⚠️ IMPORTANT NOTICE⚠️ This project is currently in development stage and serves as a middleware tool. It is NOT a direct plugin for Netbox or Tenable Nessus, and has no legal affiliation with either company. Use of this tool is entirely at your own risk and responsibility.
The developer(s) are not responsible for any data loss, security issues, or compliance violations that may occur from using this tool. Always test in a safe environment before deploying to production.
This Python application integrates the Nessus vulnerability scanner with the Netbox network infrastructure management system, enabling automated inventory synchronization, comparison, and reporting.
- Connects and authenticates with the Nessus API
- Fetches all agents with detailed information
- Filters agents by status and platform
- Retrieves scan results
- Generates agent statistics
- Connects and authenticates with the Netbox API
- Fetches, lists, and manages devices and virtual machines (VMs)
- Filters devices by site and status
- Retrieves all interfaces and IP addresses for devices and VMs
- Generates device and VM statistics
- Synchronizes Nessus agents as Netbox devices (auto-create/update)
- Compares Nessus agents with Netbox devices and VMs (hostname/IP matching)
- Generates comprehensive comparison reports (JSON & HTML)
- Searches both systems by IP address
- Modular, extensible, and interactive CLI
- Saves all fetched and comparison data in JSON format
- Generates detailed HTML reports for devices, VMs, and comparison results
- Output files are stored in the
output/directory
- Sensitive data (JSON, HTML, logs, etc.) is excluded from version control via
.gitignore - Real credentials and sensitive output files should never be committed to git
netbox-nessus/
├── api/ # API clients
│ ├── __init__.py
│ ├── base_client.py # Base API client class
│ ├── nessus_client.py # Nessus API client
│ └── netbox_client.py # Netbox API client
├── config/ # Configuration
│ ├── __init__.py
│ ├── settings.py # Configuration management
│ └── config.json.example # Example configuration
├── services/ # Business logic layer
│ ├── __init__.py
│ ├── comparison_service.py # Comparison logic
│ ├── nessus_service.py # Nessus operations
│ └── netbox_service.py # Netbox operations
├── utils/ # Utility functions
│ ├── __init__.py
│ ├── config_loader.py # Config loader
│ ├── helpers.py # Common helpers
│ └── html_reporter.py # HTML report generation
├── models/ # Data models
│ └── __init__.py
├── output/ # Output files (JSON, HTML, etc.)
├── logs/ # Log files
├── main.py # Main application
├── requirements.txt # Python dependencies
└── README.md # This file
-
Create a virtual environment:
python -m venv venv
-
Activate the virtual environment:
# Windows PowerShell .\venv\Scripts\Activate.ps1 # Linux/Mac source venv/bin/activate
-
Install dependencies:
pip install -r requirements.txt
-
Create your configuration file:
cp config/config.json.example config/config.json
-
Edit
config/config.jsonwith your credentials:{ "nessus": { "base_url": "https://your-nessus-server:8834", "access_key": "your-access-key", "secret_key": "your-secret-key", "verify_ssl": false }, "netbox": { "base_url": "https://your-netbox-server", "token": "your-netbox-token", "verify_ssl": false }, "output": { "file": "output/data.json", "format": "json" }, "logging": { "level": "INFO", "file": "logs/app.log" } }
python main.pyThe application provides an interactive menu:
- Fetch Nessus Agents – Retrieve agents from Nessus
- Fetch Netbox Devices – Retrieve devices from Netbox
- Fetch Netbox Virtual Machines – Retrieve VMs from Netbox
- Compare Nessus with Netbox – Compare agents with devices/VMs
- Search by IP Address – Search both systems by IP
- Sync Nessus Agents to Netbox – Synchronize agents as Netbox devices
- Exit – Exit the application
You can also provide credentials via environment variables:
# Windows PowerShell
$env:NESSUS_URL="https://your-nessus-server:8834"
$env:NESSUS_ACCESS_KEY="your-access-key"
$env:NESSUS_SECRET_KEY="your-secret-key"
$env:NETBOX_URL="https://your-netbox-server"
$env:NETBOX_TOKEN="your-netbox-token"
python main.py
# Linux/Mac
export NESSUS_URL="https://your-nessus-server:8834"
export NESSUS_ACCESS_KEY="your-access-key"
export NESSUS_SECRET_KEY="your-secret-key"
export NETBOX_URL="https://your-netbox-server"
export NETBOX_TOKEN="your-netbox-token"
python main.py- Log in to the Nessus web interface
- Go to Settings > My Account
- Click the API Keys tab
- Click Generate to create new keys
- Log in to the Netbox web interface
- Go to Admin > Users
- Select your user
- Click the API Tokens tab
- Click Add API Token
{
"timestamp": "2024-01-15T10:30:00.123456",
"data_type": "agents",
"total_count": 5,
"data": [
{
"id": 1,
"name": "Agent-001",
"status": "online",
"platform": "Windows",
"version": "10.5.0",
"last_connect": "2024-01-15T10:25:00Z",
"groups": ["Windows Agents"],
"distro": "Windows 10",
"uuid": "12345678-1234-1234-1234-123456789012"
}
]
}{
"timestamp": "2024-01-15T10:30:00.123456",
"data_type": "devices",
"total_count": 3,
"data": [
{
"id": 1,
"name": "Server-001",
"status": {"value": "active"},
"site": {"name": "Main Site"},
"device_type": {"model": "Dell PowerEdge"},
"platform": {"name": "Windows Server 2019"},
"interfaces": [
{
"name": "eth0",
"ip_addresses": ["10.0.0.1", "10.0.0.2"]
}
]
}
]
}{
"timestamp": "2024-01-15T10:30:00.123456",
"data_type": "comparison",
"matched": [...],
"unmatched_agents": [...],
"unmatched_devices": [...],
"unmatched_vms": [...],
"summary": {
"total_agents": 100,
"total_devices": 80,
"total_vms": 20,
"matched_with_devices": 70,
"matched_with_vms": 15,
"unmatched_agents": 15,
"unmatched_devices": 10,
"unmatched_vms": 5
}
}- Easy to extend with new integrations or features
- Clear separation of API, business logic, and utilities
- Simple configuration and deployment
- Sensitive data (JSON, HTML, logs, etc.) is excluded from version control via
.gitignore. - Never commit your real credentials or sensitive output files to git.
The application handles the following scenarios:
- Connection errors
- Authentication errors
- JSON parse errors
- File writing errors
- SSL certificate errors
- API rate limiting
- Keep your API keys secure
- Do not include sensitive data in version control
- Enable SSL verification in production
- Rotate your API keys regularly
- Use virtual environments
- Create a new client in the
api/directory - Inherit from
BaseAPIClient - Create a new service in the
services/directory - Add configuration in
config/settings.py
- Add a method to the relevant service file
- Add a menu option in
main.py - If necessary, add helper functions
- Check URLs
- Check firewall settings
- Check SSL certificate settings
- Verify your API keys are correct
- Your API keys may have expired
- Verify your virtual environment is active
- Verify all required packages are installed
We welcome contributions! Please follow these steps:
- Fork the repository
- Create a feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add some amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
- Follow PEP 8 style guidelines
- Add tests for new features
- Update documentation as needed
- Ensure all tests pass before submitting
- Use the GitHub issue tracker
- Provide detailed error messages and logs
- Include steps to reproduce the issue
- Specify your environment (OS, Python version, etc.)
This project is licensed under the MIT License.