e-fin/Nessus-CVE-POC-Finder

GitHub: e-fin/Nessus-CVE-POC-Finder

解析 Nessus 扫描报告文件、提取 CVE 编号并通过 searchsploit 自动匹配公开漏洞利用程序的 Python 命令行工具。

Stars: 0 | Forks: 1

# Nessus-CVE-POC-Finder Python 脚本,用于解析 .nessus 文件,提取 CVE 编号,并使用“searchsploit”搜索漏洞利用程序。 ## 使用方法 ``` usage: Nessus-CVE-POC-Finder.py [-h] [--unique] [--csv OUTPUT.csv] [--exploits] nessus_file Extract CVE numbers from a .nessus file. positional arguments: nessus_file Path to the .nessus file options: -h, --help show this help message and exit --unique Print only the unique, sorted list of CVE IDs --csv OUTPUT.csv Write full results (with host/plugin context) to a CSV file --exploits Cross-reference unique CVEs against searchsploit (exact match) and print any exploits found ``` ## 示例 ``` $ python3 Nessus-CVE-POC-Finder.py --exploits example.nessus Querying searchsploit for 149 unique CVE(s)... CVE-2015-4852 10.0.0.2 [EDB-ID 42806] Oracle WebLogic Server 10.3.6.0 - Java Deserialization Remote Code Execution /usr/share/exploitdb/exploits/java/remote/42806.py [EDB-ID 46628] Oracle Weblogic Server Deserialization RCE - Raw Object (Metasploit) /usr/share/exploitdb/exploits/multiple/remote/46628.rb [EDB-ID 44552] Websphere/JBoss/OpenNMS/Symantec Endpoint Protection Manager - Java Deserialization Remote Code Execution /usr/share/exploitdb/exploits/multiple/remote/44552.sh CVE-2016-6816 10.0.0.1 10.0.0.2 10.0.0.3 [EDB-ID 41783] Apache Tomcat 6/7/8/9 - Information Disclosure /usr/share/exploitdb/exploits/multiple/remote/41783.txt CVE-2017-12617 10.0.0.1 10.0.0.2 10.0.0.3 [EDB-ID 42966] Apache Tomcat < 9.0.1 (Beta) / < 8.5.23 / < 8.0.47 / < 7.0.8 - JSP Upload Bypass / Remote Code Execution (2) /usr/share/exploitdb/exploits/jsp/webapps/42966.py [EDB-ID 43008] Tomcat - Remote Code Execution via JSP Upload Bypass (Metasploit) /usr/share/exploitdb/exploits/java/remote/43008.rb CVE-2017-3248 10.0.0.4 [EDB-ID 44998] Oracle WebLogic 12.1.2.0 - RMI Registry UnicastRef Object Java Deserialization Remote Code Execution /usr/share/exploitdb/exploits/multiple/webapps/44998.py CVE-2018-2628 10.0.0.3 [EDB-ID 45193] Oracle Weblogic Server - Deserialization Remote Code Execution (Metasploit) /usr/share/exploitdb/exploits/windows/remote/45193.rb [EDB-ID 45193] Oracle Weblogic Server - Deserialization Remote Code Execution (Metasploit) /usr/share/exploitdb/exploits/windows/remote/45193.rb [EDB-ID 44553] Oracle Weblogic Server 10.3.6.0 / 12.1.3.0 / 12.2.1.2 / 12.2.1.3 - Deserialization Remote Command Execution /usr/share/exploitdb/exploits/multiple/remote/44553.py CVE-2020-1938 10.0.0.1 [EDB-ID 48143] Apache Tomcat - AJP 'Ghostcat File Read/Inclusion /usr/share/exploitdb/exploits/multiple/webapps/48143.py [EDB-ID 49039] Apache Tomcat - AJP 'Ghostcat' File Read/Inclusion (Metasploit) /usr/share/exploitdb/exploits/multiple/webapps/49039.rb CVEs with exact-match exploits: 6 / 149 Total CVE occurrences: 1123 Unique CVEs: 149 ```
标签:Nessus, Python, 域名收集, 实时处理, 无后门, 网络调试, 自动化, 逆向工具