risu¶ ↑
{rdoc-image:https://travis-ci.org/hammackj/risu.png?branch=master}[https://travis-ci.org/hammackj/risu]
Risu
is Nessus parser, that converts Nessus .nessus xml files into a ActiveRecord database, this allows for easy report generation and vulnerability verification.
Requirements¶ ↑
Ruby¶ ↑
Risu
has been tested with ruby-2.0.0, ruby-2.1.0 and ruby-2.2.3. Please use the latest version if possible. I recommend using chruby or RVM to setup your ruby environment.
RubyGems¶ ↑
Risu
relies heavily on RubyGems to install other dependencies I highly recommend using it. RubyGems is included by default in the 1.9.x versions of Ruby.
-
libxml
-
rails
-
yaml
-
logger
-
rmagick
-
gruff
-
prawn
-
mysql2
-
nokogiri
Installation¶ ↑
Installation is really easy just gem install!
% gem install risu
Installation with gem signature verification¶ ↑
% gem cert --add <(curl -Ls https://raw.github.com/hammackj/risu/master/certs/hammackj.pem % gem install risu -P MediumSecurity
Runtime Requirements¶ ↑
These are all available through RubyGems. The should be installed automatically when you install risu, If not this command will install them all:
% gem install rmagick gruff prawn yard mysql2 libxml-ruby rails sqlite3 logger yaml nokogiri
You my need sudo/root access depending on your system setup, Please see detailed install guides for your system!
Developmental Requirements¶ ↑
These are all available through RubyGems. These are required to run the tests, generate the documentation and test coverage. This command will install them all:
% gem install simplecov yard minitest test-unit
You my need sudo/root access depending on your system setup, Please see detailed install guides for your system!
Any database that ActiveRecord supports should work. Risu
has been tested with MySQL and SQLite3.
Usage¶ ↑
The following is some of the basic usage for risu. You must setup the database before you can start parsing in reports. All parsed reports share the same database, so all reports are combined as one inside of a database. I suggest a new database per required assessment.
Database Setup¶ ↑
% risu --create-config % $EDITOR risu.cfg % risu --create-tables
-
Generate the risu.cfg file.
-
Edit the risu.cfg file, filling in the variables as needed.
-
Migrate the database schema.
Parsing Nessus Output¶ ↑
% risu report1.nessus [report2.nessus ...]
-
Parse the files by passing their names on the command line.
Viewing Data¶ ↑
The data can be viewed with any query browser available for your database of choice.
Generating Reports¶ ↑
To generate a report please execute the following after the the data is parsed into the database.
% risu -t <TEMPLATE_NAME> -o "REPORT_NAME.pdf"
Risu
Console¶ ↑
Using the risu Console is just like using Rails. You can access all of the ActiveRecord models directly and pull specific data from each model. Like SQL only easier!
$ risu --console _ _ __(_)___ _ _ | '__| / __| | | | | | | \__ \ |_| | |_| |_|___/\__,_|_ risu Console v1.7.2 >> Host.first => #<Risu::Models::Host id: 1, report_id: 1, name: "10.69.69.74", os: "Linux Kernel 2.6 on Debian 4.0 (etch)", mac: "XX:XX:XX:XX:XX:XX", start: "2011-04-20 16:29:37", end: "2011-04-20 16:32:14", ip: "10.69.69.74", fqdn: "redada.hammackj.net", netbios: "REDADA", local_checks_proto: nil, smb_login_used: nil, ssh_auth_meth: nil, ssh_login_used: nil, pci_dss_compliance: nil, notes: nil>
Templates¶ ↑
Several templates are included, but is recommend you build your own based on what you need.
$ risu -l Available Templates stig_findings_summary - DISA Stig findings summary report pci_compliance - Generates a PCI Compliance Overview Report technical_findings - Generates a Technical Findings Report ms_patch_summary - Generates a Microsoft Patch Summary Report findings_summary_with_pluginid - Generates a Findings Summary with Nessus Plugin ID findings_host - Generates a findings report by host exec_summary - Generates a simple executive summary. finding_statistics - Generates report finding statistics graphs - Generates a report with all the graphs in it findings_summary - Generates a findings summary report assets - Generates a Assets Summary Report cover_sheet - Generates a coversheet with a logo (Example Template) notable_detailed - Notable Vulnerabilities Detailed ms_update_summary - Generates a Microsoft Update Summary Report template - template notable - Notable Vulnerabilities ms_wsus_findings - Generates a report based on the findings of the Patch Management: WSUS Report plugin exec_summary_detailed - Generates a detailed executive summary report host_summary - Generates a Host Summary Report $
The templates are written in ruby using prawn, they are fairly easy to make. I will add any templates as requested. See the 'template' example for creating your own template.
Contributing¶ ↑
If you would like to contribute templates/bug fixes/etc to risu. The easiest way is to fork the project on github and make the changes in your fork and the submit a pull request to the project on the dev branch. Please include unit tests for anything non trivial.
Contact / Issues¶ ↑
If you have any problems, bugs, questions or feature requests please use the github issue tracker.