v0.8.0

Summary

Added

CLI

NFR CLI got new scan option --plugin-publication-date / -plpd. Read more about plugin publication date feature in NFR documentation.

• Usage: --plugin-publication-date <format> <group> where

  • format is one of: table, bar, line, heatmap
  • group is one of: day, month, year

• Use it with filter option --filter / -f to narrow down the results, e.g.:

  • -f "[?risk_factor != 'None']" to include only plugins with risk factor other than None
  • -f "[?severity > '2']" to include only plugins with severity higher then Medium (0 - Informational, 1 - Low, 2 - Medium, 3 - High, 4 - Critical)
  • -f "[?plugin_type == 'local']" to include only local plugins
  • -f "[?plugin_id == '19506']" to include only plugin with ID 19506

• Requirements update

  • new:
    • plotext>=5.3.2

• Other command options have been shortened with aliases:

  • file command:
    • --size -> -si
    • --structure -> -st
    • --split -> -sp
  • scan command:
    • --scan-summary -> --scs
    • --scan-summary-legend -> --scsl
    • --scan-file-source -> --scfs
    • --plugin-severity -> --pls
    • --plugin-severity-legend -> --plsl
    • --policy-summary -> --pos

Changed

• tests for python
  • added: 3.14

v0.7.2

What's Changed

• number_of_scanned_hosts_with_credentialed_checks_yes fix by @damian-krawczyk in #20

Fixed

• Fixed calculation in scan function number_of_scanned_hosts_with_credentialed_checks_yes:
  • Previously:
    • If there were no results for plugin 19506 for all scanned hosts, the returned value was None. This caused issues (unsupported operand type(s) for +=: 'NoneType' and 'int') when results for plugin 19506 were missing for only some hosts.
  • Now:
    • If there are no results for plugin 19506 for all scanned hosts, the returned value will be 0.

Full Changelog: v0.7.1...v0.7.2

v0.7.1

What's Changed

• v0.7.1 by @damian-krawczyk in #18

Added

• Requirements update
  • new:
    • packaging>=25.0

Full Changelog: v0.7.0...v0.7.1

v0.7.0

What's Changed

• v0.7.0 by @damian-krawczyk in #17

Added

CLI

• New option:

  • nfr --update-check / nfr -u - will return confirmation if you are using the latest version of NFR.

• Requirements update

  • new:
    • requests>=2.32.5

Full Changelog: v0.6.0...v0.7.0

Release v0.6.0

What's Changed

• v0.6.0 by @damian-krawczyk in #16

Added

CLI

New options for nfr scan command:

• --plugin-severity - to list for every detected plugin: Severity, Risk Factor, CVSSv2, CVSSv3, CVSSv4, VPR, EPSS.
• --plugin-severity-legend - description for all columns returned by --plugin-severity.
• --filter -f - possibility to filter data returned by --plugin-severity to specific values. Read about JMESPath.

Module

New functions for plugins:

• severity_number_to_label(severity_number) - Convert a numeric severity level to its corresponding string label.
• cvssv2_score_to_severity(cvss_score) - Convert a CVSS v2 base score to its corresponding severity label.
• cvssv3_score_to_severity(cvss_score) - Convert a CVSS v3 base score to its corresponding severity label.
• cvssv4_score_to_severity(cvss_score) - Convert a CVSS v4 base score to its corresponding severity label.
• vpr_score_to_severity(vpr_score) - Convert a VPR (Vulnerability Priority Rating) score to its corresponding severity label.
• epss_score_decimal_to_percent(epss_score) - Convert an EPSS (Exploit Prediction Scoring System) score from decimal format to a percentage string.

Changed

• requirements update

  • from:
    • click>=8.1.8
  • to:
    • click>=8.2.1
    • jmespath>=1.0.1

• tests for python

  • removed: 3.8, 3.9 due to click 8.2.0 requirements.

Full Changelog: v0.5.0...v0.6.0

Release v0.5.0

What's Changed

• v0.5.0 by @damian-krawczyk in #15

Added

• Splitting the file with Nessus scan results into smaller files.

Full Changelog: v0.4.3...v0.5.0

Release v0.4.3

What's Changed

• Develop by @damian-krawczyk in #14

Changed

• code formatted with black

• requirements update

  • from:
    • click>=8.1.3
    • tabulate>=0.8.9
  • to:
    • click>=8.1.8
    • tabulate>=0.9.0

• tests for python

  • added: 3.10, 3.11, 3.12, 3.13
  • removed: 3.7

Full Changelog: v0.4.2...v0.4.3

Release v0.4.2

What's Changed

• version 0.4.2 by @damian-krawczyk in #10

Changed

• README.md updated with example nfr commadline usage.
• nfr scan --scan-summary has simplified column names, to save space on the screen:
  • nessus_scan_file -> File name
  • report_name -> Report name
  • number_of_target_hosts -> TH
  • number_of_scanned_hosts -> SH
  • number_of_scanned_hosts_with_credentialed_checks_yes -> CC
• nfr scan --scan-summary has 5 new columns
  • C, H, M, L, N, accordingly number of plugins with Critical, High, Medium, Low and None risk factor for whole scan
• nfr scan --scan-summary-legend command to see columns description
• nfr scan --policy-name option changed to --policy-summary
• nfr scan --policy-summary informs about Policy name and settings like Max hosts, Max checks, Check timeout,
  Plugins number used during the scan.
• nfr scan --source-of-file option changed to --scan-file-source

Fixed

• detected_os() function in host.py handles situation if there is no Operating System detected
  (reported by ricardosupo in issue
  #8).
• nfr CLI handles FileNotFoundError when you give nessus files or directory which doesn't exist.

Full Changelog: v0.4.1...v0.4.2

Release v0.4.1

What's Changed

• v0.4.1 by @damian-krawczyk in #6
• publish pipeline fixed by @damian-krawczyk in #7

Fixed

• requirements installation fixed

Full Changelog: v0.4.0...v0.4.1

Release v0.4.0

What's Changed

• v0.4.0 by @damian-krawczyk in #5

Added

• commandline interface - from now on this package will provide you possibility to run nfr in commandline. After installation type nfr or nfr --help to find out more.
• Tenable.io files support - initial support to pars nessus files coming from Tenable.io

Full Changelog: v0.3.0...v0.4.0