1、Nmap (XML); 2、Nessus (XML); 3、Nikto (XML); 4、Dirble (XML); 5、Testssl (JSON); 6、Fortify (FPR);
1、argparse (dev-python/argparse); 2、prettytable (dev-python/prettytable); 3、python (dev-lang/python); 4、xlsxwriter (dev-python/xlsxwriter);
pip install --user sr2tgit clone https://gitlab.com/0bs1d1an/sr2t.gitsr2t --helppython -m src.sr2t --help$ sr2t --helpusage: sr2t [-h] [--nessus NESSUS [NESSUS ...]] [--nmap NMAP [NMAP ...]] [--nikto NIKTO [NIKTO ...]] [--dirble DIRBLE [DIRBLE ...]] [--testssl TESTSSL [TESTSSL ...]] [--fortify FORTIFY [FORTIFY ...]] [--nmap-state NMAP_STATE] [--nmap-services] [--no-nessus-autoclassify] [--nessus-autoclassify-file NESSUS_AUTOCLASSIFY_FILE] [--nessus-tls-file NESSUS_TLS_FILE] [--nessus-x509-file NESSUS_X509_FILE] [--nessus-http-file NESSUS_HTTP_FILE] [--nessus-smb-file NESSUS_SMB_FILE] [--nessus-rdp-file NESSUS_RDP_FILE] [--nessus-ssh-file NESSUS_SSH_FILE] [--nessus-min-severity NESSUS_MIN_SEVERITY] [--nessus-plugin-name-width NESSUS_PLUGIN_NAME_WIDTH] [--nessus-sort-by NESSUS_SORT_BY] [--nikto-description-width NIKTO_DESCRIPTION_WIDTH] [--fortify-details] [--annotation-width ANNOTATION_WIDTH] [-oC OUTPUT_CSV] [-oT OUTPUT_TXT] [-oX OUTPUT_XLSX] [-oA OUTPUT_ALL]Converting scanning reports to a tabular formatoptional arguments: -h, --help 显示工具帮助信息和退出--nmap-state NMAP_STATE 指定过滤器的状态,例如open、filtered--nmap-services 指定服务补充列表--no-nessus-autoclassify 不对Nessus结果执行自动分类--nessus-autoclassify-file NESSUS_AUTOCLASSIFY_FILE 指定覆盖一个自定义Nessus自动分类YAML文件--nessus-tls-file NESSUS_TLS_FILE 指定覆盖一个自定义Nessus TLS YAML文件--nessus-x509-file NESSUS_X509_FILE 指定覆盖一个自定义Nessus X.509 YAML文件--nessus-http-file NESSUS_HTTP_FILE 指定覆盖一个自定义Nessus HTTP YAML文件--nessus-smb-file NESSUS_SMB_FILE 指定覆盖一个自定义Nessus SMB YAML文件--nessus-rdp-file NESSUS_RDP_FILE 指定覆盖一个自定义Nessus RDP YAML文件--nessus-ssh-file NESSUS_SSH_FILE 指定覆盖一个自定义Nessus SSH YAML文件--nessus-min-severity NESSUS_MIN_SEVERITY 指定输出的最低严重等级,例如1--nessus-plugin-name-width NESSUS_PLUGIN_NAME_WIDTH 指定pluginid列的宽度,例如30--nessus-sort-by NESSUS_SORT_BY 指定输出按照ip-address, port, plugin-id,plugin-name或severity排序--nikto-description-width NIKTO_DESCRIPTION_WIDTH 指定description列的宽度,例如30--fortify-details 指定包含Fortify摘要、解释和针对每个漏洞的建议--annotation-width ANNOTATION_WIDTH 指定annotation列的宽度,例如30 -oC OUTPUT_CSV, --output-csv OUTPUT_CSV 指定输出CSV名称,例如output -oT OUTPUT_TXT, --output-txt OUTPUT_TXT 指定输出TXT文件,例如output.txt -oX OUTPUT_XLSX, --output-xlsx OUTPUT_XLSX 指定输出XLSX文件,例如output.xlsx -oA OUTPUT_ALL, --output-all OUTPUT_ALL 指定输出全部格式的输出基础文件名,例如outputspecify at least one:--nessus NESSUS [NESSUS ...] 指定(多个)Nessus XML文件--nmap NMAP [NMAP ...] 指定(多个)Nmap XML文件--nikto NIKTO [NIKTO ...] 指定(多个)Nikto XML文件--dirble DIRBLE [DIRBLE ...] 指定(多个)Dirble XML文件--testssl TESTSSL [TESTSSL ...] 指定(多个)Testssl JSON文件--fortify FORTIFY [FORTIFY ...] 指定(多个)HP Fortify FPR文件Nessus
$ sr2t --nessus example/nessus.nessus --no-nessus-autoclassify -oX example.xlsx
$ sr2t --nessus example/nessus.nessus+---------------+-------+-----------+-----------------------------------------------------------------------------+----------+-------------+| host | port | plugin id | plugin name | severity | annotations |+---------------+-------+-----------+-----------------------------------------------------------------------------+----------+-------------+| 192.168.142.4 | 3389 | 42873 | SSL Medium Strength Cipher Suites Supported (SWEET32) | 2 | X || 192.168.142.4 | 443 | 42873 | SSL Medium Strength Cipher Suites Supported (SWEET32) | 2 | X || 192.168.142.4 | 3389 | 18405 | Microsoft Windows Remote Desktop Protocol Server Man-in-the-Middle Weakness | 2 | X || 192.168.142.4 | 3389 | 30218 | Terminal Services Encryption Level is not FIPS-140 Compliant | 1 | X || 192.168.142.4 | 3389 | 57690 | Terminal Services Encryption Level is Medium or Low | 2 | X || 192.168.142.4 | 3389 | 58453 | Terminal Services Doesn't Use Network Level Authentication (NLA) Only | 2 | X || 192.168.142.4 | 3389 | 45411 | SSL Certificate with Wrong Hostname | 2 | X || 192.168.142.4 | 443 | 45411 | SSL Certificate with Wrong Hostname | 2 | X || 192.168.142.4 | 3389 | 35291 | SSL Certificate Signed Using Weak Hashing Algorithm | 2 | X || 192.168.142.4 | 3389 | 57582 | SSL Self-Signed Certificate | 2 | X || 192.168.142.4 | 3389 | 51192 | SSL Certificate Cannot Be Trusted | 2 | X || 192.168.142.2 | 3389 | 42873 | SSL Medium Strength Cipher Suites Supported (SWEET32) | 2 | X || 192.168.142.2 | 443 | 42873 | SSL Medium Strength Cipher Suites Supported (SWEET32) | 2 | X || 192.168.142.2 | 3389 | 18405 | Microsoft Windows Remote Desktop Protocol Server Man-in-the-Middle Weakness | 2 | X || 192.168.142.2 | 3389 | 30218 | Terminal Services Encryption Level is not FIPS-140 Compliant | 1 | X || 192.168.142.2 | 3389 | 57690 | Terminal Services Encryption Level is Medium or Low | 2 | X || 192.168.142.2 | 3389 | 58453 | Terminal Services Doesn't Use Network Level Authentication (NLA) Only | 2 | X || 192.168.142.2 | 3389 | 45411 | SSL Certificate with Wrong Hostname | 2 | X || 192.168.142.2 | 443 | 45411 | SSL Certificate with Wrong Hostname | 2 | X || 192.168.142.2 | 3389 | 35291 | SSL Certificate Signed Using Weak Hashing Algorithm | 2 | X || 192.168.142.2 | 3389 | 57582 | SSL Self-Signed Certificate | 2 | X || 192.168.142.2 | 3389 | 51192 | SSL Certificate Cannot Be Trusted | 2 | X || 192.168.142.2 | 445 | 57608 | SMB Signing not required | 2 | X |+---------------+-------+-----------+-----------------------------------------------------------------------------+----------+-------------+$ sr2t --nessus example/nessus.nessus -oC example$ cat example_nessus.csvhost,port,plugin id,plugin name,severity,annotations192.168.142.4,3389,42873,SSL Medium Strength Cipher Suites Supported (SWEET32),2,X192.168.142.4,443,42873,SSL Medium Strength Cipher Suites Supported (SWEET32),2,X192.168.142.4,3389,18405,Microsoft Windows Remote Desktop Protocol Server Man-in-the-Middle Weakness,2,X192.168.142.4,3389,30218,Terminal Services Encryption Level is not FIPS-140 Compliant,1,X192.168.142.4,3389,57690,Terminal Services Encryption Level is Medium or Low,2,X192.168.142.4,3389,58453,Terminal Services Doesn't Use Network Level Authentication (NLA) Only,2,X192.168.142.4,3389,45411,SSL Certificate with Wrong Hostname,2,X192.168.142.4,443,45411,SSL Certificate with Wrong Hostname,2,X192.168.142.4,3389,35291,SSL Certificate Signed Using Weak Hashing Algorithm,2,X192.168.142.4,3389,57582,SSL Self-Signed Certificate,2,X192.168.142.4,3389,51192,SSL Certificate Cannot Be Trusted,2,X192.168.142.2,3389,42873,SSL Medium Strength Cipher Suites Supported (SWEET32),2,X192.168.142.2,443,42873,SSL Medium Strength Cipher Suites Supported (SWEET32),2,X192.168.142.2,3389,18405,Microsoft Windows Remote Desktop Protocol Server Man-in-the-Middle Weakness,2,X192.168.142.2,3389,30218,Terminal Services Encryption Level is not FIPS-140 Compliant,1,X192.168.142.2,3389,57690,Terminal Services Encryption Level is Medium or Low,2,X192.168.142.2,3389,58453,Terminal Services Doesn't Use Network Level Authentication (NLA) Only,2,X192.168.142.2,3389,45411,SSL Certificate with Wrong Hostname,2,X192.168.142.2,443,45411,SSL Certificate with Wrong Hostname,2,X192.168.142.2,3389,35291,SSL Certificate Signed Using Weak Hashing Algorithm,2,X192.168.142.2,3389,57582,SSL Self-Signed Certificate,2,X192.168.142.2,3389,51192,SSL Certificate Cannot Be Trusted,2,X192.168.142.2,445,57608,SMB Signing not required,2,XNmap
$ sr2t --nmap example/nmap.xml -oX example.xlsx
$ sr2t --nmap example/nmap.xml --nmap-servicesNmap TCP:+-----------------+----+----+----+-----+-----+-----+-----+------+------+------+| | 53 | 80 | 88 | 135 | 139 | 389 | 445 | 3389 | 5800 | 5900 |+-----------------+----+----+----+-----+-----+-----+-----+------+------+------+| 192.168.23.78 | X | | X | X | X | X | X | X | | || 192.168.27.243 | | | | X | X | | X | X | X | X || 192.168.99.164 | | | | X | X | | X | X | X | X || 192.168.228.211 | | X | | | | | | | | || 192.168.171.74 | | | | X | X | | X | X | X | X |+-----------------+----+----+----+-----+-----+-----+-----+------+------+------+Nmap Services:+-----------------+------+-------+---------------+-------+| ip address | port | proto | service | state |+-----------------+------+-------+---------------+-------+| 192.168.23.78 | 53 | tcp | domain | open || 192.168.23.78 | 88 | tcp | kerberos-sec | open || 192.168.23.78 | 135 | tcp | msrpc | open || 192.168.23.78 | 139 | tcp | netbios-ssn | open || 192.168.23.78 | 389 | tcp | ldap | open || 192.168.23.78 | 445 | tcp | microsoft-ds | open || 192.168.23.78 | 3389 | tcp | ms-wbt-server | open || 192.168.27.243 | 135 | tcp | msrpc | open || 192.168.27.243 | 139 | tcp | netbios-ssn | open || 192.168.27.243 | 445 | tcp | microsoft-ds | open || 192.168.27.243 | 3389 | tcp | ms-wbt-server | open || 192.168.27.243 | 5800 | tcp | vnc-http | open || 192.168.27.243 | 5900 | tcp | vnc | open || 192.168.99.164 | 135 | tcp | msrpc | open || 192.168.99.164 | 139 | tcp | netbios-ssn | open || 192.168.99.164 | 445 | tcp | microsoft-ds | open || 192.168.99.164 | 3389 | tcp | ms-wbt-server | open || 192.168.99.164 | 5800 | tcp | vnc-http | open || 192.168.99.164 | 5900 | tcp | vnc | open || 192.168.228.211 | 80 | tcp | http | open || 192.168.171.74 | 135 | tcp | msrpc | open || 192.168.171.74 | 139 | tcp | netbios-ssn | open || 192.168.171.74 | 445 | tcp | microsoft-ds | open || 192.168.171.74 | 3389 | tcp | ms-wbt-server | open || 192.168.171.74 | 5800 | tcp | vnc-http | open || 192.168.171.74 | 5900 | tcp | vnc | open |+-----------------+------+-------+---------------+-------+$ sr2t --nmap example/nmap.xml -oC example$ cat example_nmap_tcp.csvip address,53,80,88,135,139,389,445,3389,5800,5900192.168.23.78,X,,X,X,X,X,X,X,,192.168.27.243,,,,X,X,,X,X,X,X192.168.99.164,,,,X,X,,X,X,X,X192.168.228.211,,X,,,,,,,,192.168.171.74,,,,X,X,,X,X,X,XNikto
$ sr2t --nikto example/nikto.xml -oX example/nikto.xlsx
$ sr2t --nikto example/nikto.xml+----------------+-----------------+-------------+----------------------------------------------------------------------------------+-------------+| target ip | target hostname | target port | description | annotations |+----------------+-----------------+-------------+----------------------------------------------------------------------------------+-------------+| 192.168.178.10 | 192.168.178.10 | 80 | The anti-clickjacking X-Frame-Options header is not present. | X || 192.168.178.10 | 192.168.178.10 | 80 | The X-XSS-Protection header is not defined. This header can hint to the user | X || | | | agent to protect against some forms of XSS | || 192.168.178.10 | 192.168.178.10 | 80 | The X-Content-Type-Options header is not set. This could allow the user agent to | X || | | | render the content of the site in a different fashion to the MIME type | |+----------------+-----------------+-------------+----------------------------------------------------------------------------------+-------------+$ sr2t --nikto example/nikto.xml -oC example$ cat example_nikto.csvtarget ip,target hostname,target port,description,annotations192.168.178.10,192.168.178.10,80,The anti-clickjacking X-Frame-Options header is not present.,X192.168.178.10,192.168.178.10,80,"The X-XSS-Protection header is not defined. This header can hint to the useragent to protect against some forms of XSS",X192.168.178.10,192.168.178.10,80,"The X-Content-Type-Options header is not set. This could allow the user agent torender the content of the site in a different fashion to the MIME type",XDrible
$ sr2t --dirble example/dirble.xml -oX example.xlsx
$ sr2t --dirble example/dirble.xml+-----------------------------------+------+-------------+--------------+-------------+---------------------+--------------+-------------+| url | code | content len | is directory | is listable | found from listable | redirect url | annotations |+-----------------------------------+------+-------------+--------------+-------------+---------------------+--------------+-------------+| http://example.org/flv | 0 | 0 | false | false | false | | X || http://example.org/hire | 0 | 0 | false | false | false | | X || http://example.org/phpSQLiteAdmin | 0 | 0 | false | false | false | | X || http://example.org/print_order | 0 | 0 | false | false | false | | X || http://example.org/putty | 0 | 0 | false | false | false | | X || http://example.org/receipts | 0 | 0 | false | false | false | | X |+-----------------------------------+------+-------------+--------------+-------------+---------------------+--------------+-------------+$ sr2t --dirble example/dirble.xml -oC example$ cat example_dirble.csvurl,code,content len,is directory,is listable,found from listable,redirect url,annotationshttp://example.org/flv,0,0,false,false,false,,Xhttp://example.org/hire,0,0,false,false,false,,Xhttp://example.org/phpSQLiteAdmin,0,0,false,false,false,,Xhttp://example.org/print_order,0,0,false,false,false,,Xhttp://example.org/putty,0,0,false,false,false,,Xhttp://example.org/receipts,0,0,false,false,false,,XTestssl
$ sr2t --testssl example/testssl.json -oX example.xlsx
$ sr2t --testssl example/testssl.json+-----------------------------------+------+--------+---------+--------+------------+-----+---------+---------+----------+| ip address | port | BREACH | No HSTS | No PFS | No TLSv1.3 | RC4 | TLSv1.0 | TLSv1.1 | Wildcard |+-----------------------------------+------+--------+---------+--------+------------+-----+---------+---------+----------+| rc4-md5.badssl.com/104.154.89.105 | 443 | X | X | X | X | X | X | X | X |+-----------------------------------+------+--------+---------+--------+------------+-----+---------+---------+----------+$ sr2t --testssl example/testssl.json -oC example$ cat example_testssl.csvip address,port,BREACH,No HSTS,No PFS,No TLSv1.3,RC4,TLSv1.0,TLSv1.1,Wildcardrc4-md5.badssl.com/104.154.89.105,443,X,X,X,X,X,X,X,XFortify
$ sr2t --fortify example/fortify.fpr -oX example.xlsx
$ sr2t --fortify example/fortify.fpr+--------------------------+-----------------------+-------------------------------+----------+------------+-------------+| | type | subtype | severity | confidence | annotations |+--------------------------+-----------------------+-------------------------------+----------+------------+-------------+| example1/web.xml:135:135 | J2EE Misconfiguration | Insecure Transport | 3.0 | 5.0 | X || example2/web.xml:150:150 | J2EE Misconfiguration | Insecure Transport | 3.0 | 5.0 | X || example3/web.xml:109:109 | J2EE Misconfiguration | Incomplete Error Handling | 3.0 | 5.0 | X || example4/web.xml:108:108 | J2EE Misconfiguration | Incomplete Error Handling | 3.0 | 5.0 | X || example5/web.xml:166:166 | J2EE Misconfiguration | Insecure Transport | 3.0 | 5.0 | X || example6/web.xml:2:2 | J2EE Misconfiguration | Excessive Session Timeout | 3.0 | 5.0 | X || example7/web.xml:162:162 | J2EE Misconfiguration | Missing Authentication Method | 3.0 | 5.0 | X |+--------------------------+-----------------------+-------------------------------+----------+------------+-------------+$ sr2t --fortify example/fortify.fpr -oC example$ cat example_fortify.csv,type,subtype,severity,confidence,annotationsexample1/web.xml:135:135,J2EE Misconfiguration,Insecure Transport,3.0,5.0,Xexample2/web.xml:150:150,J2EE Misconfiguration,Insecure Transport,3.0,5.0,Xexample3/web.xml:109:109,J2EE Misconfiguration,Incomplete Error Handling,3.0,5.0,Xexample4/web.xml:108:108,J2EE Misconfiguration,Incomplete Error Handling,3.0,5.0,Xexample5/web.xml:166:166,J2EE Misconfiguration,Insecure Transport,3.0,5.0,Xexample6/web.xml:2:2,J2EE Misconfiguration,Excessive Session Timeout,3.0,5.0,Xexample7/web.xml:162:162,J2EE Misconfiguration,Missing Authentication Method,3.0,5.0,X原文始发于微信公众号(FreeBuf):如何使用sr2t将你的安全扫描报告转换为表格格式
免责声明:文章中涉及的程序(方法)可能带有攻击性,仅供安全研究与教学之用,读者将其信息做其他用途,由读者承担全部法律及连带责任,本站不承担任何法律及连带责任;如有问题可邮件联系(建议使用企业邮箱或有效邮箱,避免邮件被拦截,联系方式见首页),望知悉。
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论