Convert a Tenable / Nessus HTML scan report to CSV.
This script only works with the Complete List of Vulnerabilities by Host report template for now. Other Tenable report templates have a complex layouts and need more work to parse. I'll try to support them later.
Python 3.10 or newer. No third-party packages.
python tenable_html_to_csv.py <input.html|input_dir> [output.csv|output_dir]
Single file:
python tenable_html_to_csv.py report.html
Batch mode (every *.html in a directory, non-recursive):
python tenable_html_to_csv.py ./reports ./csvs
Filter by minimum severity (drops anything below the level). Valid values are critical, high, medium, low, info, none:
python tenable_html_to_csv.py --min-severity high report.html
If the output path is omitted, each CSV is written next to its input file using the same stem. If a non-template HTML file is given (or encountered during batch mode) it is rejected with an error so you do not get a silently empty CSV.
After each conversion the script prints a per-severity breakdown, for example:
Wrote 217 finding(s) to report.csv [High: 3, Medium: 3, Low: 2, Info: 209]
- Host
- Severity
- CVSS v3.0
- VPR Score
- EPSS Score
- Plugin ID
- Plugin Name
- Plugin URL