VulnWhisperer is a vulnerability data and reports aggregator. It will pull all the reports and create a file with a unique filename which is then fed into logstash. Logstash extracts data from the filename and tags all of the information inside the report (see logstash_vulnwhisp.conf file). Data is then shipped to elasticsearch to be indexed.
- Nessus (v6 & v7)
- Qualys Web Applications
- Qualys Vulnerability Management (Need license)
- ElasticStack 5.x
- Python 2.7
- Vulnerability Scanner
- Optional: Message broker such as Kafka or RabbitMQ
git clone https://github.com/austin-taylor/VulnWhisperer.git
pip install -r requirements.txt
python setup.py install
There are a few configuration steps to setting up VulnWhisperer:
- Configure Ini file
- Setup Logstash File
- Import ElasticSearch Templates
- Import Kibana Dashboards
To run, fill out the configuration file with your vulnerability scanner settings. Then you can execute from the command line.
vuln_whisperer -c configs/example.ini -s nessus
vuln_whisperer -c configs/example.ini -s qualys
Next, you’ll need to import the visualizations into Kibana and setup your logstash config. A more thorough README is underway with setup instructions.
For windows, you may need to type the full path of the binary in vulnWhisperer located in the bin directory.
Copyright (c) 2017 Austin Taylor