)
Mutual labels:  reporting
saltdash
A read-only dashboard for Salt jobs
Stars: ✭ 18 (-70.97%)
Mutual labels:  reporting
View All Similar Projects ➔

risu

Gem Version Build Status
Code Climate Inline docs

Risu is Nessus parser, that converts Nessus .nessus xml files into a ActiveRecord database, this allows for easy report generation and vulnerability verification.

Requirements

Ruby

Risu has been tested with ruby-2.0.0, ruby-2.1.0 and ruby-2.2.3. Please use the latest version if possible. I recommend using chruby or RVM to setup your ruby environment.

RubyGems

Risu relies heavily on RubyGems to install other dependencies I highly recommend using it. RubyGems is included by default in the 1.9.x versions of Ruby.

  • libxml
  • rails
  • yaml
  • logger
  • rmagick
  • gruff
  • prawn
  • mysql2
  • nokogiri

Installation

Installation is really easy just gem install!

% gem install risu

Installation with gem signature verification

% gem cert --add <(curl -Ls https://raw.github.com/hammackj/risu/master/certs/hammackj.pem
% gem install risu -P MediumSecurity

Runtime Requirements

These are all available through RubyGems. The should be installed automatically when you install risu, If not this command will install them all:

% gem install rmagick gruff prawn yard mysql2 libxml-ruby rails sqlite3 logger yaml nokogiri

You my need sudo/root access depending on your system setup, Please see detailed install guides for your system!

Developmental Requirements

These are all available through RubyGems. These are required to run the tests, generate the documentation and test coverage. This command will install them all:

% gem install simplecov yard minitest test-unit

You my need sudo/root access depending on your system setup, Please see detailed install guides for your system!

Any database that ActiveRecord supports should work. Risu has been tested with MySQL and SQLite3.

Usage

The following is some of the basic usage for risu. You must setup the database before you can start parsing in reports. All parsed reports share the same database, so all reports are combined as one inside of a database. I suggest a new database per required assessment.

Database Setup

% risu --create-config
% $EDITOR risu.cfg
% risu --create-tables
  1. Generate the risu.cfg file.
  2. Edit the risu.cfg file, filling in the variables as needed.
  3. Migrate the database schema.

Parsing Nessus Output

% risu report1.nessus [report2.nessus ...]
  1. Parse the files by passing their names on the command line.

Viewing Data

The data can be viewed with any query browser available for your database of choice.

Generating Reports

To generate a report please execute the following after the the data is parsed into the database.

% risu -t <TEMPLATE_NAME> -o "REPORT_NAME.pdf"

Risu Console

Using the risu Console is just like using Rails. You can access all of the ActiveRecord models directly and pull specific data from each model. Like SQL only easier!

$ risu --console

      _
 _ __(_)___ _   _
| '__| / __| | | |
| |  | \__ \ |_| |
|_|  |_|___/\__,_|_


risu Console v1.7.2
>> Host.first
=> #<Risu::Models::Host id: 1, report_id: 1, name: "10.69.69.74", os: "Linux Kernel 2.6 on Debian 4.0 (etch)", mac: "XX:XX:XX:XX:XX:XX", start: "2011-04-20 16:29:37", end: "2011-04-20 16:32:14", ip: "10.69.69.74", fqdn: "redada.hammackj.net", netbios: "REDADA", local_checks_proto: nil, smb_login_used: nil, ssh_auth_meth: nil, ssh_login_used: nil, pci_dss_compliance: nil, notes: nil>

Templates

Several templates are included, but is recommend you build your own based on what you need.

$ risu -l
Available Templates
    stig_findings_summary - DISA Stig findings summary report
    pci_compliance - Generates a PCI Compliance Overview Report
    technical_findings - Generates a Technical Findings Report
    ms_patch_summary - Generates a Microsoft Patch Summary Report
    findings_summary_with_pluginid - Generates a Findings Summary with Nessus Plugin ID
    findings_host - Generates a findings report by host
    exec_summary - Generates a simple executive summary.
    finding_statistics - Generates report finding statistics
    graphs - Generates a report with all the graphs in it
    findings_summary - Generates a findings summary report
    assets - Generates a Assets Summary Report
    cover_sheet - Generates a coversheet with a logo (Example Template)
    notable_detailed - Notable Vulnerabilities Detailed
    ms_update_summary - Generates a Microsoft Update Summary Report
    template - template
    notable - Notable Vulnerabilities
    ms_wsus_findings - Generates a report based on the findings of the Patch Management: WSUS Report plugin
    exec_summary_detailed - Generates a detailed executive summary report
    host_summary - Generates a Host Summary Report
$

The templates are written in ruby using prawn, they are fairly easy to make. I will add any templates as requested. See the 'template' example for creating your own template.

Contributing

If you would like to contribute templates/bug fixes/etc to risu. The easiest way is to fork the project on github and make the changes in your fork and the submit a pull request to the project on the dev branch. Please include unit tests for anything non trivial.

Contact / Issues

If you have any problems, bugs, questions or feature requests please use the github issue tracker.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].