[go: up one dir, main page]
Scribd
Upload
8 views7 pages

Lab Exercise - Module 3 - API Basics

Uploaded by

mohamedjaralla9
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
8 views7 pages

Lab Exercise - Module 3 - API Basics

Uploaded by

mohamedjaralla9
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 7

rev 121324

Lab Exercise 3: API Basics


At the end of this exercise, you will be able to:
● Set up a development environment
● Install pyTenable
● Connect to Tenable Vulnerability Management
● List available scanners

If you complete the advanced topics, you will be able to:


● Generate a list of scanners with your name
● Generate a list of online scanners
● Assign a scanner name to a variable
● Create a function to login to Tenable Vulnerability Management using the API

Note: Throughout this lab, when encountering <enter>, utilize the Enter or Return key on the keyboard.
Similarly, when encountering <access key> or <secret key>, employ the ones generated in this
exercise.

TOTAL ESTIMATED LAB TIME: 20:00 MINUTES

Part 1 - Create Development Environment


In this section, create a development environment in Python.

Part 1: Task 1 - Install Python 3.8.


Install Python 3.8. Note: pyTenable requires this version in order to operate correctly.

Step-by-step Instructions:
1. Connect to Tenable Core + Nessus using the URL and credentials provided.

2. Click Terminal.

3. Type sudo dnf install python3.8 then press <enter>.

a. Enter the admin password when prompted.

4. Type y and then press <enter> if prompted.

5. Wait for the installation to complete (if not already installed).

Challenge Questions:
1. Were there any dependencies that needed to be resolved?

2. Are there any other versions of Python 3 installed? (Hint: Type python3 --version)

COPYRIGHT 2024 TENABLE, INC. ALL RIGHTS RESERVED. TENABLE, NESSUS, LUMIN, ASSURE, AND THE TENABLE LOGO ARE REGISTERED TRADEMARKS OF TENABLE, INC. OR
ITS AFFILIATES. ALL OTHER PRODUCTS OR SERVICES ARE TRADEMARKS OF THEIR RESPECTIVE OWNERS.
1
Part 1: Task 2 - Create Development Environment
Create a Python 3.8 development environment in api-labs.

Step-by-step Instructions:
1. Connect to Tenable Core + Nessus using the URL and credentials provided.

2. Click Terminal.

3. Type python3.8 -m venv api-labs and then press <enter>.

4. Type source api-labs/bin/activate and then press <enter>.

Challenge Questions:
1. Type pwd. In what directory was the development environment created?

2. Type ls -al. What directory was created in this section?

Part 1: Task 3 - Upgrade PIP and Install pyTenable


Upgrade pip to the current version of the development environment and install pyTenable.

Note: This task assumes the virtual environment has been activated from the previous task.

Step-by-step Instructions:
1. At the (api-labs) prompt, type sudo python3.8 -m pip install --upgrade pip and then
press <enter>.

a. Note: Ignore the message about a newer version of pip.

2. Wait for the installation to finish.

3. Still in the virtual environment, type sudo python3.8 -m pip install pytenable and then
press <enter>.

4. Wait for the installation to finish.

Challenge Questions:
1. Was there an upgrade to pip?

2. When pyTenable was installed, did it install other packages?

COPYRIGHT 2024 TENABLE, INC. ALL RIGHTS RESERVED. TENABLE, NESSUS, LUMIN, ASSURE, AND THE TENABLE LOGO ARE REGISTERED TRADEMARKS OF TENABLE, INC. OR
ITS AFFILIATES. ALL OTHER PRODUCTS OR SERVICES ARE TRADEMARKS OF THEIR RESPECTIVE OWNERS.
2
Part 2 - Connect to Tenable Vulnerability Management
In this exercise, generate a set of API keys and connect to Tenable Vulnerability Management.

Part 2: Task 1 - Generate Set of API Keys


Generate a set of API keys.

Step-by-step Instructions:
1. Sign in to cloud.tenable.com using the credentials provided via email.

2. Select Vulnerability Management from the Workspace page, if applicable.

3. Click the Account icon (your initials) located in the top-right corner of the page. Then, select My
Profile.

4. Click API Keys (on the left).

5. Click Generate, then Continue.

6. Copy the Access Key value and Secret Key value, and paste them into a Notepad program.

a. Note: Once this window is left, the ability to retrieve these keys will be lost, necessitating
the generation of a new set.

Challenge Questions:
1. Are the API keys the same as the username and password that were used to log in?

2. If the API keys are lost, what is the action needed to recover them?

Part 2: Task 2 - Connect to Tenable Vulnerability Management using Python and the API
Keys
Use the API keys to connect to Tenable Vulnerability Management.

Step-by-step Instructions:
3. Connect to Tenable Core + Nessus using the URL and credentials provided.

4. Click Terminal.

a. If the terminal has been exited, restarting the virtual environment will be necessary. Type
source api-labs/bin/activate and then press <enter>.

5. Type sudo su - and then press <enter>.

a. Type the admin password when prompted.

6. Type python3.8 and then press <enter>.

a. Note: This change should modify the prompt to resemble this: >>>

7. Type from tenable.io import TenableIO and then press <enter>.

8. Type tio=TenableIO('<access key>', '<secret key>') and then press <enter>.

a. <access key> and <secret key> are the values you saved from Part 2, Task 2, Step 6.
COPYRIGHT 2024 TENABLE, INC. ALL RIGHTS RESERVED. TENABLE, NESSUS, LUMIN, ASSURE, AND THE TENABLE LOGO ARE REGISTERED TRADEMARKS OF TENABLE, INC. OR
ITS AFFILIATES. ALL OTHER PRODUCTS OR SERVICES ARE TRADEMARKS OF THEIR RESPECTIVE OWNERS.
3
Be sure to use single quotes around each key, and a comma in between, as shown above.

9. Type user=tio.session.details() and then press <enter>.

10. Type print(user['username']) and then press <enter>.

a. Note: At this point in the lab, it is important to leave the terminal session open for the
duration of the lab. Exiting the terminal session necessitates restarting the virtual
environment, re-importing TenableIO, and reconnecting with the API keys. If so, repeat
Steps 2-7 above.

Challenge Questions:
1. What output was displayed after issuing the command in Step 9?

2. Type print(user) and then press <enter>. Which command reveals the email address
associated with this account?

Part 3 - Locate the Scanner


In this exercise, identify the scanner.

Part 3: Task 1 - List Scanners


Generate a list of scanners.

Step-by-step Instructions:
1. Type for scanner in tio.scanners.list(): and then press <enter>.

2. Press <tab> then type print(scanner) and then, press <enter> twice.

a. Note the field names.

3. Type for scanner in tio.scanners.list(): and press <enter>.

4. Press <tab> then type print(scanner['name']) and then, press <enter> twice.

5. Locate the scanner with your name that does NOT have AWS in the name, and copy the name to
Notepad or any text editor.

Challenge Questions:
1. How many scanners are associated with your name?

2. What command should be issued to display the status of each scanner?

Optional Advanced Problems


This section is optional and can be completed during any free time you have while taking this course.
Refer to Tenable's online documentation for pyTenable at https://pytenable.readthedocs.io/en/stable/.

TOTAL ESTIMATED OPTIONAL EXERCISE TIME: 35:00 MINUTES

Task 1 - Generate a List of Scanners with Your Name


Generate a list of scanners with just your name.

COPYRIGHT 2024 TENABLE, INC. ALL RIGHTS RESERVED. TENABLE, NESSUS, LUMIN, ASSURE, AND THE TENABLE LOGO ARE REGISTERED TRADEMARKS OF TENABLE, INC. OR
ITS AFFILIATES. ALL OTHER PRODUCTS OR SERVICES ARE TRADEMARKS OF THEIR RESPECTIVE OWNERS.
4
Task 2 - Generate a List of Online Scanners
Generate a list of scanners that are currently online.

Task 3 - Save Your Scanner Name to the Variable Myscanner


Save your non-AWS scanner to a variable.

Task 4 - Create a Python Function and Script to Login to Tenable Vulnerability


Management
It can be helpful to have a function to sign in to Tenable Vulnerability Management. Create a script that
has a function to sign in to Tenable Vulnerability Management using your access key and secret key.

End of Exercises

COPYRIGHT 2024 TENABLE, INC. ALL RIGHTS RESERVED. TENABLE, NESSUS, LUMIN, ASSURE, AND THE TENABLE LOGO ARE REGISTERED TRADEMARKS OF TENABLE, INC. OR
ITS AFFILIATES. ALL OTHER PRODUCTS OR SERVICES ARE TRADEMARKS OF THEIR RESPECTIVE OWNERS.
5
Answer Key

Part 1: Task 1
1. Were there any dependencies that needed to be resolved?
● No.
2. Are there any other versions of python3 installed?
● Yes, version 3.6.x This version comes pre-installed with Tenable Core.

Part 1: Task 2
1. Type pwd. In what directory was the development environment created?
● /home/admin
2. Type ls -al. What directory was created in this section?
● api-labs

Part 1: Task 3
1. Was there an upgrade to pip?
● Yes.
2. When pyTenable was installed, did it install other packages?
● Yes.

Part 2: Task 1
1. Are the API keys the same as the username and password that were used to log in?
● No.
2. If the API keys are lost, what is the action needed to recover them?
● Generate a new set of API keys.

Part 2: Task 2
1. What output was displayed after issuing the command in Step 7?
● Your Tenable Vulnerability Management login ID.
2. Type print(user) and press <enter>. Which command reveals the email address associated
with this account?
● print(user['email'])

Part 3: Task 1
1. How many scanners are associated with your name?
● 2. Note: This could be 1, if the AWS scanner was removed from the lab.
2. What command should be issued to display the status of each scanner?
● for scanner in tio.scanners.list():
print (scanner['name'] +" - " +scanner['status'])

Advanced Problems: Task 1


Generate a list of scanners with just your name.
● for scanner in tio.scanners.list():
if '<Your last name>' in scanner['name']:
print(scanner['name'])

Example: if your last name is Smith, it should be:

for scanner in tio.scanners.list():


if 'Smith' in scanner['name']:
print(scanner['name'])

COPYRIGHT 2024 TENABLE, INC. ALL RIGHTS RESERVED. TENABLE, NESSUS, LUMIN, ASSURE, AND THE TENABLE LOGO ARE REGISTERED TRADEMARKS OF TENABLE, INC. OR
ITS AFFILIATES. ALL OTHER PRODUCTS OR SERVICES ARE TRADEMARKS OF THEIR RESPECTIVE OWNERS.
6
Advanced Problems: Task 2
Generate a list of scanners that are currently online.
● for scanner in tio.scanners.list():
if "on" in scanner['status']:
print(scanner['name'])

Advanced Problems: Task 3


Save your non-AWS scanner to a variable.
● for scanner in tio.scanners.list():
if "<Your Last name>" in scanner['name']:
if "AWS" in scanner['name']:
awsscanner=scanner['name']
else:
myscanner=scanner['name']

Advanced Problems: Task 4


It can be helpful to have a function to sign in to Tenable Vulnerability Management. Create a script that
has a function to sign in to Tenable Vulnerability Management using your access key and secret key.
● !/usr/bin/python3.8
from tenable.io import TenableIO
def signon(a,s):
tio=TenableIO(a,s)

access="<access key>"
secret="<secret key>"
signon(access,secret)

COPYRIGHT 2024 TENABLE, INC. ALL RIGHTS RESERVED. TENABLE, NESSUS, LUMIN, ASSURE, AND THE TENABLE LOGO ARE REGISTERED TRADEMARKS OF TENABLE, INC. OR
ITS AFFILIATES. ALL OTHER PRODUCTS OR SERVICES ARE TRADEMARKS OF THEIR RESPECTIVE OWNERS.
7

You might also like