NessCIS is a PHP tool designed to extract CIS (Center for Internet Security) benchmarks from a .Nessus file and present them in an easily readable Excel format.
- Extracts CIS benchmark data from .Nessus files
- Generates an Excel (.xlsx) file with two sheets:
- CIS Results: Detailed findings for each IP address with straight-to-the-point recommendations
- Control Remediations: Unique findings with compliance solutions
- Uses PhpOffice/PhpSpreadsheet for Excel file generation
- PHP 7.4 or higher
- Composer
- SimpleXML PHP extension
- PhpOffice/PhpSpreadsheet (installed via Composer)
-
Clone the repository:
git clone https://github.com/FlyingPhish/NessCIS.git cd NessCIS -
Install dependencies using Composer:
composer install
-
Ensure the SimpleXML extension is installed:
sudo apt install php-xml
Run the script by providing the path to your .Nessus file:
php nessCIS.php path/to/your/scan.nessusThe script will generate an Excel file named after your policy, e.g., Your_Policy_Name_CIS_Results.xlsx.
The generated Excel file contains two sheets:
-
CIS Results:
- IP Address
- Benchmark Name
- Check Name
- Result
- Compliance Actual Value
-
Control Remediations:
- Benchmark Name
- Check Name
- Result
- Compliance Solution
