SkillAgentSearch skills...

ScanMaster

A security tool designed to perform thorough scans on a target using OpenVAS, Zap, and Nexpose. It seamlessly consolidates and integrates the scan results, providing a comprehensive overview of the security vulnerabilities identified.

GenerateConvertImprove

Install / Use

/learn @vs4vijay/ScanMaster
About this skill

Quality Score

0/100

Supported Platforms

Universal

README

ScanMaster

A security tool designed to perform thorough scans on a target using OpenVAS, Zap, and Nexpose. It seamlessly consolidates and integrates the scan results, providing a comprehensive overview of the security vulnerabilities identified.

Usage

Start a scan against a Target

./main.py --scan-name <scan-name> --target <url>

Get scan result

./main.py --scan-name <scan-name>

Pause/Resume a scan result

  • ./main.py --scan-name <scan-name> --pause
  • ./main.py --scan-name <scan-name> --resume

Screenshots

Scanner Options:

Scanner Options

Scanner Report:

Scanner Report

Final Output:

Final Output

Prerequisites

  • Python 3
  • Zap
  • Nexpose
  • OpenVAS

Installation

pip3 install -r requirements.txt

OR

Run in Virtual Env:

python3 -m venv .venv

source .venv/bin/activate

pip3 install -r requirements.txt

Configuration

The configuration of scanners will be in Environment File .env. There is sample .env.example file in the codebase, update the values with the proper API Keys and Credentials details before using. Rename it to .env.

Targets to Test

  • http://scanme.nmap.org
  • http://webscantest.com

ToDo

  • [ ] Dockerize
  • [ ] Add Nessus
  • [ ] Error Stack
  • [ ] auto reload
  • [ ] Remove logs
  • [ ] Save to CSV
  • [ ] Make it interactive
  • [ ] OOPs
  • [ ] Improve Scan Results and Output
  • [ ] Color logging

Scanner Interface:

  • start
  • scan
  • get_scan_status
  • get_scan_results
  • is_valid_scan
  • list_scans
  • pause
  • resume
  • stop

Development Notes


        pprint(core.htmlreport())


        # address = rapid7vmconsole.Address(ip=target)
        # asset = rapid7vmconsole.Asset(addresses=[address])


        scan_targets = rapid7vmconsole.IncludedScanTargets(addresses=[target])

        asset = rapid7vmconsole.StaticSite(included_targets=scan_targets)

        scan_scope = rapid7vmconsole.ScanScope(assets=asset)

        site_create_resource = rapid7vmconsole.SiteCreateResource(name=scan_name, scan=scan_scope)

        site = self.nexpose_site.create_site(site=site_create_resource)

        print('Site Created', site)

        adhoc_scan = rapid7vmconsole.AdhocScan(hosts=[target])
        print('adhoc_scan', adhoc_scan)

        site_id = site.id

        scan = self.nexpose.start_scan(site_id, scan=adhoc_scan)
        print('start scan response id', scan.id)
        # scan['vulnerabilities']
        pprint(scan)

if shutdownOnceFinished:
    # Shutdown ZAP once finished
    pprint('Shutdown ZAP -> ' + core.shutdown())

report_config_scope = rapid7vmconsole.ReportConfigScopeResource(scan=nexpose_id)

report_config_categories = rapid7vmconsole.ReportConfigCategoryFilters(included=[])

report_config_filters = rapid7vmconsole.ReportConfigFiltersResource(categories=report_config_categories)

report_config = rapid7vmconsole.Report(name=f'{scan_name}-Report', template='audit-report', format='csv-export', scope=report_config_scope)

        report_config = rapid7vmconsole.Report(name=f'{scan_name}-Report', format='sql-query', query='select * from dim_asset', version='2.3.0')

report_config = rapid7vmconsole.Report(name=f'{scan_name}-SampleXML-Report', format='nexpose-simple-xml', scope=report_config_scope)
report = nexpose_report.create_report(report=report_config)
report_instance = nexpose_report.generate_report(report.id)
nexpose_report.download_report(report.id, report_instance.id)



report_config = rapid7vmconsole.Report(name=f'{scan_name}-sml2-Report', format='xml-export-v2', scope=report_config_scope)
report = nexpose_report.create_report(report=report_config)
report_instance = nexpose_report.generate_report(report.id)
dd = nexpose_report.download_report(report.id, report_instance.id)


report_config = rapid7vmconsole.Report(name=f'{scan_name}-html-Report', format='html', template='audit-report', scope=report_config_scope)
report = nexpose_report.create_report(report=report_config)
report_instance = nexpose_report.generate_report(report.id)
dd = nexpose_report.download_report(report.id, report_instance.id)


report_config.id = 42
report_config.timezone = 'Asia/Calcutta'

report_config.language = 'en-US'
report_config.owner = 1
report_config.organization = 'Organization'

# report_config.component = 'Component'
# report_config.email = rapid7vmconsole.ReportEmail(additional_recipients=['asd@asd.asd'])


# print('self.zap.spider.results', self.zap.spider.results(scan_id))




# Retrieve all tasks
tasks = gmp.get_tasks()

# Get names of tasks
task_names = tasks.xpath('task/name/text()')
pretty_print(task_names)

vs4vijay

View profile

View on GitHub
GitHub Stars46
CategoryDevelopment
Updated7mo ago
Forks12
vs4vijay/ScanMaster

Languages

Python

Security Score

72/100

Audited on Aug 19, 2025

No findings