工作項目需要提取出大量nessus的csv報告中的緊急和高危漏洞,手工太麻煩。分享一個實作腳本。代碼如下:
#-*-coding=utf-8-*-
import pandas as pd
import sys,os
from pathlib import Path
def getcsv(file_dir = "csv"):
'''批量擷取所有csv檔案'''
L = []
for root, dirs, files in os.walk(file_dir):
for file in files:
if os.path.splitext(file)[1] == '.csv':
L.append(os.path.join(root , file))
return L
def work(file, out_path = "./out"):
'''按照Risk篩選并儲存'''
data =pd.read_csv(file,header=0,index_col=0, encoding= "GBK")
df = data.loc[data['Risk'].isin(["High","Critical"])]
df.to_csv(out_path+"/"+Path(file).name)
def main():
if(len(sys.argv)<2):
print("[*] Useage: python3 vuln_filter.py csv_dir")
exit()
file_dir = sys.argv[1]
L = getcsv(file_dir)
out_path = './out'
if not os.path.exists(out_path):
os.mkdir(out_path)
for l in L:
work(l)
if __name__ == '__main__':
main()
使用方法:Python3 vuln_filter.py 源nessus導出CSV報告的目錄
PS:這裡在導出時建議将CSV報告名稱統一規範。
![nessus導出報告_nessus轉中文報告[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)