Bilbo is a PHP-based interface for conducting scans via Nessus security scanner.
It is important to modify the entries in selected run-nessus.sh/run-nessus-1.sh to reflect your setup, ensuring that the webserverurl is set to the same as in setup.inc.php. You will also need to create the log file and make sure it is writable by the user which your web server runs as (usually httpd or apache). To do this, type “touch /var/log/php-nessus.log” and “chown apache.apache /var/log/php-nessus.log” respectively.
To ensure that the web server has full access to all files in the Bilbo installation folder, you need to type “chown apache.apache -R /var/www/html/bilbo”. Lastly, you will need to copy an existing .nessusrc file to the location specified in run-nessus.sh and make sure it is named accordingly to your definitions. Ensure that the web server has read access to this file by using the command “chown apache.apache /etc/nessusrc”.
Bilbo offers several great features, including allowing scanning of a given target(s) with Nessus, storing reports on a web server, and optionally emailing all non-HTML reports to the specified email address. However, it cannot email HTML reports, and error checking could be better.
This new version of Bilbo has implemented some changes, including the removal of IP verification tests to allow hostname/ip entries for scanning object and added support for Nessus v2.0.x. With these added features, Bilbo is a great tool to use when scanning system security using Nessus.
Version 0.2: N/A