Merging Nessus files (only critical & high vulnerabilities)

nessus_merge.py

#! /usr/bin/env python
# Based off: (mastahyeti/merger.py) https://gist.github.com/mastahyeti/2720173
# Modified: @itsecurityco

import xml.etree.ElementTree as etree
import shutil
import os

# Severify of vulnerability
SEVERITY_INFO      = 0
SEVERITY_LOW       = 1
SEVERITY_MEDIUM    = 2
SEVERITY_HIGH      = 3
SEVERITY_CRITICAL  = 4

# Remove the vulnerabilities that match with severity provided
# host: <class 'xml.etree.ElementTree.Element'>
# severity: list
def remove_vuln_by_severity(host, severity):
   for vuln in host.findall('.//ReportItem'):
      
      if int(vuln.attrib['severity']) in severity:
         host.remove(vuln)

# List file in current directory
first = 1
for filename in os.listdir("."):

   # Searching for .nessus files
   if ".nessus" in filename:
      print "[*] parsing" + filename
      
      if first:
         main_tree = etree.parse(filename)

         # Merge only critical and high vulnerabilities
         for host in main_tree.findall('.//ReportHost'):
            remove_vuln_by_severity(host, [SEVERITY_INFO, SEVERITY_LOW, SEVERITY_MEDIUM])

         report = main_tree.find('Report')
         report.attrib['name'] = 'Merged Report'
         first = 0
      else:
         tree = etree.parse(filename)
         for host in tree.findall('.//ReportHost'):

            # Merge only critical and high vulnerabilities
            remove_vuln_by_severity(host, [SEVERITY_INFO, SEVERITY_LOW, SEVERITY_MEDIUM])

            report.append(host)
      
      print("[!] done")

if "nss_report" in os.listdir("."):
   shutil.rmtree("nss_report")

os.mkdir("nss_report")
main_tree.write("nss_report/report.nessus", encoding="utf-8", xml_declaration=True)