Skip to content

Commit

Permalink
Add Tenable SC agent
Browse files Browse the repository at this point in the history
  • Loading branch information
Dante Acosta committed Apr 10, 2024
1 parent 7fb52a6 commit 701be92
Showing 1 changed file with 108 additions and 0 deletions.
108 changes: 108 additions & 0 deletions faraday_agent_dispatcher/static/executors/official/tenablesc.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,108 @@
import os
import sys
import time
from urllib.parse import urlparse
from tenable.sc import TenableSC
from faraday_plugins.plugins.repo.nessus_sc.plugin import NessusScPlugin

from faraday_agent_dispatcher.utils.url_utils import resolve_hostname


def log(msg):
print(msg, file=sys.stderr)


def main():
ignore_info = os.getenv("AGENT_CONFIG_IGNORE_INFO", "False").lower() == "true"
hostname_resolution = os.getenv("AGENT_CONFIG_RESOLVE_HOSTNAME", "True").lower() == "true"
vuln_tag = os.getenv("AGENT_CONFIG_VULN_TAG", None)
if vuln_tag:
vuln_tag = vuln_tag.split(",")
service_tag = os.getenv("AGENT_CONFIG_SERVICE_TAG", None)
if service_tag:
service_tag = service_tag.split(",")
host_tag = os.getenv("AGENT_CONFIG_HOSTNAME_TAG", None)
if host_tag:
host_tag = host_tag.split(",")

TENABLE_SCAN_NAME = os.getenv("EXECUTOR_CONFIG_TENABLE_SCAN_NAME", "faraday-scan")
TENABLE_SCANNER_NAME = os.getenv("EXECUTOR_CONFIG_TENABLE_SCANNER_NAME")
TENABLE_SCAN_ID = os.getenv("EXECUTOR_CONFIG_TENABLE_SCAN_ID")
TENABLE_SCAN_TARGETS = os.getenv("EXECUTOR_CONFIG_TENABLE_SCAN_TARGETS")
TENABLE_SCAN_REPO = os.getenv("EXECUTOR_CONFIG_TENABLE_SCAN_REPO")
TENABLE_SCAN_TEMPLATE = os.getenv(
"EXECUTOR_CONFIG_TENABLE_SCAN_TEMPLATE",
"basic",
)
TENABLE_PULL_INTERVAL = os.getenv("TENABLE_PULL_INTERVAL", 30)
TENABLE_ACCESS_KEY = os.getenv("TENABLE_ACCESS_KEY")
TENABLE_SECRET_KEY = os.getenv("TENABLE_SECRET_KEY")
TENABLE_URL = os.getenv("TENABLE_URL")
if not (TENABLE_ACCESS_KEY and TENABLE_SECRET_KEY):
log("TenableIo access_key and secret_key were not provided")
exit(1)

if not TENABLE_SCAN_TARGETS:
log("Scan Target were not provided")
exit(1)
if not TENABLE_URL:
log("Tenable Url not provided")
exit(1)
targets = []
for target in TENABLE_SCAN_TARGETS.split(","):
parse_target = urlparse(target)
if parse_target.netloc:
targets.append(resolve_hostname(parse_target.netloc))
else:
targets.append(resolve_hostname(target))
log(f"Targets ip {targets}")
tsc = TenableSC(host=TENABLE_URL, access_key=TENABLE_ACCESS_KEY, secret_key=TENABLE_SECRET_KEY)
if TENABLE_SCAN_ID:
scans = tsc.scans.list()
scans_id = ""
for scan in scans:
scans_id += f"{scan['id']} {scan['name']}"
if scan["id"] == TENABLE_SCAN_ID:
log(
f"Scan found: {scan['name']}",
)
break
else:
log(
f"Scan id {TENABLE_SCAN_ID} not found, the current scans available are: {scans_id}",
)
exit(1)
elif TENABLE_SCANNER_NAME:
scan = tsc.scans.create(
name=TENABLE_SCAN_NAME,
repo=TENABLE_SCAN_REPO,
targets=targets,
template=TENABLE_SCAN_TEMPLATE,
scanner=TENABLE_SCANNER_NAME,
)
else:
scan = tsc.scans.create(
name=TENABLE_SCAN_NAME, repo=TENABLE_SCAN_REPO, targets=targets, template=TENABLE_SCAN_TEMPLATE
)
tsc.scans.launch(scan["id"])
status = "pending"
while status[-2:] != "ed":
time.sleep(int(TENABLE_PULL_INTERVAL))
status = tsc.scans.status(scan["id"])
if status != "completed":
log(f"Scanner ended with status {status}")
exit(1)
report = tsc.scans.export(scan["id"])
plugin = NessusScPlugin(
ignore_info=ignore_info,
hostname_resolution=hostname_resolution,
host_tag=host_tag,
service_tag=service_tag,
vuln_tag=vuln_tag,
)
plugin.parseOutputString(report.read())
print(plugin.get_json())


if __name__ == "__main__":
main()

0 comments on commit 701be92

Please sign in to comment.