Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security FullDisclosure
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Full-disclosure] Automated Vulnerability Scanners

from [Michael Holstein] Network Security [Permanent Link]
Subject: Re: [Full-disclosure] Automated Vulnerability Scanners
Date: Fri, 24 Feb 2006 16:20:28 -0500 
Can anyone reccommend a perl based nessus wrapper that has the ability
to dump results into a mysql database?


Heck with it .. I'm sure somebody will find my script and this useful.
Any SQL wizzards feel free to let me know how to optimize this ...

The 'nessusstats' part isn't needed for just storing the results -- that's so I can generate reports efficiently). There are other bits in there for other parts of this system I cobbled together -- like tables that store nmap results and such -- thus you see entries in some tables for stuff like that. Remove what you don't need.

Cheers,

Michael Holstein CISSP GCIA
Cleveland State University

CREATE TABLE ipmain (
  idmain int(10) unsigned NOT NULL auto_increment,
  mainip int(10) unsigned NOT NULL default '0',
  lastnmap datetime NOT NULL default '0000-00-00 00:00:00',
  lastnessus datetime NOT NULL default '0000-00-00 00:00:00',
  ipowner varchar(40) default NULL,
  PRIMARY KEY  (idmain),
  KEY xip (mainip)
) TYPE=MyISAM;

CREATE TABLE nessusresults (
  idnessus int(10) unsigned NOT NULL auto_increment,
  domain varchar(15) NOT NULL default '',
  nessushost int(10) unsigned NOT NULL default '0',
  service varchar(40) NOT NULL default '',
  scriptid int(10) unsigned NOT NULL default '0',
  risk tinyint(3) unsigned NOT NULL default '0',
  timestamp datetime NOT NULL default '0000-00-00 00:00:00',
  msg text,
  PRIMARY KEY  (idnessus),
  KEY xidnessus (idnessus),
  KEY knessushost (nessushost),
  KEY knessushost2 (nessushost,service)
) TYPE=MyISAM;

CREATE TABLE nessusstats (
  idstat int(10) unsigned NOT NULL auto_increment,
  domain varchar(15) NOT NULL default '',
  nessushost int(10) unsigned NOT NULL default '0',
  service varchar(40) NOT NULL default '',
  scriptid int(10) unsigned NOT NULL default '0',
  risk tinyint(3) unsigned NOT NULL default '0',
  timestamp datetime NOT NULL default '0000-00-00 00:00:00',
  PRIMARY KEY  (idstat),
  KEY xidstat (idstat),
  KEY kstat (nessushost),
  KEY kstst2 (nessushost,service)
) TYPE=MyISAM;
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Full-disclosure] Automated Vulnerability Scanners, Michael Holstein
Next by Date:  [Full-disclosure] WinAmp Vulns, nodialtone
Previous by Thread:  Re: [Full-disclosure] Automated Vulnerability Scanners, Michael Holstein
Next by Thread:  Re: [Full-disclosure] Automated Vulnerability Scanners, Dude VanWinkle
Indexes:  [Date] [Thread] [Top] [All Lists]