工作项目需要提取出大量nessus的csv报告中的紧急和高危漏洞,手工太麻烦。分享一个实现脚本。代码如下:
#-*-coding=utf-8-*-
import pandas as pd
import sys,os
from pathlib import Path
def getcsv(file_dir = "csv"):
'''批量获取所有csv文件'''
L = []
for root, dirs, files in os.walk(file_dir):
for file in files:
if os.path.splitext(file)[1] == '.csv':
L.append(os.path.join(root , file))
return L
def work(file, out_path = "./out"):
'''按照Risk筛选并保存'''
data =pd.read_csv(file,header=0,index_col=0, encoding= "GBK")
df = data.loc[data['Risk'].isin(["High","Critical"])]
df.to_csv(out_path+"/"+Path(file).name)
def main():
if(len(sys.argv)<2):
print("[*] Useage: python3 vuln_filter.py csv_dir")
exit()
file_dir = sys.argv[1]
L = getcsv(file_dir)
out_path = './out'
if not os.path.exists(out_path):
os.mkdir(out_path)
for l in L:
work(l)
if __name__ == '__main__':
main()
使用方法:Python3 vuln_filter.py 源nessus导出CSV报告的目录
PS:这里在导出时建议将CSV报告名称统一规范。
![nessus导出报告_nessus转中文报告[图]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)