Version 1.6.2 is the current release.
Risu has been tested with ruby-1.9.3-p392 and ruby-2.0.0-p0. Please try to use one of these versions if possible. I recommend using RVM to setup your ruby environment you can get it here.
Installation is really easy just gem install!
% gem install risu
These are all available through RubyGems. The should be installed automatically when you install risu, If not this command will install them all:
% gem install rmagick gruff prawn yard mysql2 libxml-ruby rails sqlite3 logger yaml nokogiri
You my need sudo/root access depending on your system setup
% risu --create-config % $EDITOR risu.cfg % risu --create-tables
- Generate the risu.cfg file.
- Edit the risu.cfg file, filling in the variables as needed.
- Migrate the database schema.
Parsing Nessus Output
% risu report1.nessus [report2.nessus ...]
- Parse the files by passing their names on the command line.
The data can be viewed with a query browser available for your database. A Rails front end will be available in the future.
To generate a report please execute the following after the the data is parsed into the database.
% risu -t <TEMPLATE_NAME> -o "REPORT_NAME.pdf"
Using the risu Console is just like using Rails. You can access all of the ActiveRecord models directly and pull specific data from each model. Like SQL only easier!
$ risu --console _ _ __(_)___ _ _ | '__| / __| | | | | | | \__ \ |_| | |_| |_|___/\__,_| risu Console v1.6.2 >> Host.first => #<Risu::Models::Host id: 1, report_id: 1, name: "10.69.69.74", os: "Linux Kernel 2.6 on Debian 4.0 (etch)", mac: "XX:XX:XX:XX:XX:XX", start: "2011-04-20 16:29:37", end: "2011-04-20 16:32:14", ip: "10.69.69.74", fqdn: "redada.arxopia.net", netbios: "REDADA", local_checks_proto: nil, smb_login_used: nil, ssh_auth_meth: nil, ssh_login_used: nil, pci_dss_compliance: nil, notes: nil>
Several templates are included:
$ risu -l Available Templates stig_findings_summary - DISA Stig findings summary report pci_compliance - Generates a PCI Compliance Overview Report technical_findings - Generates a Technical Findings Report ms_patch_summary - Generates a Microsoft Patch Summary Report findings_summary_with_pluginid - Generates a Findings Summary with Nessus Plugin ID findings_host - Generates a findings report by host exec_summary - Generates a simple executive summary. finding_statistics - Generates report finding statistics graphs - Generates a report with all the graphs in it findings_summary - Generates a findings summary report assets - Generates a Assets Summary Report cover_sheet - Generates a coversheet with a logo (Example Template) notable_detailed - Notable Vulnerabilities Detailed ms_update_summary - Generates a Microsoft Update Summary Report template - template notable - Notable Vulnerabilities ms_wsus_findings - Generates a report based on the findings of the Patch Management: WSUS Report plugin exec_summary_detailed - Generates a detailed executive summary report host_summary - Generates a Host Summary Report $
The templates are written in ruby using prawn, they are fairly easy to make. I will add any templates as requested. See the 'template' example for creating your own template.
If you would like to contribute templates/bug fixes/etc to risu. The easiest way is to fork the project on github and make the changes in your fork and the submit a pull request to the project.
If you have any problems, bugs or feature requests please use the github issue tracker.
You can reach me at risu[at]arxopia[dot]com.
You can also contact me on IRC as hammackj on irc.freenode.net, #risu