Tuesday, September 13, 2022

Using Nessus Parser (Melcara) Script - Ubuntu 22.04

 Over the years I've used this Nessus Parser script from Cody Dumont @ http://www.melcara.com/. Thank you Cody! The script was last updated on September 25th, 2017, but it still works great. It's a Perl script and does a great job of merging .nessus files and exporting in a very usable Excel format. I find the stock Nessus reports subpar and overly verbose. I understand Tenable's motive for intentionally leaving this functionality out of Nessus Pro, but find it frustrating nonetheless. The Nessus Parser script works great for consolidating vulnerability results, reporting, and ongoing vulnerability management. Particularly for smaller organizations that have a hard time justifying the high cost of Tenable's Security Center or similar. 


There are some dependencies that need to be installed to use the script. In the past I've installed the dependencies via the commands below:

cpan install XML::TreePP Data::Dumper Math::Round Excel::Writer::XLSX Data::Table Excel::Writer::XLSX::Chart Getopt::Std


I've had trouble installing these at times and have alternatively used the commands below. These recently worked for me on Ubuntu 22.04. 

apt-get install libxml-simple-perl

apt-get install libxml-treepp-perl

apt-get install libxml-mathround-perl

apt-get install libmath-round-perl

apt-get install libxml-mathround-perl

apt-get install libexcel-writer-xlsx-perl

apt-get install perl-tables-data

apt-get install libdata-table-perl


To run the script, copy your .nessus files to a directory (/home/user/Nessus), change permissions on the script to allow execute, and run it:

chmod +x parse_nessus_xml.v24.pl 

perl parse_nessus_xml.v24.pl -d /home/user/Nessus/


This will create a new .xslx file in the provided directory. I like to re-format the Excel document using the procedure below:

1. Copy the Summary info (text only) to a new sheet

2. Delete all tabs except Vulnerability to IP Summary and the new summary sheet

3. Filter out "Informational" items from Vulnerability to IP Summary

4. Copy Vulnerability to IP Summary (text only) into a new sheet

5. Delete Column 1

6. Center and Middle Align all columns

7. Word wrap Plugin Name and IP Address columns

8. Sort by severity and color code

9. If desired, filter out previously accepted vulns

10. Move similar vulnerabilities next to each other

11. Add blank rows beneath each vulnerability

12. Format Mitigation row @ 50px