# Nessus CLI
## Description
I made this script for me to not have to log into Nessus every time I wanted to pause/resume a scan because I am lazy and I don't like logging into my computer at 3 AM. I also added Telegram support since I'm paranoid and want to make sure my actions actually worked.
What started as a simple script to pause/resume scans has turned into a full-fledged CLI tool for Nessus. I have added the ability to list scans, check the status of a scan, export a scan, search for a scan, pause a scan, and resume a scan. I have also added the ability to use a .env file to store your API keys and other variables. This is useful if you want to use the Telegram bot functionality. I have also added the ability to pass all variables as command line arguments if you do not want to use a .env file.
## Requirements
- Python 3
- Nessus Professional or Nessus Manager
- Telegram Bot (optional)
## Installation
1. Pip install the script
```bash
pip3 install nessus-cli
```
or
```bash
pip install nessus-cli
```
2. Create a Telegram Bot (optional)
3. Create a .env file in your home directory and add your API keys and other variables (see below) (optional)
4. Run the script
## Development
1. Clone this repository
```bash
git clone https://github.com/minniear/nessus-cli.git
```
2. Install the requirements, preferably in a virtual environment
```bash
python3 -m venv nessus-cli
cd nessus-cli
source bin/activate
pip3 install -r requirements.txt
```
3. Create a Telegram Bot (optional)
4. Create a .env file in your home directory and add your API keys and other variables (see below) (optional)
5. Run the script
## Examples
List all scans
```bash
nessus-cli scans list
```
Check the status or a single scan on a given server
```bash
nessus-cli scans check -S 192.168.250.158 -s 13
```
Pause a scan at a specific time with known API token and X-Cookie
```bash
nessus-cli scans pause -S 10.10.10.10 -p 8080 -s 11 -t "2021-01-01 00:00" -tT "1234567890:ABCDEF1234567890" -tC "1234567890" -aT "1a2b3c4d-1a2b-3c4d-1a2b-3c4d1a2b3c4d" -c "1a2b3c4d1a2b3c4d1a2b3c4d1a2b3c4d1a2b3c4d1a2b3c4d" -v
```
Resume a localhost scan at a specific time using a password
```bash
nessus-cli scans resume -p 8080 -s 11 -t "2021-01-01 09:45" -p "1a2b3c4d5e6f7g8h9i0j"
```
Export a scan as a .nessus file
```bash
nessus-cli scans export -f nessus -s 4 -p "1a2b3c4d5e6f7g8h9i0j"
```
Search for a scan by name
```bash
nessus-cli scans search -s "Scan Name"
```
## Example .env file
All optional variables are added. If you do not want to use the .env file, you can pass the variables as command line arguments.
```
TELEGRAM_BOT_TOKEN="1234567890:ABCDEF1234567890"
TELEGRAM_CHAT_ID="1234567890"
NESSUS_API_TOKEN="1a2b3c4d-1a2b-3c4d-1a2b-3c4d1a2b3c4d"
NESSUS_X_COOKIE="1a2b3c4d1a2b3c4d1a2b3c4d1a2b3c4d1a2b3c4d1a2b3c4d"
NESSUS_PASSWORD="1a2b3c4d5e6f7g8h9i0j"
```
## How to obtain the Nessus API token and X-Cookie
1. Log into Nessus
2. Open the developer tools in your browser
3. Go to the Network tab
4. Click on something like "All Scans" or "My Scans" under FOLDERS
5. Look for the GET request to **folders** and click on it
6. From the Headers tab, copy the X-Cookie value **AFTER** "token=" and paste it into the .env file
7. From the Headers tab, copy the X-API-Token value and paste it into the .env file
8. Also note the scan ID from the URL (e.g. https://nessus.example.com/#/scans/reports/11/hosts)
## How to obtain the Telegram bot token and chat ID
1. Start a chat with the BotFather
2. Send the BotFather the start message `/start`
3. Send the BotFather the newbot message `/newbot`
4. Answer the BotFather's questions to finsh setting up the bot. Keep in mind that your bot name will be searchable by all Telegram users.
5. Save your bot's API key for future reference.
6. Start a chat with your bot and then navigate to <https://api.telegram.org/bot123456789:jbd78sadvbdy63d37gda37bd8/getUpdates> and replace your API key in the URL. **IT NEEDS TO START WITH 'bot' SO KEEP THAT PART OF THE URL**.
7. You will likely get a blank result until you send your bot another message and refresh the getUpdates URL.
8. Once you see updates from the URL, note your 'chat_id'. You can use the combination of chat ID and your API key to send automated alerts.
- EXAMPLE: `curl "https://api.telegram.org/bot123456789:jbd78sadvbdy63d37gda37bd8/sendMessage?chat_id=123456&text=%22You just got a shell! Go check your C2 server!%22"`
9. Copy the "id" value and paste it into the .env file
10. Copy the "token" value and paste it into the .env file
Raw data
{
"_id": null,
"home_page": "",
"name": "nessus-cli",
"maintainer": "",
"docs_url": null,
"requires_python": ">=3.7",
"maintainer_email": "",
"keywords": "nessus,nessus bot,nessus export,nessus pause,nessus resume,nessus schedule,nessus status,nessus telegram,nessus telegram bot,nessus telegram bot export,nessus telegram bot pause,nessus telegram bot resume,nessus telegram bot schedule,nessus telegram bot schedule pause,nessus telegram bot schedule resume,nessus telegram bot status,nessus-cli",
"author": "",
"author_email": "Luke Minniear <lukeminniear@gmail.com>",
"download_url": "https://files.pythonhosted.org/packages/58/fd/74faa2ecf71f6186af288b54e841838bbcfaa2dc7504fd27e96120b6c661/nessus_cli-0.2.1.tar.gz",
"platform": null,
"description": "# Nessus CLI\n\n## Description\nI made this script for me to not have to log into Nessus every time I wanted to pause/resume a scan because I am lazy and I don't like logging into my computer at 3 AM. I also added Telegram support since I'm paranoid and want to make sure my actions actually worked.\n\nWhat started as a simple script to pause/resume scans has turned into a full-fledged CLI tool for Nessus. I have added the ability to list scans, check the status of a scan, export a scan, search for a scan, pause a scan, and resume a scan. I have also added the ability to use a .env file to store your API keys and other variables. This is useful if you want to use the Telegram bot functionality. I have also added the ability to pass all variables as command line arguments if you do not want to use a .env file.\n\n\n## Requirements\n- Python 3\n- Nessus Professional or Nessus Manager\n- Telegram Bot (optional)\n\n## Installation\n1. Pip install the script\n```bash\npip3 install nessus-cli\n```\nor\n```bash\npip install nessus-cli\n```\n2. Create a Telegram Bot (optional)\n3. Create a .env file in your home directory and add your API keys and other variables (see below) (optional)\n4. Run the script\n\n## Development\n1. Clone this repository\n```bash\ngit clone https://github.com/minniear/nessus-cli.git\n```\n2. Install the requirements, preferably in a virtual environment\n```bash\npython3 -m venv nessus-cli\ncd nessus-cli\nsource bin/activate\npip3 install -r requirements.txt\n```\n3. Create a Telegram Bot (optional)\n4. Create a .env file in your home directory and add your API keys and other variables (see below) (optional)\n5. Run the script\n\n## Examples\nList all scans\n```bash\nnessus-cli scans list\n```\nCheck the status or a single scan on a given server\n```bash\nnessus-cli scans check -S 192.168.250.158 -s 13\n```\nPause a scan at a specific time with known API token and X-Cookie\n```bash\nnessus-cli scans pause -S 10.10.10.10 -p 8080 -s 11 -t \"2021-01-01 00:00\" -tT \"1234567890:ABCDEF1234567890\" -tC \"1234567890\" -aT \"1a2b3c4d-1a2b-3c4d-1a2b-3c4d1a2b3c4d\" -c \"1a2b3c4d1a2b3c4d1a2b3c4d1a2b3c4d1a2b3c4d1a2b3c4d\" -v\n```\nResume a localhost scan at a specific time using a password\n```bash\nnessus-cli scans resume -p 8080 -s 11 -t \"2021-01-01 09:45\" -p \"1a2b3c4d5e6f7g8h9i0j\"\n```\nExport a scan as a .nessus file\n```bash\nnessus-cli scans export -f nessus -s 4 -p \"1a2b3c4d5e6f7g8h9i0j\"\n```\nSearch for a scan by name\n```bash\nnessus-cli scans search -s \"Scan Name\"\n```\n## Example .env file\nAll optional variables are added. If you do not want to use the .env file, you can pass the variables as command line arguments.\n```\nTELEGRAM_BOT_TOKEN=\"1234567890:ABCDEF1234567890\"\nTELEGRAM_CHAT_ID=\"1234567890\"\nNESSUS_API_TOKEN=\"1a2b3c4d-1a2b-3c4d-1a2b-3c4d1a2b3c4d\"\nNESSUS_X_COOKIE=\"1a2b3c4d1a2b3c4d1a2b3c4d1a2b3c4d1a2b3c4d1a2b3c4d\"\nNESSUS_PASSWORD=\"1a2b3c4d5e6f7g8h9i0j\"\n```\n\n\n## How to obtain the Nessus API token and X-Cookie\n1. Log into Nessus\n2. Open the developer tools in your browser\n3. Go to the Network tab\n4. Click on something like \"All Scans\" or \"My Scans\" under FOLDERS\n5. Look for the GET request to **folders** and click on it\n6. From the Headers tab, copy the X-Cookie value **AFTER** \"token=\" and paste it into the .env file\n7. From the Headers tab, copy the X-API-Token value and paste it into the .env file\n8. Also note the scan ID from the URL (e.g. https://nessus.example.com/#/scans/reports/11/hosts)\n\n## How to obtain the Telegram bot token and chat ID\n1. Start a chat with the BotFather\n2. Send the BotFather the start message `/start`\n3. Send the BotFather the newbot message `/newbot`\n4. Answer the BotFather's questions to finsh setting up the bot. Keep in mind that your bot name will be searchable by all Telegram users.\n5. Save your bot's API key for future reference.\n6. Start a chat with your bot and then navigate to <https://api.telegram.org/bot123456789:jbd78sadvbdy63d37gda37bd8/getUpdates> and replace your API key in the URL. **IT NEEDS TO START WITH 'bot' SO KEEP THAT PART OF THE URL**.\n7. You will likely get a blank result until you send your bot another message and refresh the getUpdates URL.\n8. Once you see updates from the URL, note your 'chat_id'. You can use the combination of chat ID and your API key to send automated alerts.\n - EXAMPLE: `curl \"https://api.telegram.org/bot123456789:jbd78sadvbdy63d37gda37bd8/sendMessage?chat_id=123456&text=%22You just got a shell! Go check your C2 server!%22\"`\n9. Copy the \"id\" value and paste it into the .env file\n10. Copy the \"token\" value and paste it into the .env file\n\n\n\n\n",
"bugtrack_url": null,
"license": "",
"summary": "Pause, resume, list, check the status of, or export a Nessus scan. There is also the option to schedule a pause or resume action. Telegram bot support is also included.",
"version": "0.2.1",
"project_urls": {
"Documentation": "https://github.com/minniear/nessus-cli#readme",
"Issues": "https://github.com/minniear/nessus-cli/issues",
"Source": "https://github.com/minniear/nessus-cli"
},
"split_keywords": [
"nessus",
"nessus bot",
"nessus export",
"nessus pause",
"nessus resume",
"nessus schedule",
"nessus status",
"nessus telegram",
"nessus telegram bot",
"nessus telegram bot export",
"nessus telegram bot pause",
"nessus telegram bot resume",
"nessus telegram bot schedule",
"nessus telegram bot schedule pause",
"nessus telegram bot schedule resume",
"nessus telegram bot status",
"nessus-cli"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "8288d58f443a46c5438cbd5771b41adc6b94daa48e66165c545cd7805ee95529",
"md5": "f747006496293ea6d331c08d5219a5c8",
"sha256": "9da8a513f8202cca20a859d99d38755241988001cc65625845dd346917cd3a51"
},
"downloads": -1,
"filename": "nessus_cli-0.2.1-py3-none-any.whl",
"has_sig": false,
"md5_digest": "f747006496293ea6d331c08d5219a5c8",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.7",
"size": 25960,
"upload_time": "2023-09-20T21:35:11",
"upload_time_iso_8601": "2023-09-20T21:35:11.951275Z",
"url": "https://files.pythonhosted.org/packages/82/88/d58f443a46c5438cbd5771b41adc6b94daa48e66165c545cd7805ee95529/nessus_cli-0.2.1-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "58fd74faa2ecf71f6186af288b54e841838bbcfaa2dc7504fd27e96120b6c661",
"md5": "949289428437c10630c7baec63820235",
"sha256": "70d82fe22657f1dab923c5e5edf8cfc08095e354acd237d4ac542c016ebee94e"
},
"downloads": -1,
"filename": "nessus_cli-0.2.1.tar.gz",
"has_sig": false,
"md5_digest": "949289428437c10630c7baec63820235",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.7",
"size": 22312,
"upload_time": "2023-09-20T21:35:13",
"upload_time_iso_8601": "2023-09-20T21:35:13.679182Z",
"url": "https://files.pythonhosted.org/packages/58/fd/74faa2ecf71f6186af288b54e841838bbcfaa2dc7504fd27e96120b6c661/nessus_cli-0.2.1.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2023-09-20 21:35:13",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "minniear",
"github_project": "nessus-cli#readme",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"requirements": [],
"lcname": "nessus-cli"
}