Home · packetchaos/navi Wiki · GitHub
Skip to content
Casey Reid edited this page Jul 17, 2021 · 17 revisions

navi - The Tenable.io Swiss Army Knife

A command-line tool which leverages the Tenable.io API to automate common tasks in Cyber Exposure or Vulnerability Management.

*** This tool is not an officially supported Tenable project ***

*** Use of this tool is subject to the terms and conditions identified in the open source license agreement,
 and is not subject to any license agreement you may have with Tenable ***

Tenable.io has a 5000 record limit so navi utilizes the Export APIs, and all data is stored in a local SQLite DB in the directory where navi is run.

With over 100 commands, navi can be used to automate and enrich VM and Asset data to provide more accurate reporting or help support more advanced use-cases.

Broad use-cases for navi

  • Automation - Use simple commands to automate common tasks

    • Scanning from the command-line
    • Remediation scanning - Single plugin/Vuln
    • Changing ACR values using Tags
    • Tagging assets based on plugin detections
    • Scheduling CSV Exports
    • Disable/Enable users
  • Exploring Vulnerability and Asset data

    • Search for open ports
    • Search for CVEs
    • Search for plugins that fired
    • Search for compliance results
    • Find Docker containers or unknown webapps
  • Enhancing Tenable.io Data

    • Tag assets for better reporting
    • Adjust ACR values for more accurate risk in Lumin
    • Tag Agent Groups for better reporting
    • Migrate AWS tags to Tenable.io for Business Unit Reporting
Clone this wiki locally