I was using OpenVAS to do some network auditing and accessing report results via the (Greenbone Security assistant) web interface quite often seemed somewhat slow and clunky. The report is downloadable as an XML file though, and I’ve recently been getting familiar with parsing nmap XML files in python, so a bit of scripting later and voila! GOXParse (Glens OpenVAS XML Parser) – a command line tool to quickly search / filter through the openvas scan results.
As an added bonus, you can output a .csv file from an nmap scan using gnxparse.py and feed it to goxparse.py to provide an inline comparison of open ports.
$ ./goxparse.py --help usage: goxparse.py filename.xml [OPTIONS] Glens OpenVas XML Parser (goxparse) positional arguments: file File containing OpenVAS XML report optional arguments: -h, --help show this help message and exit -i, -ips Output unfiltered list of scanned ipv4 addresses -host [HOSTIP] Host to generate a report for -cvssmin [CVSSMIN] Minimum CVSS level to report -cvssmax [CVSSMAX] Maximum CVSS level to report -threatlevel [THREAT] Threat Level to match, LOG/LOW/MEDIUM/HIGH/CRITICAL -matchfile [MATCHFILE] .csv file from which to match open ports, in format HOSTIP,port1,port2,port3 -v, --version show program's version number and exit usage examples: goxparse.py ./scan.xml -ips goxparse.py ./scan.xml -host <HOSTIP> goxparse.py ./scan.xml -cvssmin 5 -cvssmax 8 goxparse.py ./scan.xml -threatlevel HIGH
