SteveMcGrath / pySecurityCenter

BSD 3-Clause "New" or "Revised" License
101 stars 31 forks source link

from securitycenter import SecurityCenter5 fails for py3 #48

Closed neo4u closed 7 years ago

neo4u commented 7 years ago

from securitycenter import SecurityCenter5 fails for python3. Any reasons why?

neo4u commented 7 years ago

False alarm. This was due to pip3 installation issue.

SteveMcGrath commented 7 years ago

Great to hear it. I hadn't gotten around to looking at it yet. I admit I mostly still code in python 2.7

neo4u commented 7 years ago

Yeah. I realized that and made some changes. Hey so while you're online I thought I'd ask. Is there anything in this repo that download's scan results in a JSON format? I see the current implementation only downloads the .nessus files. Is that the most efficient way to download the scan results?

neo4u commented 7 years ago

Python 2.7 or 3.5 this is the only project out there doing this. So good job. 👍

SteveMcGrath commented 7 years ago

What's the use case for downloading everything? Wouldn't make more sense to only pull what your specifically looking for from the aggregate?

neo4u commented 7 years ago

I am trying to import each host and its vulnerabilities. But I said "all data" to mean that I'm trying to replicate the database onto a different DB Server to keep store historic information and create a Vuln-Intel server and only store up to 3 months of historic data on the Nessus SecurityCenters for performance.

neo4u commented 7 years ago

Is there any method in the currently implementation ...Perhaps someway to use the analysis method to get each asset and its vulnerabilities?

SteveMcGrath commented 7 years ago

so the repositories will naturally keep state. the only thing in the repositories that grow is the snapshots. Those are only used for trendlines. if your trying to keep the SC dataset down, I'd recommend you either disable the snapshotting, or set the snapshotting to NOT do full test searching. I know it sounds counter-intuitive, but trust me.

As for a method to get each asset & it's vulns...you'd likely be handling everything via the 'vulndetails' tool.

neo4u commented 7 years ago

Thank you so much for the advise. I would like to contribute to this project whenever possible. I will raise pull requests whenever I do so, mostly towards supporting python3. Some of the places the library has been changed to only support python3 and some its only python2 so since python2 is going to be phased out, I thought it might be easier to just stick to python3.

Also, my team at work is going to copy the logic of this repo out into a ruby gem, with an open source license. Hope that is okay with you.

Last thing, I don't see the 'vulndetails' tool in the SC5 API documentation. Is that a SC4 thing or is this piece of information missing from the documentation? Where did you find it for your reference?