e-fin/nessus-cve-poc-finder — explained in plain English
Analysis updated 2026-05-18
Pull the unique, sorted list of CVE numbers out of a Nessus scan file.
Export full scan findings with host and plugin context to a CSV file.
Cross-reference scan CVEs against searchsploit to see which already have a public exploit.
Prioritize which vulnerabilities from a scan to investigate first based on exploit availability.
| e-fin/nessus-cve-poc-finder | 0xhassaan/nn-from-scratch | 3ks/embedoc | |
|---|---|---|---|
| Stars | 0 | 0 | — |
| Language | Python | Python | Python |
| Last pushed | — | — | 2023-06-08 |
| Maintenance | — | — | Dormant |
| Setup difficulty | easy | moderate | hard |
| Complexity | 2/5 | 4/5 | 1/5 |
| Audience | ops devops | developer | developer |
Figures from each repo's GitHub metadata at analysis time.
Requires searchsploit and a local Exploit Database copy installed for the --exploits option to find matches.
This is a small Python script for security professionals who already run vulnerability scans with Nessus, a common vulnerability scanning tool. Nessus produces a .nessus file listing every vulnerability it found, each tagged with CVE numbers, which are the standard reference IDs used to identify known security flaws. This script reads that file and pulls out all the CVE numbers it contains. Once it has the CVE list, the script can do a few things depending on which options are used. It can print just the unique, sorted list of CVE IDs found across a scan. It can write the full results, including which host and which Nessus plugin each CVE came from, out to a CSV file for further review or reporting. Its most useful option cross-references every unique CVE against searchsploit, a tool that searches a local copy of the Exploit Database, and prints out any exploit proof-of-concept code that exactly matches one of those CVEs. The README includes a worked example showing the script run against a sample scan file with the exploit cross-reference option turned on. For each CVE that has a matching exploit, it lists the affected host IP addresses, a short description of the exploit, its Exploit Database ID, and the local file path where the exploit code can be found, covering things like a Java deserialization remote code execution flaw in Oracle WebLogic Server and an Apache Tomcat file read vulnerability known as Ghostcat. The example run also reports summary numbers, such as how many of the total unique CVEs found had an exact-match exploit available. The tool is intended to help a penetration tester or security analyst quickly prioritize which findings from a Nessus scan already have a working, publicly known exploit, rather than having to look up every CVE by hand. It depends on searchsploit and its underlying Exploit Database archive being installed and up to date on the machine running the script.
A Python script that extracts CVE numbers from a Nessus scan file and checks which ones already have a matching public exploit via searchsploit.
Mainly Python. The stack also includes Python, searchsploit, Nessus.
No license information is provided in the README.
Setup difficulty is rated easy, with roughly 5min to a first successful run.
Mainly ops devops.
This repo across BitVibe Labs
Verify against the repo before relying on details.