# Import Nessus to Metasploit
1. Check database postgresql
```
sudo systemctl status postgresql
sudo systemctl start postgresql
```
2. Initialization the db
```
sudo msfdb init
```
3. open metasploit
```
msfconsole
```
4. Check db\_status
```
db_status
```
5. Import nessus file.
```
db_import
```
6. Make sure you cover all targets. then export vulns into a txt file from meterpreter:
```
vulns -o EntityName_vulns_result.txt
```
7. Summary the findings:
```
#!/bin/bash
# ./recap_findings.sh input.txt
SUMMARY_FILE="summary_report.txt"
BLUE="\e[34m" # Blue color for findings name
RESET="\e[0m" # Reset color
# Function to display help
show_help() {
echo "Usage:"
echo " $0 ... # Process Nessus result files"
echo " $0 search # Search findings by keyword"
echo " $0 --help # Show this help message"
exit 0
}
# Function to validate file format
validate_file() {
local file="$1"
local first_line
first_line=$(head -n 1 "$file")
if [[ "$first_line" != "Timestamp,Host,Name,References" ]]; then
echo "❌ Error: File '$file' has an invalid format!"
return 1
fi
return 0
}
# Handle help request
if [[ "$1" == "--help" ]]; then
show_help
fi
# If searching for findings
if [[ "$1" == "search" ]]; then
if [ ! -f "$SUMMARY_FILE" ]; then
echo "❌ No summary file found! Run the script with Nessus files first."
exit 1
fi
SEARCH_QUERY="${@:2}"
if [ -z "$SEARCH_QUERY" ]; then
echo "❌ Please provide a keyword to search."
exit 1
fi
echo "🔎 Searching for '$SEARCH_QUERY'..."
# Properly highlight findings name in BLUE
grep -i "🔹 .*${SEARCH_QUERY}.*" -A 2 "$SUMMARY_FILE" | sed '/^--$/d' | \
sed -E "s/(🔹 [^:]+)/\x1B[34m\1\x1B[0m/g"
exit 0
fi
# Ensure at least one input file
if [ "$#" -lt 1 ]; then
echo "❌ Usage: $0 ... OR: $0 search "
exit 1
fi
# Validate all input files before processing
VALID_FILES=()
for file in "$@"; do
if [[ ! -f "$file" ]]; then
echo "❌ Error: File '$file' not found!"
exit 1
fi
if validate_file "$file"; then
VALID_FILES+=("$file")
else
echo "❌ Skipping invalid file: $file"
fi
done
# If no valid files, do not overwrite the summary
if [ "${#VALID_FILES[@]}" -eq 0 ]; then
echo "❌ No valid input files. Summary report is unchanged."
exit 1
fi
# Ensure the output file is empty before writing
> "$SUMMARY_FILE"
echo "📊 Processing Nessus result files..."
awk -F ',' '
NR == 1 { next } # Skip header row
{
gsub(/"/, "", $0); # Remove double quotes
host = $2;
vuln_name = $3;
if (vuln_name && host) {
findings[vuln_name][host] = 1;
}
}
END {
print "=== Vulnerability Summary ===\n" > "'$SUMMARY_FILE'";
for (vuln in findings) {
printf "🔹 %s\n Affected Hosts: ", vuln >> "'$SUMMARY_FILE'";
first = 1;
for (host in findings[vuln]) {
if (!first) printf ", " >> "'$SUMMARY_FILE'";
printf "%s", host >> "'$SUMMARY_FILE'";
first = 0;
}
printf "\n\n" >> "'$SUMMARY_FILE'";
}
}
' "${VALID_FILES[@]}"
echo "✅ Summary Report saved to $SUMMARY_FILE"
```
If meterpreter problem memory blah blah:
{% hint style="info" %}
Reinstall meterpreter
{% endhint %}
