2022-01-24 - Now parses and transforms embedded “note” messages from tenable Two pass java implementation of this tenable data transformation solution. Info and requirements: must run java 1.8 or greater 2 pass solution reduces memory footprint leverages gradle builds an executable jar with all required libraries for easy execution requires apache commons-csv cross platform Download the Executable jar file Download the source code file Here’s how to compile and run the code:

If you use Tenable’s excellent Nessus vulnerability scanner, you’re probably familiar with the “Plugin Output” payload in their default reports. Many plugins aggregate findings in this payload and it’s sometimes convenient to parse them out. For example, the current log4j Nessus plugins aggregate many vulnerable jar/ear/war/zip files in what I call a “path group” which is a series of key : value pairs grouped together and separated by newlines: This finding aggregation can be incredibly inconvenient for remediators, people creating reports, security folks documenting risk, etc as they need to manually review the multiline payload.

well hello there.