OpenVAS is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution. The framework is part of Greenbone Networks‘ commercial vulnerability management solution from which developments are contributed to the Open Source community since 2009.
OpenVAS is an awesome free tool that allows a network admin, IT security officer, consultant, IT security enthousiast, … to perform vulnerability scans. While its UI may not always be the most fluent in use, the tools offers a wide range of configuration options, allowing a user to configure the tool to fit his/her needs.
The UI does shine when it comes to Dashboards, and reviewing individual reports is quite a breeze. If you’re scanning a single environment the Results page also provides a nice listing of discovered vulnerabilities. However, if you’re scanning multiple environments and don’t feel like removing all tasks and hosts in order to filter findings for the environment you want to analyse, there don’t seem to be many options (or maybe I haven’t found them yet).
Perhaps you’re like me and you create multiple tasks for scanning 1 environment (e.g. because of different credentials) and you’d like to merge the reports of those tasks for a more general overview? Or perhaps you just like working in Excel or need to be able to quickly create a report with some nice graphs for the compliance department?
Using CSV files doesn’t always result in what you want, since the exports contain newlines within cells which cause them to be regarded as different rows. Having to pre-format your CSV with some regex/notepad(++) voodoo prior to being able to import the files in Excel can be quite the nightmare.
As most people do when encountering something that causes an issue or annoys them, I turned to Google in hopes of finding someone who had the same issues and made a solution I could easily port into my workflow. I quickly discovered cr0hn’s OpenVAS2Report and noticed he had the same issues and wrote a tool that fitted my needs and more. However, I quickly noticed it wasn’t working properly (anymore). And since I didn’t have much experience in converting XML into Excel files via Python, I decided not to try and create a fix but went ahead and rewrote the tool to fit my needs.
Introducing OpenVAS Reporting: Convert OpenVAS XML report files to reports.
In this tool I aim to be able to convert OpenVAS XML reports into any format I may need, be it Excel sheets per vulnerability or Excel sheets per host, PDF reports or Word templates. Anything one may need to create an overview that suits his/her workflow and needs.
I hope you may find this tool useful for your workflow as well and am open to suggestions for feature enhancements. Hit me up on Twitter or open an issue on Github. Since I’m randomly working on the tool and may completely overthrow the structure of it I don’t suggest making a pull request, since by the time you get to add the PR, I may have changed half of the source code already.
At the moment of writing this post, I’ve released what I would call v1.0. For the moment the tool is able to convert one or more OpenVAS XML reports into an Excel report with some graphs and worksheets per vulnerability, as cr0hn’s tool was supposed to do. I also added a filter for the minimal risk level to be included in the reports and added a Table of Contents, some coloring and sorting by CVSS score, and I plan to steadily introduce more functionality in the future.