nessus_rest 0.1.0

data/.document

@@ -0,0 +1,5 @@
+lib/**/*.rb
+bin/*
+- 
+features/**/*.feature
+LICENSE.txt

data/.gitignore

@@ -0,0 +1,42 @@
+# rcov generated
+coverage
+
+# rdoc generated
+rdoc
+
+# yard generated
+doc
+.yardoc
+
+# bundler
+.bundle
+
+# jeweler generated
+pkg
+
+# Have editor/IDE/OS specific files you need to ignore? Consider using a global gitignore: 
+#
+# * Create a file at ~/.gitignore
+# * Include files you want ignored
+# * Run: git config --global core.excludesfile ~/.gitignore
+#
+# After doing this, these files will be ignored in all your git projects,
+# saving you from having to 'pollute' every project you touch with them
+#
+# Not sure what to needs to be ignored for particular editors/OSes? Here's some ideas to get you started. (Remember, remove the leading # of the line)
+#
+# For MacOS:
+#
+#.DS_Store
+#
+# For TextMate
+#*.tmproj
+#tmtags
+#
+# For emacs:
+*~
+#\#*
+#.\#*
+#
+# For vim:
+*.swp

data/Gemfile

@@ -0,0 +1,13 @@
+source "https://rubygems.org"
+gemspec
+# Add dependencies required to use your gem here.
+# Example:
+#   gem "activesupport", ">= 2.3.5"
+
+# Add dependencies to develop your gem here.
+# Include everything needed to run rake, tests, features, etc.
+group :development do
+  gem "shoulda", ">= 0"
+  gem "bundler", "~> 1.0.0"
+  gem "rcov", ">= 0"
+end

data/LICENSE.txt

@@ -0,0 +1,20 @@
+Copyright (c) 2010 Vlatko Kosturjak
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,63 @@
+# nessus_rest
+
+Communicate with Nessus Scanner (version 6+) over REST/JSON interface
+
+## Usage
+
+```ruby
+require 'nessus_rest'
+
+n=NessusREST::Client.new ({
+	:url=>'https://localhost:8834', 
+	:username=>'user',
+	:password=> 'password' })
+qs=n.scan_quick_template('basic','name-of-scan','localhost')
+scanid=qs['scan']['id']
+n.scan_wait4finish(scanid)
+n.report_download_file(scanid,'csv','myscanreport.csv')
+```
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+    gem 'nessus_rest'
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install nessus_rest
+
+## Requirements
+
+Requirements are quite standard Ruby libraries for HTTPS and JSON
+parsing:
+```ruby
+require 'uri'
+require 'net/https'
+require 'json'
+```
+
+## Contributing
+
+1. Fork it
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request
+
+### Todo
+- [ ] Provide more examples
+
+## Copyright
+Copyright (c) 2016 Vlatko Kosturjak. See LICENSE.txt for
+further details.
+
+## Credits
+
+Vlatko Kosturjak made initial Nessus XMLRPC library. Averagesecurityguy made
+initial JSON REST patches. Vlatko did bugfixes, gemification and few features.
+

data/Rakefile

@@ -0,0 +1,4 @@
+require 'bundler/gem_tasks'
+
+task :default => :install
+

data/VERSION

@@ -0,0 +1 @@
+0.1.0

data/examples/backup-reports.rb

@@ -0,0 +1,23 @@
+#!/usr/bin/env ruby
+
+require 'nessus_rest'
+
+n=NessusREST::Client.new ({:url=>'https://localhost:8834', :username=>'user', :password=> 'password'})
+
+formats=["nessus","csv","html"]
+folders_id=Hash.new
+
+sl["folders"].each do |f|
+        folders_id[f['id']]=f['name']
+end
+
+sl["scans"].each do |s|
+        puts "backing up: "+s["name"]+":"+s["uuid"].to_s 
+        formats.each do |format|
+		# fn = folder__name__scanid.format
+		outputfn=folders_id[s['folder_id']]+'__'+s['name']+'__'+s['id'].to_s+'.'+format
+                puts "-> Format: #{format"} Filename: #{outputfn}"
+                n.report_download_file(s['id'],format,outputfn)
+        end
+end
+

data/examples/simple.rb

@@ -0,0 +1,12 @@
+#!/usr/bin/env ruby
+
+require 'nessus_rest'
+
+n=NessusREST::Client.new ({:url=>'https://localhost:8834', :username=>'user', :password=> 'password'})
+qs=n.scan_quick_template('basic','name-of-scan','localhost')
+scanid=qs['scan']['id']
+n.scan_wait4finish(scanid)
+n.report_download_file(scanid,"csv","myscanreport.csv")
+
+
+

data/lib/nessus_rest.rb

@@ -0,0 +1,750 @@
+#!/usr/bin/env ruby
+# coding: utf-8
+# = nessus_rest.rb: communicate with Nessus(6+) over JSON REST interface
+#
+# Author:: Vlatko Kosturjak
+#
+# (C) Vlatko Kosturjak, Kost. Distributed under MIT license.
+# 
+# == What is this library? 
+# 
+# This library is used for communication with Nessus over JSON REST interface. 
+# You can start, stop, pause and resume scan. Watch progress and status of scan, 
+# download report, etc.
+#
+# == Requirements
+# 
+# Required libraries are standard Ruby libraries: uri, net/https and json. 
+#
+# == Usage:
+# 
+#   require 'nessus_rest'
+#
+#   n=NessusREST::Client.new ({:url=>'https://localhost:8834', :username=>'user', :password=> 'password'})
+#   qs=n.scan_quick_template('basic','name-of-scan','localhost')
+#   scanid=qs['scan']['id']
+#   n.scan_wait4finish(scanid)
+#   n.report_download_file(scanid,'csv','myscanreport.csv')
+#
+
+require 'uri'
+require 'net/http'
+require 'json'
+
+# NessusREST module - for all stuff regarding Nessus REST JSON
+# 
+
+module NessusREST
+  # Client class implementation of Nessus (6+) JSON REST protocol. 
+  # Class which uses standard JSON lib to parse nessus JSON REST replies. 
+  # 
+  # == Typical Usage:
+  #
+  #   require 'nessus_rest'
+  #
+  #   n=NessusREST::Client.new ({:url=>'https://localhost:8834', :username=>'user', :password=> 'password'})
+  #   qs=n.scan_quick_template('basic','name-of-scan','localhost')
+  #   scanid=qs['scan']['id']
+  #   n.scan_wait4finish(scanid)
+  #   n.report_download_file(scanid,'csv','myscanreport.csv')
+  #
+  class Client
+    attr_accessor :quick_defaults
+    attr_accessor :defsleep, :httpsleep, :httpretry, :ssl_use, :ssl_verify, :autologin
+    attr_reader :x_cookie
+
+    class << self
+      @connection
+      @token
+    end
+
+    # initialize quick scan defaults: these will be used when not specifying defaults
+    #
+    # Usage: 
+    # 
+    #  n.init_quick_defaults()
+    def init_quick_defaults
+      @quick_defaults=Hash.new
+      @quick_defaults['enabled']=false
+      @quick_defaults['launch']='ONETIME'
+      @quick_defaults['launch_now']=true
+      @quick_defaults['description']='Created with nessus_rest'
+    end
+     
+    # initialize object: try to connect to Nessus Scanner using URL, user and password
+    # (or any other defaults)
+    #
+    # Usage:
+    #
+    #  n=NessusREST::Client.new (:url=>'https://localhost:8834', :username=>'user', :password=> 'password')
+    def initialize(params={})
+      # defaults
+      @nessusurl = params.fetch(:url,'https://127.0.0.1:8834/')
+      @username = params.fetch(:username,'nessus')
+      @password = params.fetch(:password,'nessus')
+      @ssl_verify = params.fetch(:ssl_verify,false)
+      @ssl_use = params.fetch(:ssl_use,true)
+      @autologin = params.fetch(:autologin, true)
+      @defsleep = params.fetch(:defsleep, 1)
+      @httpretry = params.fetch(:httpretry, 3)
+      @httpsleep = params.fetch(:httpsleep, 1)
+
+      init_quick_defaults()
+
+      uri = URI.parse(@nessusurl)
+      @connection = Net::HTTP.new(uri.host, uri.port)
+      @connection.use_ssl = @ssl_use
+
+      if @ssl_verify
+        @connection.verify_mode = OpenSSL::SSL::VERIFY_PEER
+      else
+        @connection.verify_mode = OpenSSL::SSL::VERIFY_NONE
+      end
+        
+      yield @connection if block_given?
+        authenticate(@username, @password) if @autologin
+    end
+ 
+    # Tries to authenticate to the Nessus REST JSON interface
+    #
+    # returns: true if logged in, false if not
+    #
+    # Usage:
+    #
+    #  n=NessusREST::Client.new (:url=>'https://localhost:8834', :autologin=>false)
+    #  if n.authenticate('user','pass')
+    #	puts "Logged in"
+    #  else
+    #	puts "Error"
+    #  end
+    def authenticate(username, password)
+      @username = username
+      @password = password
+      payload = {
+        :username => @username, 
+        :password => @password, 
+        :json => 1
+      }
+      res = http_post(:uri=>"/session", :data=>payload)
+      if res['token']
+        @token = "token=#{res['token']}"
+        @x_cookie = {'X-Cookie'=>@token}
+        return true
+      else
+        false
+      end
+    end
+    alias_method :login, :authenticate
+
+    # checks if we're logged in correctly
+    #
+    # returns: true if logged in, false if not
+    #
+    # Usage:
+    #
+    #  n=NessusREST::Client.new (:url=>'https://localhost:8834', :username=>'user', :password=> 'password')
+    #  if n.authenticated
+    #	puts "Logged in"
+    #  else
+    #	puts "Error"
+    #  end
+    def authenticated
+      if (@token && @token.include?('token='))
+        return true
+      else
+        return false
+      end
+    end
+
+    # try to get server properties
+    #
+    # returns: JSON parsed object with server properties
+    #
+    # Usage:
+    #
+    #  n=NessusREST::Client.new (:url=>'https://localhost:8834', :username=>'user', :password=> 'password')
+    #  pp n.get_server_properties
+    def get_server_properties
+      http_get(:uri=>"/server/properties", :fields=>x_cookie)
+    end
+    alias_method :server_properties, :get_server_properties
+  
+    # Add user to server
+    #
+    # returns: JSON parsed object
+    #
+    # Usage:
+    #
+    #  n=NessusREST::Client.new (:url=>'https://localhost:8834', :username=>'user', :password=> 'password')
+    #  pp n.user_add('user','password','16','local')
+    #
+    # Reference:
+    # https://localhost:8834/api#/resources/users/create
+    def user_add(username, password, permissions, type)
+      payload = {
+        :username => username, 
+        :password => password, 
+        :permissions => permissions, 
+        :type => type, 
+        :json => 1
+      }
+      http_post(:uri=>"/users", :fields=>x_cookie, :data=>payload)
+    end
+      
+    # delete user with user_id
+    #
+    # returns: result code
+    #
+    # Usage:
+    #
+    #  n=NessusREST::Client.new (:url=>'https://localhost:8834', :username=>'user', :password=> 'password')
+    #  puts n.user_delete(1)
+    def user_delete(user_id)
+      res = http_delete(:uri=>"/users/#{user_id}", :fields=>x_cookie)
+      return res.code
+    end
+      
+    # change password for user_id
+    #
+    # returns: result code
+    #
+    # Usage:
+    #
+    #  n=NessusREST::Client.new (:url=>'https://localhost:8834', :username=>'user', :password=> 'password')
+    #  puts n.user_chpasswd(1,'newPassword')
+    def user_chpasswd(user_id, password)
+      payload = {
+        :password => password, 
+        :json => 1
+      }
+      res = http_put(:uri=>"/users/#{user_id}/chpasswd", :data=>payload, :fields=>x_cookie)
+      return res.code
+    end
+      
+    # logout from the server
+    #
+    # returns: result code
+    #
+    # Usage:
+    #
+    #  n=NessusREST::Client.new (:url=>'https://localhost:8834', :username=>'user', :password=> 'password')
+    #  puts n.user_logout
+    def user_logout
+      res = http_delete(:uri=>"/session", :fields=>x_cookie)
+      return res.code
+    end
+    alias_method :logout, :user_logout
+
+    # Get List of Policies
+    #
+    # returns: JSON parsed object with list of policies
+    #
+    # Usage:
+    #
+    #  n=NessusREST::Client.new (:url=>'https://localhost:8834', :username=>'user', :password=> 'password')
+    #  pp n.list_policies
+    def list_policies
+      http_get(:uri=>"/policies", :fields=>x_cookie)
+    end
+
+    # Get List of Users
+    #
+    # returns: JSON parsed object with list of users
+    #
+    # Usage:
+    #
+    #  n=NessusREST::Client.new (:url=>'https://localhost:8834', :username=>'user', :password=> 'password')
+    #  pp n.list_users
+    def list_users
+      http_get(:uri=>"/users", :fields=>x_cookie)
+    end
+
+    # Get List of Folders
+    #
+    # returns: JSON parsed object with list of folders
+    #
+    # Usage:
+    #
+    #  n=NessusREST::Client.new (:url=>'https://localhost:8834', :username=>'user', :password=> 'password')
+    #  pp n.list_folders
+    def list_folders
+      http_get(:uri=>"/folders", :fields=>x_cookie)
+    end
+
+    # Get List of Scanners
+    #
+    # returns: JSON parsed object with list of scanners
+    #
+    # Usage:
+    #
+    #  n=NessusREST::Client.new (:url=>'https://localhost:8834', :username=>'user', :password=> 'password')
+    #  pp n.list_scanners
+    def list_scanners
+      http_get(:uri=>"/scanners", :fields=>x_cookie)
+    end
+
+    # Get List of Families
+    #
+    # returns: JSON parsed object with list of families
+    #
+    # Usage:
+    #
+    #  n=NessusREST::Client.new (:url=>'https://localhost:8834', :username=>'user', :password=> 'password')
+    #  pp n.list_families
+    def list_families
+      http_get(:uri=>"/plugins/families", :fields=>x_cookie)
+    end
+
+    # Get List of Plugins
+    #
+    # returns: JSON parsed object with list of plugins
+    #
+    # Usage:
+    #
+    #  n=NessusREST::Client.new (:url=>'https://localhost:8834', :username=>'user', :password=> 'password')
+    #  pp n.list_plugins
+    def list_plugins(family_id)
+      http_get(:uri=>"/plugins/families/#{family_id}", :fields=>x_cookie)
+    end
+
+    # Get List of Templates
+    #
+    # returns: JSON parsed object with list of templates
+    #
+    # Usage:
+    #
+    #  n=NessusREST::Client.new (:url=>'https://localhost:8834', :username=>'user', :password=> 'password')
+    #  pp n.list_templates
+    def list_templates(type)
+      res = http_get(:uri=>"/editor/#{type}/templates", :fields=>x_cookie)
+    end
+
+    def plugin_details(plugin_id)
+      http_get(:uri=>"/plugins/plugin/#{plugin_id}", :fields=>x_cookie)
+    end
+
+    # check if logged in user is administrator
+    #
+    # returns: boolean value depending if user is administrator or not
+    #
+    # Usage:
+    #
+    #  n=NessusREST::Client.new (:url=>'https://localhost:8834', :username=>'user', :password=> 'password')
+    #  if n.is_admin
+    #	puts "Administrator"
+    #  else
+    #	puts "NOT administrator"
+    #  end
+    def is_admin
+      res = http_get(:uri=>"/session", :fields=>x_cookie)
+      if res['permissions'] == 128
+        return true
+      else
+        return false
+      end
+    end
+
+    # Get server status
+    #
+    # returns: JSON parsed object with server status
+    #
+    # Usage:
+    #
+    #  n=NessusREST::Client.new (:url=>'https://localhost:8834', :username=>'user', :password=> 'password')
+    #  pp n.server_status
+    def server_status
+      http_get(:uri=>"/server/status", :fields=>x_cookie)
+    end
+
+    def scan_create(uuid, settings)
+      payload = {
+	:uuid => uuid, 
+	:settings => settings,
+	:json => 1
+      }.to_json
+      http_post(:uri=>"/scans", :body=>payload, :fields=>x_cookie, :ctype=>'application/json')
+    end
+
+    def scan_launch(scan_id)
+      http_post(:uri=>"/scans/#{scan_id}/launch", :fields=>x_cookie)
+    end
+
+    # Get List of Scans
+    #
+    # returns: JSON parsed object with list of scans
+    #
+    # Usage:
+    #
+    #  n=NessusREST::Client.new (:url=>'https://localhost:8834', :username=>'user', :password=> 'password')
+    #  pp n.scan_list
+    def scan_list
+      http_get(:uri=>"/scans", :fields=>x_cookie)
+    end
+    alias_method :list_scans, :scan_list
+
+    def scan_details(scan_id)
+      http_get(:uri=>"/scans/#{scan_id}", :fields=>x_cookie)
+    end
+
+    def scan_pause(scan_id)
+      http_post(:uri=>"/scans/#{scan_id}/pause", :fields=>x_cookie)
+    end
+
+    def scan_resume(scan_id)
+      http_post(:uri=>"/scans/#{scan_id}/resume", :fields=>x_cookie)
+    end
+
+    def scan_stop(scan_id)
+      http_post(:uri=>"/scans/#{scan_id}/stop", :fields=>x_cookie)
+    end
+
+    def scan_export(scan_id, format)
+      payload = {
+        :format => format
+      }.to_json
+      http_post(:uri=>"/scans/#{scan_id}/export", :body=>payload, :ctype=>'application/json', :fields=>x_cookie)
+    end
+
+    def scan_export_status(scan_id, file_id)
+      request = Net::HTTP::Get.new("/scans/#{scan_id}/export/#{file_id}/status")
+      request.add_field("X-Cookie", @token)
+      res = @connection.request(request)
+      res = JSON.parse(res.body)
+      return res
+    end
+
+    # delete scan with scan_id
+    #
+    # returns: boolean (true if deleted)
+    #
+    # Usage:
+    #
+    #  n=NessusREST::Client.new (:url=>'https://localhost:8834', :username=>'user', :password=> 'password')
+    #  puts n.scan_delete(1)
+    def scan_delete(scan_id)
+      res = http_delete(:uri=>"/scans/#{scan_id}", :fields=>x_cookie)
+      if res.code == 200 then
+        return true
+      end
+      return false
+    end
+
+    def policy_delete(policy_id)
+      res = http_delete(:uri=>"/policies/#{policy_id}", :fields=>x_cookie)
+      return res.code
+    end
+
+    # Get template by type and uuid. Type can be 'policy' or 'scan'
+    #
+    # returns: JSON parsed object with template
+    #
+    # Usage:
+    #
+    #  n=NessusREST::Client.new (:url=>'https://localhost:8834', :username=>'user', :password=> 'password')
+    #  pp n.editor_templates('scan',uuid)
+    def editor_templates (type, uuid)
+      res = http_get(:uri=>"/editor/#{type}/templates/#{uuid}", :fields=>x_cookie)
+    end
+
+    # Performs scan with templatename provided (name, title or uuid of scan).
+    # Name is your scan name and targets are targets for scan
+    #
+    # returns: JSON parsed object with scan info
+    #
+    # Usage:
+    #
+    #   require 'nessus_rest'
+    #
+    #   n=NessusREST::Client.new ({:url=>'https://localhost:8834', :username=>'user', :password=> 'password'})
+    #   qs=n.scan_quick_template('basic','name-of-scan','localhost')
+    #   scanid=qs['scan']['id']
+    #   n.scan_wait4finish(scanid)
+    #   n.report_download_file(scanid,'csv','myscanreport.csv')
+    #
+    def scan_quick_template (templatename, name, targets)
+      templates=list_templates('scan')['templates'].select do |temp| 
+        temp['uuid'] == templatename or temp['name'] == templatename or temp['title'] == templatename
+      end
+      if templates.nil? then
+        return nil
+      end
+      tuuid=templates.first['uuid']
+      et=editor_templates('scan',tuuid)
+      et.merge!(@quick_defaults)
+      et['name']=name
+      et['text_targets']=targets
+      sc=scan_create(tuuid,et)
+    end
+
+    # Performs scan with scan policy provided (uuid of policy or policy name).
+    # Name is your scan name and targets are targets for scan
+    #
+    # returns: JSON parsed object with scan info
+    #
+    # Usage:
+    #
+    #   require 'nessus_rest'
+    #
+    #   n=NessusREST::Client.new ({:url=>'https://localhost:8834', :username=>'user', :password=> 'password'})
+    #   qs=n.scan_quick_policy('myscanpolicy','name-of-scan','localhost')
+    #   scanid=qs['scan']['id']
+    #   n.scan_wait4finish(scanid)
+    #   n.report_download_file(scanid,'nessus','myscanreport.nessus')
+    #
+    def scan_quick_policy (policyname, name, targets)
+      templates=list_policies['policies'].select do |pol|
+        pol['template_uuid'] == policyname or pol['name'] == policyname
+      end
+      if templates.nil? then
+	return nil
+      end
+      tuuid=templates.first['template_uuid']
+      et=Hash.new
+      et.merge!(@quick_defaults)
+      et['name']=name
+      et['text_targets']=targets
+      sc=scan_create(tuuid,et)
+    end
+
+    def scan_status(scan_id)
+      sd=scan_details(scan_id)
+      return sd['info']['status']
+    end
+
+    def scan_finished?(scan_id)
+      ss=scan_status(scan_id)
+      if ss == 'completed' then
+        return true
+      end
+      return false
+    end
+
+    def scan_wait4finish(scan_id)
+      while not scan_finished?(scan_id) do
+        # puts scan_status(scan_id)
+        sleep @defsleep
+      end
+    end
+
+    # Get host details from the scan
+    #
+    # returns: JSON parsed object with host details
+    #
+    # Usage:
+    #
+    #  n=NessusREST::Client.new (:url=>'https://localhost:8834', :username=>'user', :password=> 'password')
+    #  pp n.host_detail(123, 1234)
+    def host_detail(scan_id, host_id)
+      res = http_get(:uri=>"/scans/#{scan_id}/hosts/#{host_id}", :fields=>x_cookie)
+    end
+
+    def report_download(scan_id, file_id)
+      res = http_get(:uri=>"/scans/#{scan_id}/export/#{file_id}/download", :raw_content=> true, :fields=>x_cookie)
+    end
+
+    def report_download_quick(scan_id, format) 
+      se=scan_export(scan_id,format)
+      # ready, loading
+      while (status = scan_export_status(scan_id,se['file'])['status']) != "ready" do
+        # puts status
+        if status.nil? or status == '' then
+          return nil
+        end
+        sleep @defsleep
+      end
+      rf=report_download(scan_id,se['file'])
+      return rf
+    end
+
+    def report_download_file(scan_id, format, outputfn)
+      report_content=report_download_quick(scan_id, format)
+      File.open(outputfn, 'w') do |f| 
+        f.write(report_content)
+      end
+    end
+
+    #
+    # private?
+    #
+
+    # Perform HTTP put method with uri, data and fields
+    #
+    # returns: HTTP result object
+    #
+    # Usage:
+    #
+    #  n=NessusREST::Client.new (:url=>'https://localhost:8834', :username=>'user', :password=> 'password')
+    #  payload = {
+    #    :password => password, 
+    #    :json => 1
+    #  }
+    #  res = n.http_put(:uri=>"/users/#{user_id}/chpasswd", :data=>payload, :fields=>n.x_cookie)
+    #  puts res.code 
+    def http_put(opts={})
+      uri    = opts[:uri]
+      data   = opts[:data]
+      fields = opts[:fields] || {}
+      res    = nil
+      tries  = @httpretry
+
+      req = Net::HTTP::Put.new(uri)
+      req.set_form_data(data) unless (data.nil? || data.empty?)
+      fields.each_pair do |name, value|
+        req.add_field(name, value)
+      end
+
+      begin
+	tries -= 1
+        res = @connection.request(req)
+      rescue Timeout::Error, Errno::EINVAL, Errno::ECONNRESET, EOFError, Net::HTTPBadResponse, Net::HTTPHeaderSyntaxError, Net::ProtocolError => e
+	if tries>0
+	  sleep @httpsleep
+	  retry
+	else
+	  return res
+	end
+      rescue URI::InvalidURIError
+        return res
+      end
+
+      res
+    end
+
+    # Perform HTTP delete method with uri, data and fields
+    #
+    # returns: HTTP result object
+    #
+    # Usage:
+    #
+    #  n=NessusREST::Client.new (:url=>'https://localhost:8834', :username=>'user', :password=> 'password')
+    #  res = n.http_delete(:uri=>"/session", :fields=>n.x_cookie)
+    #  puts res.code
+    def http_delete(opts={})
+      uri    = opts[:uri]
+      fields = opts[:fields] || {}
+      res    = nil
+      tries  = @httpretry
+
+      req = Net::HTTP::Delete.new(uri)
+
+      fields.each_pair do |name, value|
+        req.add_field(name, value)
+      end
+
+      begin
+	tries -= 1
+        res = @connection.request(req)
+      rescue Timeout::Error, Errno::EINVAL, Errno::ECONNRESET, EOFError, Net::HTTPBadResponse, Net::HTTPHeaderSyntaxError, Net::ProtocolError => e
+	if tries>0
+	  sleep @httpsleep
+	  retry
+	else
+	  return res
+	end
+      rescue URI::InvalidURIError
+        return res
+      end
+
+      res
+    end
+
+    # Perform HTTP get method with uri and fields
+    #
+    # returns: JSON parsed object (if JSON parseable)
+    #
+    # Usage:
+    #
+    #  n=NessusREST::Client.new (:url=>'https://localhost:8834', :username=>'user', :password=> 'password')
+    #  pp n.http_get(:uri=>"/users", :fields=>n.x_cookie)
+    def http_get(opts={})
+      uri    = opts[:uri]
+      fields = opts[:fields] || {}
+      raw_content = opts[:raw_content] || false
+      json   = {}
+      tries  = @httpretry
+
+      req = Net::HTTP::Get.new(uri)
+      fields.each_pair do |name, value|
+        req.add_field(name, value)
+      end
+
+      begin
+        tries -= 1
+        res = @connection.request(req)
+      rescue Timeout::Error, Errno::EINVAL, Errno::ECONNRESET, EOFError, Net::HTTPBadResponse, Net::HTTPHeaderSyntaxError, Net::ProtocolError => e
+        if tries>0
+          sleep @httpsleep
+          retry
+        else
+          return json
+        end
+      rescue URI::InvalidURIError
+        return json
+      end
+      if !raw_content
+        parse_json(res.body)
+      else
+        res.body
+      end
+    end
+
+    # Perform HTTP post method with uri, data, body and fields
+    #
+    # returns: JSON parsed object (if JSON parseable)
+    #
+    # Usage:
+    #
+    #  n=NessusREST::Client.new (:url=>'https://localhost:8834', :username=>'user', :password=> 'password')
+    #  pp n.http_post(:uri=>"/scans/#{scan_id}/launch", :fields=>n.x_cookie)
+    def http_post(opts={})
+      uri    = opts[:uri]
+      data   = opts[:data]
+      fields = opts[:fields] || {}
+      body   = opts[:body]
+      ctype  = opts[:ctype]
+      json   = {}
+      tries  = @httpretry
+
+      req = Net::HTTP::Post.new(uri)
+      req.set_form_data(data) unless (data.nil? || data.empty?)
+      req.body = body unless (body.nil? || body.empty?)
+      req['Content-Type'] = ctype unless (ctype.nil? || ctype.empty?)
+      fields.each_pair do |name, value|
+        req.add_field(name, value)
+      end
+
+      begin
+	tries -= 1
+        res = @connection.request(req)
+      rescue Timeout::Error, Errno::EINVAL, Errno::ECONNRESET, EOFError, Net::HTTPBadResponse, Net::HTTPHeaderSyntaxError, Net::ProtocolError => e
+	if tries>0
+          sleep @httpsleep
+	  retry
+	else
+	  return json
+	end
+      rescue URI::InvalidURIError
+        return json
+      end
+
+      parse_json(res.body)
+    end
+
+    # Perform JSON parsing of body
+    #
+    # returns: JSON parsed object (if JSON parseable)
+    #
+    def parse_json(body)
+      buf = {}
+
+      begin
+        buf = JSON.parse(body)
+      rescue JSON::ParserError
+      end
+
+      buf
+    end
+
+  end # of Client class
+end # of NessusREST module
+

data/nessus_rest.gemspec

@@ -0,0 +1,25 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+
+Gem::Specification.new do |spec|
+  spec.name = 'nessus_rest'
+  spec.homepage = 'https://github.com/kost/nessus_rest-ruby'
+  spec.license = 'MIT'
+  spec.summary = %Q{Communicate with Nessus Scanner (version 6+) over REST/JSON interface}
+  spec.description = %Q{Ruby library for Nessus JSON/REST interface. This library is used for communication with Nessus over REST interface. You can start, stop, pause and resume scan. Watch progress and status of scan, download report, etc. }
+  spec.email = 'vlatko.kosturjak@gmail.com'
+  spec.authors = ['Vlatko Kosturjak']
+  # spec.version = '0.1.5'
+  spec.version = File.exist?('VERSION') ? File.read('VERSION') : ""
+
+  spec.files         = `git ls-files`.split($/)
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ['lib']
+
+  spec.add_development_dependency 'bundler', '~> 1.3'
+  spec.add_development_dependency 'pry'
+  spec.add_development_dependency 'rake'
+  spec.add_development_dependency 'yard'
+end

data/test/helper.rb

@@ -0,0 +1,18 @@
+require 'rubygems'
+require 'bundler'
+begin
+  Bundler.setup(:default, :development)
+rescue Bundler::BundlerError => e
+  $stderr.puts e.message
+  $stderr.puts "Run `bundle install` to install missing gems"
+  exit e.status_code
+end
+require 'test/unit'
+require 'shoulda'
+
+$LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
+$LOAD_PATH.unshift(File.dirname(__FILE__))
+require 'nessus-xmlrpc'
+
+class Test::Unit::TestCase
+end

data/test/test_nessus_rest.rb

@@ -0,0 +1,6 @@
+require 'helper'
+
+class TestNessusRest < Test::Unit::TestCase
+  should "probably rename this file and start testing for real" do
+  end
+end

metadata

@@ -0,0 +1,126 @@
+--- !ruby/object:Gem::Specification
+name: nessus_rest
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+  prerelease: 
+platform: ruby
+authors:
+- Vlatko Kosturjak
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2016-08-14 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.3'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.3'
+- !ruby/object:Gem::Dependency
+  name: pry
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: yard
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+description: ! 'Ruby library for Nessus JSON/REST interface. This library is used
+  for communication with Nessus over REST interface. You can start, stop, pause and
+  resume scan. Watch progress and status of scan, download report, etc. '
+email: vlatko.kosturjak@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- .document
+- .gitignore
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- VERSION
+- examples/backup-reports.rb
+- examples/simple.rb
+- lib/nessus_rest.rb
+- nessus_rest.gemspec
+- test/helper.rb
+- test/test_nessus_rest.rb
+homepage: https://github.com/kost/nessus_rest-ruby
+licenses:
+- MIT
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 1.8.23
+signing_key: 
+specification_version: 3
+summary: Communicate with Nessus Scanner (version 6+) over REST/JSON interface
+test_files:
+- test/helper.rb
+- test/test_nessus_rest.rb