Compatibility with Nessus 7

iriusrisk / bdd-security

BDD Automated Security Tests for Web Applications

http://www.continuumsecurity.net/bdd-intro.html

GNU Affero General Public License v3.0

559 stars 177 forks source link

Compatibility with Nessus 7 #86

Open ibrahimazzam opened 6 years ago

ibrahimazzam commented 6 years ago

Hello,

I am trying to use the solution with Nessus 7, but I am having a problem with the post method that is returning this exception javax.ws.rs.ClientErrorException: HTTP 412 Precondition Failed I think that is related to the fact that Tenable removed the API from Nessus 7. Can Anyone confirm that this issue is related to that ? How can we solve this issue ?

Thanks in advance, Ibrahim AZZAM

stephendv1 commented 6 years ago

Hi Ibrahim, we currently have not built any support for Nessus 7. Only Nessus 5 and 6.

ratzrattillo commented 6 years ago

Eventually, Nessus 7 compatibility could be provided using some Selenium-Steps instead of the now missing API?

krisctl commented 5 years ago

@ibrahimazzam I was able to perform basic network scan and web application scanning using Nessus 7 through BDD-Security. Is that something that you were trying or altogether a different thing? Which post method you are talking about here?

stephendv1 commented 5 years ago

Hi @Krishan-Sharma could you tell us more about how you performed scanning using Nessus 7? Did you use the Nessus 6 API? Any changes needed?

krisctl commented 5 years ago

Hi @stephendv1, You are right. I used Nessus 6 APIs and pointed it to the Nessus 7 install. It worked seamlessly for me to perform basic network scan and web application scan. I was planning to submit a pull request to update the Nessus client to include Nessus version 7 block.

stephendv1 commented 5 years ago

That's great news! If you could submit a pull request that will be much appreciated by everyone in this thread :)

On Mon, 27 Aug 2018 at 00:11, Krishan Sharma notifications@github.com wrote:

Hi @stephendv1 https://github.com/stephendv1, You are right. I used Nessus 6 APIs and pointed it to the Nessus 7 install. It worked seamlessly for me to perform basic network scan and web application scan. I was planning to submit a pull request to update the Nessus client to include Nessus version 7 block.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/continuumsecurity/bdd-security/issues/86#issuecomment-416076397, or mute the thread https://github.com/notifications/unsubscribe-auth/AVlr_VDzBnTKR_iomcYlj74RqltrZvImks5uUx0hgaJpZM4Si8u5 .

-- Stephen de Vries CEO

+34 616 33 81 38 <javascript:void(0);> @stephendv https://twitter.com/stephendv

[image: ContinuumSecurity] https://www.continuumsecurity.net/

ibrahimazzam commented 5 years ago

Hello @Krishan-Sharma , thanks for your reply. Can you please help me by describing what you did exactly ? How did you point the API of Nessus 6 to Nessus 7.

Thanks in advance. Ibrahim