Nessus XML StylesheetI have done some work updating the XML stylesheet that comes with the Nessus security scanner to produce better output.

The updated .xsl file can be found here (zip archive).  The stylesheet was last updated on 9 January 2006.

WARNING - I have tested this style sheet a little and it seems to work okay, but I have not done any extensive testing so I would not recommend relying on the output until more validation has been done. While I don't see how using this stylesheet could have any damaging side-effects, the html output of applying this stylesheet could omit some results or associate results with the wrong systems.  Use at your own risk.

The major changes I have made are that results are now sorted by IP and by port and that there is a listing of machines / ports with each vulnerability at the bottom of the output file.  I have been applying it with xsltproc on Linux. It gives a couple warnings, but it works. Example:

$ xsltproc nessus.xsl outputscan.xml > report.html

You can also use this stylesheet to format the XML data in a web browser (I have only tried Firefox) by putting the unzipped nessus.xsl file into the same directory as the nessus output xml file and then opening the xml output file in the web browser. The output doesn't look as nice when done this way. Some of the formatting seems to get lost, so I recommend using xsltproc or another XSL processor.

I am interested in hearing from anyone that has any other stylesheets for Nessus output and especially from anyone that has done any work integrating Nessus XML output with output from other vulnerability scanners or port scanners.  Please give me an email at chuck (at) securityfoundry (dot) com.