Nessus support
Kvasir's currently supports communicating to a single Nessus server for importing scan results.
Nessus scanner settings are configured in the user's profile. This allows each user to have their own Nessus scanner but it does co-mingle credentials since passwords are NOT stored securely.
Setting values:
- Nessus URL: URL of Nessus Scanner (default: https://localhost:8834/)
- Nessus Username: Login name
- Nessus Password: Password (note: will be stored in cleartext)
To import the results of Nessus scans from the menu bar select Import -> Nessus XML. If a valid Nessus scanner and credentials are found in your user profile a list of existing scans will be provided.
Setting values:
- Nessus Report: A list of completed scans from Nessus via the API
- Nessus XML File: A Nessus XML report file to import
- Engineer: Engineer to assign hosts to
- Asset Group: Asset group to assign hosts to
- MSF Pro Workspace: Send Nexpose XML report to Metasploit Pro to be imported into this Workspace
- Hosts to Only Include: A list of IP Addresses that will be imported, all non-matching will be skipped
- Hosts to Ignore: A blacklist of IP Addresses to skip during importing
- Update Host Information: Update existing hosts, otherwise skip them
- Run in background task: Send to the scheduler to run in the background