mailing list archives
Re: nmap xml import with no os info
From: HD Moore <hdm () metasploit com>
Date: Mon, 17 May 2010 13:50:22 -0500
On 5/17/2010 1:10 PM, Raúl Millán wrote:
I'm sorry to mix one subject to another, I noticed that Nessus risk score is
not imported neither, although I see that the plugin id is included, so I
guess that I should script something away in order to have the risk score
It might make sense as either an additional serialized field store in
the vulnerability data, it depends on whether the risk score changes for
the same vulnerability ID.
I already have a XSL that outputs Nessus results in a raw (dump) format that
I use to create graphs via pivot tables, do it really doesn't hurt much,
just that it would've been nice to have all this within the framework, but I
guess that's what Metasploit Express will be about right?
We are committed to having robust import support in the open source
codebase; reporting will probably be Express-only for a while, but being
able to export XML should happen sometime soon (after 3.4.0 but before
3.4.3 or so). We have an Express XML format, but it needs a couple
tweaks to be general purpose enough for the regular framework.
Signed up for the beta, but couldn't get in, guess I'll have to wait.
Shouldn't have to wait long :)