Risu is Nessus parser, that converts the generated reports into a ActiveRecord database, this allows for easy report generation and vulnerability verification.
Version 1.6.3 is the current release.
Risu has been tested with ruby-1.9.3-p392 and ruby-2.0.0-p0. Please try to use one of these versions if possible. I recommend using RVM to setup your ruby environment you can get it here.
Risu relies heavily on RubyGems to install other dependencies I highly recommend using it. RubyGems is included by default in the 1.9.x versions of Ruby.
- libxml
- rails
- yaml
- logger
- rmagick
- gruff
- prawn
- mysql2
- nokogiri
Installation is really easy just gem install!
% gem install risu
These are all available through RubyGems. The should be installed automatically when you install risu, If not this command will install them all:
% gem install rmagick gruff prawn yard mysql2 libxml-ruby rails sqlite3 logger yaml nokogiri
You my need sudo/root access depending on your system setup
Any database that ActiveRecord supports should work. Risu has been tested with MySQL and SQLite3.
% risu --create-config
% $EDITOR risu.cfg
% risu --create-tables
- Generate the risu.cfg file.
- Edit the risu.cfg file, filling in the variables as needed.
- Migrate the database schema.
% risu report1.nessus [report2.nessus ...]
- Parse the files by passing their names on the command line.
The data can be viewed with a query browser available for your database.
To generate a report please execute the following after the the data is parsed into the database.
% risu -t <TEMPLATE_NAME> -o "REPORT_NAME.pdf"
Using the risu Console is just like using Rails. You can access all of the ActiveRecord models directly and pull specific data from each model. Like SQL only easier!
$ risu --console
_
_ __(_)___ _ _
| '__| / __| | | |
| | | \__ \ |_| |
|_| |_|___/\__,_|
risu Console v1.6.2
>> Host.first
=> #<Risu::Models::Host id: 1, report_id: 1, name: "10.69.69.74", os: "Linux Kernel 2.6 on Debian 4.0 (etch)", mac: "XX:XX:XX:XX:XX:XX", start: "2011-04-20 16:29:37", end: "2011-04-20 16:32:14", ip: "10.69.69.74", fqdn: "redada.arxopia.net", netbios: "REDADA", local_checks_proto: nil, smb_login_used: nil, ssh_auth_meth: nil, ssh_login_used: nil, pci_dss_compliance: nil, notes: nil>
Several templates are included:
$ risu -l
Available Templates
stig_findings_summary - DISA Stig findings summary report
pci_compliance - Generates a PCI Compliance Overview Report
technical_findings - Generates a Technical Findings Report
ms_patch_summary - Generates a Microsoft Patch Summary Report
findings_summary_with_pluginid - Generates a Findings Summary with Nessus Plugin ID
findings_host - Generates a findings report by host
exec_summary - Generates a simple executive summary.
finding_statistics - Generates report finding statistics
graphs - Generates a report with all the graphs in it
findings_summary - Generates a findings summary report
assets - Generates a Assets Summary Report
cover_sheet - Generates a coversheet with a logo (Example Template)
notable_detailed - Notable Vulnerabilities Detailed
ms_update_summary - Generates a Microsoft Update Summary Report
template - template
notable - Notable Vulnerabilities
ms_wsus_findings - Generates a report based on the findings of the Patch Management: WSUS Report plugin
exec_summary_detailed - Generates a detailed executive summary report
host_summary - Generates a Host Summary Report
$
The templates are written in ruby using prawn, they are fairly easy to make. I will add any templates as requested. See the 'template' example for creating your own template.
If you would like to contribute templates/bug fixes/etc to risu. The easiest way is to fork the project on github and make the changes in your fork and the submit a pull request to the project.
If you have any problems, bugs or feature requests please use the github issue tracker.
You can reach me at risu[at]arxopia[dot]com.
You can also contact me on IRC as hammackj on irc.freenode.net, #risu