Net::SecurityCenter::REST - Perl interface to Tenable.sc (SecurityCenter) REST API
use Net::SecurityCenter::REST; my $sc = Net::SecurityCenter::REST('sc.example.org'); if (! $sc->login('secman', 'password')) { die $sc->error; } my $running_scans = $sc->get('/scanResult', { filter => 'running' }); $sc->logout();
This module provides Perl scripts easy way to interface the REST API of Tenable.sc (SecurityCenter).
For more information about the Tenable.sc (SecurityCenter) REST API follow the online documentation:
https://docs.tenable.com/sccv/api/index.html
Create a new instance of Net::SecurityCenter::REST.
Params:
timeout : Request timeout in seconds (default is 180) If a socket open, read or write takes longer than the timeout, an exception is thrown.
timeout
ssl_options : A hashref of SSL_* options to pass through to IO::Socket::SSL.
ssl_options
SSL_*
logger : A logger instance (eg. Log::Log4perl, Log::Any or Mojo::Log) for log the REST request and response messages.
logger
scheme : URI scheme (default: HTTPS).
scheme
You can use configure SSL client certificate authentication for Tenable.sc user account authentication using IO::Socket::SSL SSL_* options in ssl_options param.
Example 1: User certificate + Private Key
my $sc = Net::SecurityCenter::REST( $sc_server, { ssl_options => { SSL_cert_file => '/path/ssl.cer', # Client Certificate SSL_key_file => '/path/priv.key', # Private Key } } );
Example 2: User certificate + Private Key + Password
my $sc = Net::SecurityCenter::REST( $sc_server, { ssl_options => { SSL_cert_file => '/path/ssl.cer', # Client Certificate SSL_key_file => '/path/priv.key', # Private Key SSL_passwd_cb => sub { 'secret' } # Key secret } } );
Example 3: PKCS#12
my $sc = Net::SecurityCenter::REST( $sc_server, { ssl_options => { SSL_cert_file => '/path/ssl.p12', # PKCS#12 file } } );
From IO::Socket::SSL man:
SSL_cert_file | SSL_cert | SSL_key_file | SSL_key
The certificate can be given as a file with SSL_cert_file or as an internal representation of an X509* object (like you get from Net::SSLeay or IO::Socket::SSL::Utils::PEM_xxx2cert) with SSL_cert. If given as a file it will automatically detect the format. Supported file formats are PEM, DER and PKCS#12, where PEM and PKCS#12 can contain the certificate and the chain to use, while DER can only contain a single certificate.
SSL_cert_file
SSL_cert
For each certificate a key is need, which can either be given as a file with SSL_key_file or as an internal representation of an EVP_PKEY* object with SSL_key (like you get from Net::SSLeay or IO::Socket::SSL::Utils::PEM_xxx2key). If a key was already given within the PKCS#12 file specified by SSL_cert_file it will ignore any SSL_key or SSL_key_file. If no SSL_key or SSL_key_file was given it will try to use the PEM file given with SSL_cert_file again, maybe it contains the key too.
SSL_key_file
SSL_key
SSL_passwd_cb
If your private key is encrypted, you might not want the default password prompt from Net::SSLeay. This option takes a reference to a subroutine that should return the password required to decrypt your private key.
Execute a request to Tenable.sc REST API. These methods are shorthand for calling request() for the given method.
request()
my $nessus_scan = $sc->post('/scanResult/1337/download', { 'downloadType' => 'v2' });
Execute a HTTP request of the given method type ('GET', 'POST', 'PUT', 'DELETE', ''PATCH') to Tenable.sc REST API.
Login into Tenable.sc using username/password or API Key.
$sc->login( $username, $password ): $sc->login( username => ..., password => ... );
Since Tenable.SC 5.13 it's possibile to use API Key authentication using access_key and secret_key:
access_key
secret_key
$sc->login( access_key => ..., secret_key => ... );
More information about API Key authentication:
Enable API Key Authentication - https://docs.tenable.com/tenablesc/Content/EnableAPIKeys.htm
Generate API Keys - https://docs.tenable.com/tenablesc/Content/GenerateAPIKey.htm
Logout from Tenable.sc.
Upload a file into Tenable.sc.
Catch the Tenable.sc errors and return Net::SecurityCenter::Error class.
Please report any bugs or feature requests through the issue tracker at https://github.com/giterlizzi/perl-Net-SecurityCenter/issues. You will be notified automatically of any progress on your issue.
This is open source software. The code repository is available for public review and contribution under the terms of the license.
https://github.com/giterlizzi/perl-Net-SecurityCenter
git clone https://github.com/giterlizzi/perl-Net-SecurityCenter.git
Giuseppe Di Terlizzi <gdt@cpan.org>
This software is copyright (c) 2018-2023 by Giuseppe Di Terlizzi.
This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.
To install Net::SecurityCenter, copy and paste the appropriate command in to your terminal.
cpanm
cpanm Net::SecurityCenter
CPAN shell
perl -MCPAN -e shell install Net::SecurityCenter
For more information on module installation, please visit the detailed CPAN module installation guide.