Exporting Nessus Scans

Nessus gives us the option to export scan results in a variety of report formats as well as the option to export raw Nessus scan results to be imported into other tools, archived, or passed to tools, such as EyeWitness, which can be used to take screenshots of all web applications identified by Nessus and greatly assist us with working through the results and finding more value in them.

Nessus Report Formats

PDF Report

PDF Report

• Provides results in a formatted, shareable manner.

• Allows selection between an Executive Summary or a Custom Report.

• Includes details such as:

  • Hosts scanned.

  • Number of vulnerabilities per host.

  • Severity, CVSS score, plugin number, and issue name.

  • Direct links to Tenable’s plugin database for more information.

HTML Report

HTML Report

• Offers a similar level of detail as the PDF.

• Also supports the Executive Summary and Custom Report formats.

• Provides an interactive way to view findings without requiring a PDF reader.

CSV Report

CSV Report

• Allows custom selection of columns for export.

• Useful for importing scan data into SIEM tools like Splunk.

• Helps with:

  • Analytics on scan results.

  • Sharing data with multiple internal teams for remediation efforts.

  • Custom filtering and automation workflows.

Note: These scan reports should only be shared as either an appendix or supplementary data to a custom penetration test/vulnerability assessment report. They should not be given to a client as the final deliverable for any assessment type.

Exporting Nessus Scans

It looks like you're summarizing the export options for Nessus scans and the ability to automate report downloads. Here’s a more structured explanation:

Nessus provides two main export formats for saving scan data:

Nessus File (.nessus)

Nessus File (.nessus)

• This is an XML-based file.

• Includes:

  • Scan settings (configuration used for the scan).

  • Plugin outputs (details of vulnerabilities and findings).

• Useful for importing scans back into Nessus or sharing raw scan data with other security tools.

Nessus DB File (.db)

Nessus DB File (.db)

• A more comprehensive export format.

• Contains:

  • The .nessus XML file.

  • The Knowledge Base (KB): Stores scan state information.

  • The Plugin Audit Trail: Tracks plugin execution details.

  • Any scan attachments (if applicable).

• Useful for forensic analysis and detailed audit tracking of scan activities.

---

Automating Scan Report Downloads

Nessus allows automation of report downloads via the Nessus REST API. A useful tool for this is:

Nessus-Report-Downloader

• A CLI-based script that automates the retrieval of Nessus scan reports.

• Supports downloading all available formats.

• Useful for:

  • Integrating Nessus scan results with other security tools.

  • Batch exporting scans for reporting or compliance purposes.

z3tssu@htb[/htb]$ ./nessus_downloader.rb 

Nessus 6 Report Downloader 1.0

Enter the Nessus Server IP: 127.0.0.1
Enter the Nessus Server Port [8834]: 8834
Enter your Nessus Username: admin
Enter your Nessus Password (will not echo): 

Getting report list...
Scan ID Name                                               Last Modified                  Status         
------- ----                                               -------------                  ------         
1     Windows_basic                                Aug 22, 2020 22:07 +00:00      completed      
         
Enter the report(s) your want to download (comma separate list) or 'all': 1

Choose File Type(s) to Download: 
[0] Nessus (No chapter selection)
[1] HTML
[2] PDF
[3] CSV (No chapter selection)
[4] DB (No chapter selection)
Enter the file type(s) you want to download (comma separate list) or 'all': 3

Path to save reports to (without trailing slash): /assessment_data/inlanefreight/scans/nessus

Downloading report(s). Please wait...

[+] Exporting scan report, scan id: 1, type: csv
[+] Checking export status...
[+] Report ready for download...
[+] Downloading report to: /assessment_data/inlanefreight/scans/nessus/inlanefreight_basic_5y3hxp.csv

Report Download Completed!