PyPI - aiptx - Versions diffs - 2.0.7__py3-none-any.whl - Mend

aiptx 2.0.7__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (187) hide show

aipt_v2/__init__.py +110 -0
aipt_v2/__main__.py +24 -0
aipt_v2/agents/AIPTxAgent/__init__.py +10 -0
aipt_v2/agents/AIPTxAgent/aiptx_agent.py +211 -0
aipt_v2/agents/__init__.py +46 -0
aipt_v2/agents/base.py +520 -0
aipt_v2/agents/exploit_agent.py +688 -0
aipt_v2/agents/ptt.py +406 -0
aipt_v2/agents/state.py +168 -0
aipt_v2/app.py +957 -0
aipt_v2/browser/__init__.py +31 -0
aipt_v2/browser/automation.py +458 -0
aipt_v2/browser/crawler.py +453 -0
aipt_v2/cli.py +2933 -0
aipt_v2/compliance/__init__.py +71 -0
aipt_v2/compliance/compliance_report.py +449 -0
aipt_v2/compliance/framework_mapper.py +424 -0
aipt_v2/compliance/nist_mapping.py +345 -0
aipt_v2/compliance/owasp_mapping.py +330 -0
aipt_v2/compliance/pci_mapping.py +297 -0
aipt_v2/config.py +341 -0
aipt_v2/core/__init__.py +43 -0
aipt_v2/core/agent.py +630 -0
aipt_v2/core/llm.py +395 -0
aipt_v2/core/memory.py +305 -0
aipt_v2/core/ptt.py +329 -0
aipt_v2/database/__init__.py +14 -0
aipt_v2/database/models.py +232 -0
aipt_v2/database/repository.py +384 -0
aipt_v2/docker/__init__.py +23 -0
aipt_v2/docker/builder.py +260 -0
aipt_v2/docker/manager.py +222 -0
aipt_v2/docker/sandbox.py +371 -0
aipt_v2/evasion/__init__.py +58 -0
aipt_v2/evasion/request_obfuscator.py +272 -0
aipt_v2/evasion/tls_fingerprint.py +285 -0
aipt_v2/evasion/ua_rotator.py +301 -0
aipt_v2/evasion/waf_bypass.py +439 -0
aipt_v2/execution/__init__.py +23 -0
aipt_v2/execution/executor.py +302 -0
aipt_v2/execution/parser.py +544 -0
aipt_v2/execution/terminal.py +337 -0
aipt_v2/health.py +437 -0
aipt_v2/intelligence/__init__.py +194 -0
aipt_v2/intelligence/adaptation.py +474 -0
aipt_v2/intelligence/auth.py +520 -0
aipt_v2/intelligence/chaining.py +775 -0
aipt_v2/intelligence/correlation.py +536 -0
aipt_v2/intelligence/cve_aipt.py +334 -0
aipt_v2/intelligence/cve_info.py +1111 -0
aipt_v2/intelligence/knowledge_graph.py +590 -0
aipt_v2/intelligence/learning.py +626 -0
aipt_v2/intelligence/llm_analyzer.py +502 -0
aipt_v2/intelligence/llm_tool_selector.py +518 -0
aipt_v2/intelligence/payload_generator.py +562 -0
aipt_v2/intelligence/rag.py +239 -0
aipt_v2/intelligence/scope.py +442 -0
aipt_v2/intelligence/searchers/__init__.py +5 -0
aipt_v2/intelligence/searchers/exploitdb_searcher.py +523 -0
aipt_v2/intelligence/searchers/github_searcher.py +467 -0
aipt_v2/intelligence/searchers/google_searcher.py +281 -0
aipt_v2/intelligence/tools.json +443 -0
aipt_v2/intelligence/triage.py +670 -0
aipt_v2/interactive_shell.py +559 -0
aipt_v2/interface/__init__.py +5 -0
aipt_v2/interface/cli.py +230 -0
aipt_v2/interface/main.py +501 -0
aipt_v2/interface/tui.py +1276 -0
aipt_v2/interface/utils.py +583 -0
aipt_v2/llm/__init__.py +39 -0
aipt_v2/llm/config.py +26 -0
aipt_v2/llm/llm.py +514 -0
aipt_v2/llm/memory.py +214 -0
aipt_v2/llm/request_queue.py +89 -0
aipt_v2/llm/utils.py +89 -0
aipt_v2/local_tool_installer.py +1467 -0
aipt_v2/models/__init__.py +15 -0
aipt_v2/models/findings.py +295 -0
aipt_v2/models/phase_result.py +224 -0
aipt_v2/models/scan_config.py +207 -0
aipt_v2/monitoring/grafana/dashboards/aipt-dashboard.json +355 -0
aipt_v2/monitoring/grafana/dashboards/default.yml +17 -0
aipt_v2/monitoring/grafana/datasources/prometheus.yml +17 -0
aipt_v2/monitoring/prometheus.yml +60 -0
aipt_v2/orchestration/__init__.py +52 -0
aipt_v2/orchestration/pipeline.py +398 -0
aipt_v2/orchestration/progress.py +300 -0
aipt_v2/orchestration/scheduler.py +296 -0
aipt_v2/orchestrator.py +2427 -0
aipt_v2/payloads/__init__.py +27 -0
aipt_v2/payloads/cmdi.py +150 -0
aipt_v2/payloads/sqli.py +263 -0
aipt_v2/payloads/ssrf.py +204 -0
aipt_v2/payloads/templates.py +222 -0
aipt_v2/payloads/traversal.py +166 -0
aipt_v2/payloads/xss.py +204 -0
aipt_v2/prompts/__init__.py +60 -0
aipt_v2/proxy/__init__.py +29 -0
aipt_v2/proxy/history.py +352 -0
aipt_v2/proxy/interceptor.py +452 -0
aipt_v2/recon/__init__.py +44 -0
aipt_v2/recon/dns.py +241 -0
aipt_v2/recon/osint.py +367 -0
aipt_v2/recon/subdomain.py +372 -0
aipt_v2/recon/tech_detect.py +311 -0
aipt_v2/reports/__init__.py +17 -0
aipt_v2/reports/generator.py +313 -0
aipt_v2/reports/html_report.py +378 -0
aipt_v2/runtime/__init__.py +53 -0
aipt_v2/runtime/base.py +30 -0
aipt_v2/runtime/docker.py +401 -0
aipt_v2/runtime/local.py +346 -0
aipt_v2/runtime/tool_server.py +205 -0
aipt_v2/runtime/vps.py +830 -0
aipt_v2/scanners/__init__.py +28 -0
aipt_v2/scanners/base.py +273 -0
aipt_v2/scanners/nikto.py +244 -0
aipt_v2/scanners/nmap.py +402 -0
aipt_v2/scanners/nuclei.py +273 -0
aipt_v2/scanners/web.py +454 -0
aipt_v2/scripts/security_audit.py +366 -0
aipt_v2/setup_wizard.py +941 -0
aipt_v2/skills/__init__.py +80 -0
aipt_v2/skills/agents/__init__.py +14 -0
aipt_v2/skills/agents/api_tester.py +706 -0
aipt_v2/skills/agents/base.py +477 -0
aipt_v2/skills/agents/code_review.py +459 -0
aipt_v2/skills/agents/security_agent.py +336 -0
aipt_v2/skills/agents/web_pentest.py +818 -0
aipt_v2/skills/prompts/__init__.py +647 -0
aipt_v2/system_detector.py +539 -0
aipt_v2/telemetry/__init__.py +7 -0
aipt_v2/telemetry/tracer.py +347 -0
aipt_v2/terminal/__init__.py +28 -0
aipt_v2/terminal/executor.py +400 -0
aipt_v2/terminal/sandbox.py +350 -0
aipt_v2/tools/__init__.py +44 -0
aipt_v2/tools/active_directory/__init__.py +78 -0
aipt_v2/tools/active_directory/ad_config.py +238 -0
aipt_v2/tools/active_directory/bloodhound_wrapper.py +447 -0
aipt_v2/tools/active_directory/kerberos_attacks.py +430 -0
aipt_v2/tools/active_directory/ldap_enum.py +533 -0
aipt_v2/tools/active_directory/smb_attacks.py +505 -0
aipt_v2/tools/agents_graph/__init__.py +19 -0
aipt_v2/tools/agents_graph/agents_graph_actions.py +69 -0
aipt_v2/tools/api_security/__init__.py +76 -0
aipt_v2/tools/api_security/api_discovery.py +608 -0
aipt_v2/tools/api_security/graphql_scanner.py +622 -0
aipt_v2/tools/api_security/jwt_analyzer.py +577 -0
aipt_v2/tools/api_security/openapi_fuzzer.py +761 -0
aipt_v2/tools/browser/__init__.py +5 -0
aipt_v2/tools/browser/browser_actions.py +238 -0
aipt_v2/tools/browser/browser_instance.py +535 -0
aipt_v2/tools/browser/tab_manager.py +344 -0
aipt_v2/tools/cloud/__init__.py +70 -0
aipt_v2/tools/cloud/cloud_config.py +273 -0
aipt_v2/tools/cloud/cloud_scanner.py +639 -0
aipt_v2/tools/cloud/prowler_tool.py +571 -0
aipt_v2/tools/cloud/scoutsuite_tool.py +359 -0
aipt_v2/tools/executor.py +307 -0
aipt_v2/tools/parser.py +408 -0
aipt_v2/tools/proxy/__init__.py +5 -0
aipt_v2/tools/proxy/proxy_actions.py +103 -0
aipt_v2/tools/proxy/proxy_manager.py +789 -0
aipt_v2/tools/registry.py +196 -0
aipt_v2/tools/scanners/__init__.py +343 -0
aipt_v2/tools/scanners/acunetix_tool.py +712 -0
aipt_v2/tools/scanners/burp_tool.py +631 -0
aipt_v2/tools/scanners/config.py +156 -0
aipt_v2/tools/scanners/nessus_tool.py +588 -0
aipt_v2/tools/scanners/zap_tool.py +612 -0
aipt_v2/tools/terminal/__init__.py +5 -0
aipt_v2/tools/terminal/terminal_actions.py +37 -0
aipt_v2/tools/terminal/terminal_manager.py +153 -0
aipt_v2/tools/terminal/terminal_session.py +449 -0
aipt_v2/tools/tool_processing.py +108 -0
aipt_v2/utils/__init__.py +17 -0
aipt_v2/utils/logging.py +202 -0
aipt_v2/utils/model_manager.py +187 -0
aipt_v2/utils/searchers/__init__.py +269 -0
aipt_v2/verify_install.py +793 -0
aiptx-2.0.7.dist-info/METADATA +345 -0
aiptx-2.0.7.dist-info/RECORD +187 -0
aiptx-2.0.7.dist-info/WHEEL +5 -0
aiptx-2.0.7.dist-info/entry_points.txt +7 -0
aiptx-2.0.7.dist-info/licenses/LICENSE +21 -0
aiptx-2.0.7.dist-info/top_level.txt +1 -0

aipt_v2/tools/scanners/nessus_tool.py ADDED Viewed

@@ -0,0 +1,588 @@
+"""
+Nessus Vulnerability Scanner Integration for AIPTX
+Provides comprehensive vulnerability assessment through Nessus Professional/Expert API.
+Supports host-based scanning, compliance checks, and credential scanning.
+Environment Variables:
+    NESSUS_URL: Nessus server URL (default: https://localhost:8834)
+    NESSUS_ACCESS_KEY: API access key
+    NESSUS_SECRET_KEY: API secret key
+Usage:
+    from aipt_v2.tools.scanners.nessus_tool import get_nessus, nessus_scan
+    nessus = get_nessus()
+    if nessus.connect():
+        scan_id = nessus.scan_host("192.168.1.1")
+        result = nessus.wait_for_scan(scan_id)
+        vulns = nessus.get_vulnerabilities(scan_id)
+"""
+import json
+import logging
+import os
+import time
+from dataclasses import dataclass, field
+from datetime import datetime, timezone
+from enum import Enum
+from typing import Any, Callable, Dict, List, Optional
+import requests
+from requests.packages.urllib3.exceptions import InsecureRequestWarning
+# Suppress SSL warnings for self-signed certs
+requests.packages.urllib3.disable_warnings(InsecureRequestWarning)
+logger = logging.getLogger(__name__)
+# ==================== Enums ====================
+class ScanStatus(Enum):
+    """Nessus scan status."""
+    PENDING = "pending"
+    RUNNING = "running"
+    COMPLETED = "completed"
+    CANCELED = "canceled"
+    PAUSED = "paused"
+    STOPPING = "stopping"
+    FAILED = "failed"
+class Severity(Enum):
+    """Nessus severity levels (CVSS-based)."""
+    CRITICAL = 4  # CVSS >= 9.0
+    HIGH = 3      # CVSS 7.0-8.9
+    MEDIUM = 2    # CVSS 4.0-6.9
+    LOW = 1       # CVSS 0.1-3.9
+    INFO = 0      # Informational
+class ScanTemplate(Enum):
+    """Nessus scan templates."""
+    BASIC_NETWORK = "basic"
+    ADVANCED = "advanced"
+    WEB_APP = "webapp"
+    MALWARE = "malware"
+    COMPLIANCE = "compliance"
+    DISCOVERY = "discovery"
+# ==================== Data Classes ====================
+@dataclass
+class NessusConfig:
+    """Configuration for Nessus connection."""
+    base_url: str = field(default_factory=lambda: os.getenv("NESSUS_URL", "https://localhost:8834"))
+    access_key: str = field(default_factory=lambda: os.getenv("NESSUS_ACCESS_KEY", ""))
+    secret_key: str = field(default_factory=lambda: os.getenv("NESSUS_SECRET_KEY", ""))
+    verify_ssl: bool = False
+    timeout: int = 30
+@dataclass
+class ScanResult:
+    """Result of a Nessus scan."""
+    scan_id: str
+    status: str
+    progress: int = 0
+    hosts_total: int = 0
+    hosts_completed: int = 0
+    vulnerabilities_count: int = 0
+    start_time: str = ""
+    end_time: str = ""
+    error: str = ""
+@dataclass
+class Vulnerability:
+    """Nessus vulnerability finding."""
+    vuln_id: str
+    plugin_id: str
+    plugin_name: str
+    severity: int
+    severity_name: str
+    host: str
+    port: int
+    protocol: str
+    description: str = ""
+    solution: str = ""
+    cvss_score: float = 0.0
+    cvss_vector: str = ""
+    cve: List[str] = field(default_factory=list)
+    references: List[str] = field(default_factory=list)
+    plugin_output: str = ""
+# ==================== Main Tool Class ====================
+class NessusTool:
+    """
+    Nessus Vulnerability Scanner integration.
+    Provides methods for:
+    - Host/network vulnerability scanning
+    - Compliance scanning
+    - Credential-based scanning
+    - Vulnerability retrieval and export
+    """
+    def __init__(self, config: Optional[NessusConfig] = None):
+        """Initialize Nessus tool with configuration."""
+        self.config = config or NessusConfig()
+        self._session = requests.Session()
+        self._connected = False
+        self._headers = {
+            "X-ApiKeys": f"accessKey={self.config.access_key}; secretKey={self.config.secret_key}",
+            "Content-Type": "application/json",
+            "Accept": "application/json"
+        }
+        self._session.headers.update(self._headers)
+    def _request(self, method: str, endpoint: str, data: dict = None) -> dict:
+        """Make authenticated request to Nessus API."""
+        url = f"{self.config.base_url}{endpoint}"
+        try:
+            response = self._session.request(
+                method=method,
+                url=url,
+                json=data,
+                verify=self.config.verify_ssl,
+                timeout=self.config.timeout
+            )
+            response.raise_for_status()
+            return response.json() if response.text else {}
+        except requests.exceptions.RequestException as e:
+            logger.error(f"Nessus API error: {e}")
+            raise
+    # ==================== Connection ====================
+    def connect(self) -> bool:
+        """Test connection to Nessus server."""
+        try:
+            result = self._request("GET", "/server/status")
+            self._connected = result.get("status") == "ready"
+            if self._connected:
+                logger.info(f"Connected to Nessus at {self.config.base_url}")
+            return self._connected
+        except Exception as e:
+            logger.error(f"Failed to connect to Nessus: {e}")
+            self._connected = False
+            return False
+    def is_connected(self) -> bool:
+        """Check if connected to Nessus."""
+        return self._connected
+    def get_info(self) -> Dict:
+        """Get Nessus server information."""
+        try:
+            return self._request("GET", "/server/properties")
+        except Exception:
+            return {}
+    # ==================== Scan Management ====================
+    def list_scans(self, folder_id: int = None) -> List[Dict]:
+        """List all scans."""
+        endpoint = "/scans"
+        if folder_id:
+            endpoint += f"?folder_id={folder_id}"
+        result = self._request("GET", endpoint)
+        return result.get("scans", [])
+    def get_templates(self) -> List[Dict]:
+        """Get available scan templates."""
+        result = self._request("GET", "/editor/scan/templates")
+        return result.get("templates", [])
+    def create_scan(
+        self,
+        name: str,
+        targets: str,
+        template: str = "basic",
+        description: str = "",
+        credentials: dict = None
+    ) -> str:
+        """
+        Create a new scan.
+        Args:
+            name: Scan name
+            targets: Comma-separated list of targets (IPs, hostnames, ranges)
+            template: Scan template name
+            description: Scan description
+            credentials: Optional credentials for authenticated scanning
+        Returns:
+            Scan ID
+        """
+        # Get template UUID
+        templates = self.get_templates()
+        template_uuid = None
+        for t in templates:
+            if t.get("name", "").lower() == template.lower():
+                template_uuid = t.get("uuid")
+                break
+        if not template_uuid:
+            # Default to basic network scan
+            template_uuid = templates[0].get("uuid") if templates else None
+        settings = {
+            "name": name,
+            "description": description or f"AIPTX Scan - {datetime.now().isoformat()}",
+            "text_targets": targets,
+            "launch_now": False
+        }
+        data = {
+            "uuid": template_uuid,
+            "settings": settings
+        }
+        if credentials:
+            data["credentials"] = credentials
+        result = self._request("POST", "/scans", data)
+        scan_id = str(result.get("scan", {}).get("id", ""))
+        logger.info(f"Created Nessus scan: {scan_id} for {targets}")
+        return scan_id
+    def launch_scan(self, scan_id: str) -> bool:
+        """Launch an existing scan."""
+        try:
+            self._request("POST", f"/scans/{scan_id}/launch")
+            logger.info(f"Launched scan: {scan_id}")
+            return True
+        except Exception as e:
+            logger.error(f"Failed to launch scan {scan_id}: {e}")
+            return False
+    def scan_host(
+        self,
+        target: str,
+        template: str = "basic",
+        name: str = None,
+        credentials: dict = None
+    ) -> str:
+        """
+        Convenience method to create and launch a scan.
+        Args:
+            target: Target IP/hostname
+            template: Scan template
+            name: Optional scan name
+            credentials: Optional credentials
+        Returns:
+            Scan ID
+        """
+        name = name or f"AIPTX-{target}-{datetime.now().strftime('%Y%m%d%H%M%S')}"
+        scan_id = self.create_scan(name, target, template, credentials=credentials)
+        if scan_id:
+            self.launch_scan(scan_id)
+        return scan_id
+    def get_scan_status(self, scan_id: str) -> ScanResult:
+        """Get current scan status."""
+        try:
+            result = self._request("GET", f"/scans/{scan_id}")
+            info = result.get("info", {})
+            return ScanResult(
+                scan_id=scan_id,
+                status=info.get("status", "unknown"),
+                progress=info.get("scanner_progress", 0) or 0,
+                hosts_total=info.get("hostcount", 0) or 0,
+                hosts_completed=info.get("hosts_done", 0) or 0,
+                vulnerabilities_count=len(result.get("vulnerabilities", [])),
+                start_time=info.get("scan_start", ""),
+                end_time=info.get("scan_end", "")
+            )
+        except Exception as e:
+            return ScanResult(scan_id=scan_id, status="error", error=str(e))
+    def wait_for_scan(
+        self,
+        scan_id: str,
+        timeout: int = 3600,
+        poll_interval: int = 30,
+        callback: Callable[[ScanResult], None] = None
+    ) -> ScanResult:
+        """
+        Wait for scan to complete.
+        Args:
+            scan_id: Scan ID to monitor
+            timeout: Maximum wait time in seconds
+            poll_interval: Polling interval in seconds
+            callback: Optional progress callback
+        Returns:
+            Final scan result
+        """
+        start_time = time.time()
+        while time.time() - start_time < timeout:
+            result = self.get_scan_status(scan_id)
+            if callback:
+                callback(result)
+            if result.status in ["completed", "canceled", "failed"]:
+                return result
+            time.sleep(poll_interval)
+        return ScanResult(
+            scan_id=scan_id,
+            status="timeout",
+            error=f"Scan timed out after {timeout}s"
+        )
+    def stop_scan(self, scan_id: str) -> bool:
+        """Stop a running scan."""
+        try:
+            self._request("POST", f"/scans/{scan_id}/stop")
+            return True
+        except Exception:
+            return False
+    def pause_scan(self, scan_id: str) -> bool:
+        """Pause a running scan."""
+        try:
+            self._request("POST", f"/scans/{scan_id}/pause")
+            return True
+        except Exception:
+            return False
+    def resume_scan(self, scan_id: str) -> bool:
+        """Resume a paused scan."""
+        try:
+            self._request("POST", f"/scans/{scan_id}/resume")
+            return True
+        except Exception:
+            return False
+    def delete_scan(self, scan_id: str) -> bool:
+        """Delete a scan."""
+        try:
+            self._request("DELETE", f"/scans/{scan_id}")
+            return True
+        except Exception:
+            return False
+    # ==================== Vulnerability Management ====================
+    def get_vulnerabilities(self, scan_id: str, severity: int = None) -> List[Vulnerability]:
+        """
+        Get vulnerabilities from a scan.
+        Args:
+            scan_id: Scan ID
+            severity: Optional minimum severity filter (0-4)
+        Returns:
+            List of Vulnerability objects
+        """
+        try:
+            result = self._request("GET", f"/scans/{scan_id}")
+            vulns = []
+            for host in result.get("hosts", []):
+                host_id = host.get("host_id")
+                hostname = host.get("hostname", "unknown")
+                # Get host vulnerabilities
+                host_result = self._request("GET", f"/scans/{scan_id}/hosts/{host_id}")
+                for vuln in host_result.get("vulnerabilities", []):
+                    sev = vuln.get("severity", 0)
+                    if severity is not None and sev < severity:
+                        continue
+                    plugin_id = vuln.get("plugin_id")
+                    # Get plugin details
+                    try:
+                        plugin_result = self._request(
+                            "GET",
+                            f"/scans/{scan_id}/hosts/{host_id}/plugins/{plugin_id}"
+                        )
+                        plugin_info = plugin_result.get("info", {}).get("plugindescription", {})
+                        plugin_attrs = plugin_info.get("pluginattributes", {})
+                    except Exception:
+                        plugin_info = {}
+                        plugin_attrs = {}
+                    vulns.append(Vulnerability(
+                        vuln_id=f"{scan_id}-{host_id}-{plugin_id}",
+                        plugin_id=str(plugin_id),
+                        plugin_name=vuln.get("plugin_name", "Unknown"),
+                        severity=sev,
+                        severity_name=self._severity_name(sev),
+                        host=hostname,
+                        port=vuln.get("port", 0),
+                        protocol=vuln.get("protocol", "tcp"),
+                        description=plugin_attrs.get("description", ""),
+                        solution=plugin_attrs.get("solution", ""),
+                        cvss_score=float(plugin_attrs.get("cvss_base_score", 0) or 0),
+                        cvss_vector=plugin_attrs.get("cvss_vector", ""),
+                        cve=plugin_attrs.get("cve", []) or [],
+                        references=plugin_attrs.get("see_also", []) or [],
+                        plugin_output=plugin_result.get("outputs", [{}])[0].get("plugin_output", "") if plugin_result.get("outputs") else ""
+                    ))
+            return vulns
+        except Exception as e:
+            logger.error(f"Failed to get vulnerabilities: {e}")
+            return []
+    def _severity_name(self, severity: int) -> str:
+        """Convert severity int to name."""
+        names = {4: "critical", 3: "high", 2: "medium", 1: "low", 0: "info"}
+        return names.get(severity, "info")
+    # ==================== AIPTX Integration ====================
+    def to_finding(self, vuln: Vulnerability) -> Dict:
+        """Convert Nessus vulnerability to AIPTX finding format."""
+        return {
+            "type": "vulnerability",
+            "value": vuln.plugin_name,
+            "description": vuln.description or vuln.plugin_name,
+            "severity": vuln.severity_name,
+            "phase": "scan",
+            "tool": "nessus",
+            "target": f"{vuln.host}:{vuln.port}",
+            "metadata": {
+                "plugin_id": vuln.plugin_id,
+                "cvss_score": vuln.cvss_score,
+                "cve": vuln.cve,
+                "protocol": vuln.protocol,
+                "solution": vuln.solution
+            },
+            "timestamp": datetime.now(timezone.utc).isoformat()
+        }
+    def export_findings(self, scan_id: str, output_path: str = None) -> List[Dict]:
+        """
+        Export scan findings in AIPTX format.
+        Args:
+            scan_id: Scan ID
+            output_path: Optional file path to save JSON
+        Returns:
+            List of AIPTX findings
+        """
+        vulns = self.get_vulnerabilities(scan_id)
+        findings = [self.to_finding(v) for v in vulns]
+        if output_path:
+            with open(output_path, "w") as f:
+                json.dump(findings, f, indent=2)
+        return findings
+# ==================== Global Instance & Helper Functions ====================
+_nessus: Optional[NessusTool] = None
+def get_nessus(config: Optional[NessusConfig] = None) -> NessusTool:
+    """Get or create global Nessus instance."""
+    global _nessus
+    if _nessus is None or config is not None:
+        _nessus = NessusTool(config)
+    return _nessus
+def nessus_scan(target: str, template: str = "basic") -> ScanResult:
+    """Quick scan a target."""
+    nessus = get_nessus()
+    if not nessus.connect():
+        return ScanResult(scan_id="", status="error", error="Connection failed")
+    scan_id = nessus.scan_host(target, template)
+    return nessus.get_scan_status(scan_id)
+def nessus_status(scan_id: str) -> ScanResult:
+    """Get scan status."""
+    return get_nessus().get_scan_status(scan_id)
+def nessus_vulns(scan_id: str = None, severity: str = None) -> List[Dict]:
+    """Get vulnerabilities in AIPTX format."""
+    nessus = get_nessus()
+    sev_map = {"critical": 4, "high": 3, "medium": 2, "low": 1, "info": 0}
+    sev_int = sev_map.get(severity.lower()) if severity else None
+    if scan_id:
+        vulns = nessus.get_vulnerabilities(scan_id, sev_int)
+    else:
+        # Get from most recent scan
+        scans = nessus.list_scans()
+        if scans:
+            scan_id = str(scans[0].get("id"))
+            vulns = nessus.get_vulnerabilities(scan_id, sev_int)
+        else:
+            vulns = []
+    return [nessus.to_finding(v) for v in vulns]
+def nessus_summary() -> Dict:
+    """Get Nessus scanner summary."""
+    nessus = get_nessus()
+    if not nessus.connect():
+        return {"connected": False, "error": "Connection failed"}
+    info = nessus.get_info()
+    scans = nessus.list_scans()
+    return {
+        "connected": True,
+        "url": nessus.config.base_url,
+        "version": info.get("nessus_ui_version", "unknown"),
+        "scans_count": len(scans)
+    }
+# ==================== CLI Testing ====================
+if __name__ == "__main__":
+    import sys
+    print("Nessus Integration Test")
+    print("=" * 50)
+    nessus = get_nessus()
+    if nessus.connect():
+        print(f"✓ Connected to Nessus at {nessus.config.base_url}")
+        info = nessus.get_info()
+        print(f"  Version: {info.get('nessus_ui_version', 'unknown')}")
+        scans = nessus.list_scans()
+        print(f"  Scans: {len(scans)}")
+        if len(sys.argv) > 1:
+            target = sys.argv[1]
+            print(f"\nScanning {target}...")
+            scan_id = nessus.scan_host(target)
+            print(f"  Scan ID: {scan_id}")
+            result = nessus.wait_for_scan(scan_id, timeout=1800)
+            print(f"  Status: {result.status}")
+            vulns = nessus.get_vulnerabilities(scan_id)
+            print(f"  Vulnerabilities: {len(vulns)}")
+    else:
+        print("✗ Failed to connect to Nessus")
+        print("  Set NESSUS_URL, NESSUS_ACCESS_KEY, NESSUS_SECRET_KEY")