GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects â†’ potatoqualitee â†’ tentools

potatoqualitee / tentools

Licence: BSD-3-Clause license
💙 tenable.sc / nessus / acas powershell module

Programming Languages

powershell
5483 projects

Labels

devopsdeploymentnessustenablescacas

Projects that are alternatives of or similar to tentools

nessus-file-analyzer
GUI tool which enables you to parse nessus scan files from Nessus and Tenable.SC by (C) Tenable, Inc. and exports results to a Microsoft Excel Workbook for effortless analysis.
Stars: ✭ 56 (+107.41%)
Mutual labels:  nessus, tenablesc
Faraday
Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.
Stars: ✭ 3,198 (+11744.44%)
Mutual labels:  nessus
Detect-CVE-2017-15361-TPM
Detects Windows and Linux systems with enabled Trusted Platform Modules (TPM) vulnerable to CVE-2017-15361. #nsacyber
Stars: ✭ 34 (+25.93%)
Mutual labels:  nessus
hakbot-origin-controller
Vendor-Neutral Security Tool Automation Controller (over REST)
Stars: ✭ 30 (+11.11%)
Mutual labels:  nessus
BitLocker-Guidance
Configuration guidance for implementing BitLocker. #nsacyber
Stars: ✭ 90 (+233.33%)
Mutual labels:  nessus
risu
Risu is Nessus parser, that converts the generated reports into a ActiveRecord database, this allows for easy report generation and vulnerability verification.
Stars: ✭ 62 (+129.63%)
Mutual labels:  nessus
PHPNessusNG
PHP wrapper functions for interfacing with the Nessus V6.x API
Stars: ✭ 15 (-44.44%)
Mutual labels:  nessus
plane-notify
Notify If a selected plane has taken off or landed using OpenSky or ADS-B Exchange data. Compares older data to newer data to determine if a landing or takeoff has occurred. As well as nav modes, emergency squawk and resolution advisory notifications. Can output to Twitter, Discord, and Pushbullet
Stars: ✭ 1,905 (+6955.56%)
Mutual labels:  acas

tentools logo tentools is PowerShell module automates tenable.sc and Nessus. It is a rewrite of Tenable's Posh-Nessus, which was created by Carlos Perez.

This toolset extends Posh-Nessus by adding more functionality, including the ability to work with tenable.sc / SecurityCenter.

Installer

tentools works on PowerShell Core. This means that you can run all commands on Windows, Linux and macOS.

Run the following to install tentools from the PowerShell Gallery (to install on a server or for all users, remove the -Scope parameter and run in an elevated session):

Install-Module tentools -Scope CurrentUser

If you need to install this module to an offline server, you can run

Save-Module tentools -Path C:\temp

And it will save all dependent modules. You can also download the zip from our repo, but you'll also need to download PSFramework.

Please rename the folders from name-main to name and store in your $Env:PSModulePath.

Usage scenarios

  • Deploy standardized implementations
  • Manage Nessus and tenable.sc at scale
  • Manage some objects that are not available in the web interface

Usage examples

Initalize a newly setup Nessus server with a license and username

Initialize-TNServer -ComputerName securitycenter01 -Path $home\Downloads\nessus.license -Credential admin

Get a list of Organizations and Repositories using an Administrator account then create an Organization

$admin = Get-Credential acasadmin
Connect-TNServer -ComputerName acas -Credential $admin
Get-TNOrganization
Get-TNRepository
New-TNOrganization -Name "Acme Corp"

Get a list of Scans using an Security Manager account

$cred = Get-Credential secman
Connect-TNServer -ComputerName acas -Credential $cred
Get-TNScan

Support

  • PowerShell v5.1 and above
  • Windows, macOS and Linux

Simplified deployment

As described in the wiki, you can deploy your entire environment in one simple command called Start-TNDeploy. This wrapper command accepts input from a JSON file with all of your configuration values, such as the one below.

{
    "ComputerName": "securitycenter",
    "AdministratorCredential": "admin",
    "Scanner": "localhost",
    "ScannerCredential": "admin",
    "Repository": [
        "Vulnerabilities",
        "Audits"
    ],
    "Organization": "Acme",
    "SecurityManagerCredential": "secman",
    "IpRange": "192.168.100.0/24",
    "PolicyFilePath": "C:\\sc\\scan_policies",
    "AuditFilePath": "C:\\sc\\portal_audits\\Database\\DISA*MSSQL*",
    "DashboardFilePath": "C:\\sc\\dashboards",
    "AssetFilePath": "C:\\sc\\asset_lists",
    "ReportFilePath": "C:\\sc\\reports",
    "ScanZone": "All Computers",
    "ScanCredentialHash": [
        {
            "Credential": "ad\\nessus",
            "Name": "Windows Scanner Account",
            "Type": "windows",
            "AuthType": "password"
        },
        {
            "Credential": "acasaccount",
            "PrivilegeEscalation": "sudo",
            "Name": "Linux Scanner Account",
            "Type": "ssh",
            "AuthType": "password"
        },
        {
            "Credential": "sa",
            "Name": "SQL Server sqladmin account",
            "CredentialHash": {
                "SQLServerAuthType": "SQL",
                "dbType": "SQL Server"
            },
            "Type": "database",
            "AuthType": "password"
        }
    ]
}

To create a well-stocked deployment, just add that to a JSON file, then pipe that file to Start-TNDeploy.

Get-Content C:\github\demo.json | ConvertFrom-Json | Start-TNDeploy

After entering all of the required passwords for your accounts (administrator, security manager, nessus scanner, scan credentials), sit back and let PowerShell take care of the rest as seen in the video below.

Start-TNDeploy demo

That last frame of that video was basically this result, which shows how the tenable.sc has been fully stocked:

ServerUri         : securitycenter:443
AuditPolicy       : {DISA STIG MSSQL 2012 Database v1r20, DISA STIG MSSQL 2012 Instance-DB v1r20, DISA STIG MSSQL 2012 Instance-OS v1r20, DISA STIG MSSQL 2014 Database v1r6...}
ComputerName      : securitycenter
DISADetailedASR   : DISA ASR
ImportedAsset     : {BPG 5.4 - Bad, No Auth Attempted, BPG 5.4 - Bad, Error, - CMRS Daily Publishing, BPG 5.4 - Endpoint No Agent Differential Scan...}
ImportedAudit     : {DISA STIG MSSQL 2012 Database v1r20, DISA STIG MSSQL 2012 Instance-DB v1r20, DISA STIG MSSQL 2012 Instance-OS v1r20, DISA STIG MSSQL 2014 Database v1r6...}
ImportedDashboard : Acme Scan Summary
ImportedPolicy    : {Acme - Agent Differential Scan Policy (DRAFT), Acme - Agent Scan BPG, Acme - Configuration (STIG) Scan, Acme - Malware Scan...}
ImportedReport    : Test Import File
IpRange           : 192.168.100.0/24
Organization      : Acme
ReportAttribute   : DISA
Repository        : {Vulnerabilities, Audits}
ScanCredential    : {Windows Scanner Account, Linux Scanner Account, SQL Server sqladmin account}
Scanner           : localhost
ScannerCredential : admin
Scans             : {Acme - Agent Differential Scan Policy (DRAFT), Acme - Agent Scan BPG, Acme - Configuration (STIG) Scan, Acme - Malware Scan...}
ScanZone          : All Computers
SecurityManager   : secman
ServerType        : tenable.sc
Status            : Success

From here, you can run the necessary scans and export the reports for eMASS.

# Run the STIG scan
Get-TNScan -Name 'DISA STIG MSSQL 2012 Database v1r20' | Start-TNScan -Wait
# Export the zip to upload to eMASS
Get-TNReport -Name 'DISA ASR' | Start-TNReport -Wait | Save-TNReportResult -Path C:\temp

Command Support

Some commands are not supported on all platforms. Here is is legend to help.

Command Nessus tenable.sc
Add-TNGroupUser x
Add-TNPluginRule x
Add-TNPolicyPortRange x x
Add-TNScanner x
Backup-TNServer x x
Connect-TNServer x x
ConvertFrom-TNRestResponse x x
Copy-TNPolicy x x
Disable-TNPolicyLocalPortEnumeration x x
Disable-TNPolicyPortScanner x x
Edit-TNPluginRule x x
Enable-TNPolicyLocalPortEnumeration x x
Enable-TNPolicyPortScanner x x
Export-TNPolicy x x
Export-TNScan x x
Get-TNAnalysis x x
Get-TNAsset x
Get-TNAudit x
Get-TNCredential x
Get-TNDashboard x
Get-TNFeedStatus x
Get-TNFolder x
Get-TNGroup x x
Get-TNGroupMember x x
Get-TNLdapServer x
Get-TNOrganization x
Get-TNOrganizationUser x
Get-TNPlugin x x
Get-TNPluginFamily x x
Get-TNPluginFamilyDetails x x
Get-TNPluginRule x
Get-TNPolicy x x
Get-TNPolicyDetail x x
Get-TNPolicyLocalPortEnumeration x
Get-TNPolicyPortRange x x
Get-TNPolicyPortScanner x x
Get-TNPolicyTemplate x x
Get-TNQuery x
Get-TNReport x
Get-TNReportAttribute x
Get-TNReportResult x
Get-TNRepository x
Get-TNRole x
Get-TNScan x x
Get-TNScanDetail x x
Get-TNScanHistory x
Get-TNScanHost x x
Get-TNScanHostDetail x x
Get-TNScanner x
Get-TNScanResult x
Get-TNScanTemplate x
Get-TNScanZone x
Get-TNServerInfo x
Get-TNServerStatus x x
Get-TNSession x x
Get-TNSessionInfo x x
Get-TNSystemLog x
Get-TNUser x x
Import-TNAsset x
Import-TNAudit x
Import-TNCustomPlugin x
Import-TNDashboard x
Import-TNPolicy x
Import-TNReport x
Import-TNScan x
Initialize-TNServer x x
Invoke-TNRequest x x
New-TNAsset x
New-TNCredential x
New-TNDisaAsrReport x
New-TNFolder x
New-TNGroup x x
New-TNLdapServer x
New-TNOrganization x
New-TNOrganizationUser x
New-TNPolicy x x
New-TNQuery x
New-TNReportAttribute x
New-TNRepository x
New-TNScan x x
New-TNScanZone x
New-TNUser x x
Register-TNLicense x
Remove-TNAsset x x
Remove-TNAudit x
Remove-TNCredential x
Remove-TNDashboard x x
Remove-TNFolder x x
Remove-TNGroup x x
Remove-TNGroupUser x x
Remove-TNOrganization x
Remove-TNOrganizationUser x
Remove-TNPluginRule x x
Remove-TNPolicy x x
Remove-TNQuery x
Remove-TNReport x x
Remove-TNReportResult x x
Remove-TNRepository x
Remove-TNScan x x
Remove-TNScanHistory x x
Remove-TNScanner x
Remove-TNScanZone x x
Remove-TNSession x x
Remove-TNUser x x
Rename-TNFolder x x
Rename-TNGroup x x
Restart-TNService x x
Restore-TNServer x x
Resume-TNScan x x
Save-TNAudit x x
Save-TNPlugin x x
Save-TNReportResult x
Save-TNScanResult x
Save-TNScapFile x x
Set-TNCertificate x x
Set-TNPolicyPortRange x x
Set-TNRepositoryProperty x
Set-TNScanProperty x
Set-TNScanZoneProperty x
Set-TNUserPassword x x
Start-TNDeploy x x
Start-TNReport x
Start-TNScan x x
Stop-TNScan x x
Suspend-TNScan x x
Test-TNAccessibility x x
Update-TNPluginFeed x
Wait-TNServerReady x x

Key links for reference:

  • tentools wiki for an overall view of tentools, things like purpose, roles and simplified deployment
  • ACAS overview for discussion around contributing to the project
  • Tenable ACAS Blog for general discussion on the module and asking questions
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].