For security engineers who need to interact with a Rapid7 Nexpose console, the nexpose-security-console gem is a command line utility that manages (e.g. create, read, update, and delete) the following entities: - sites, - scans, - assets, - asset groups, - reports, - vulnerabilities - etc…
Personal scratch
I need to delete ~ 100 thousands assets from a group asset. The web GUI only allows to delete 500 at a time. Hence, nexpose-security-console was born.
Installation
Simply run the command below
$ gem install nexpose-security-console
Usage
You can get help on available commands.
NAME
nsc - CLI to interface with Nexpose Security Console
SYNOPSIS
nsc [global options] command [command options] [arguments...]
VERSION
0.0.2
GLOBAL OPTIONS
--help - Show this message
--version - Display the program version
COMMANDS
assets - Manage assets
bulk_delete - Bulk delete assets with unknown OS
connect, login - Verify connection to the server
groups - Manage asset groups
help - Shows a list of commands or help for one command
reports - Manage reports
sites - Manage sites
Configuration
# ~/lab.yaml consists of the following:
config:
server: 10.10.10.10
port: 3780
user: nxuser
password: password
Development
Checkout the github repository
git clone https://github.com/rhc/nexpose-security-console
Access the source code folder directory.
$ cd nexpose-security-console
Install dependencies
bin/setup
Run the tests
rake test
Experiment with the code under development
run bin/console
Install this gem onto your local machine
bundle exec rake install
Release a new version
gem bump
gem release
Contributing
In the spirit of free software, everyone is encouraged to help improve this project.
If you discover errors or omissions in the source code, documentation, or website content, please don’t hesitate to submit an issue or open a pull request with a fix. New contributors are always welcome!
License
The gem is available as open source under the terms of the MIT License.