diff --git a/lists/tenable-cloud-ipv4/list.json b/lists/tenable-cloud-ipv4/list.json new file mode 100644 index 0000000..a3f33f5 --- /dev/null +++ b/lists/tenable-cloud-ipv4/list.json @@ -0,0 +1,51 @@ +{ + "description": "Tenable IPv4 Cloud Sensors addresses used for scanning Internet-facing infrastructure", + "list": [ + "13.115.104.128/25", + "13.210.1.64/26", + "13.213.79.0/24", + "13.56.21.128/25", + "13.59.250.76/32", + "13.59.252.0/25", + "15.228.125.0/24", + "162.159.129.83/32", + "162.159.130.83/32", + "18.116.198.0/24", + "18.139.204.0/25", + "18.168.180.128/25", + "18.168.224.128/25", + "18.194.95.64/26", + "3.101.175.0/25", + "3.106.118.128/25", + "3.108.37.0/24", + "3.124.123.128/25", + "3.132.217.0/25", + "3.251.224.0/24", + "3.26.100.0/24", + "3.67.7.128/25", + "3.9.159.128/25", + "3.98.92.0/25", + "34.201.223.128/25", + "34.223.64.0/25", + "35.177.219.0/26", + "35.182.14.64/26", + "35.73.219.128/25", + "35.82.51.128/25", + "35.86.126.0/24", + "44.192.244.0/24", + "44.206.3.0/24", + "44.242.181.128/25", + "54.175.125.192/26", + "54.219.188.128/26", + "54.255.254.0/26", + "54.93.254.128/26" + ], + "matching_attributes": [ + "ip-src", + "ip-dst", + "domain|ip" + ], + "name": "List of known Tenable Cloud Sensors IPv4", + "type": "cidr", + "version": 20221005 +} diff --git a/lists/tenable-cloud-ipv6/list.json b/lists/tenable-cloud-ipv6/list.json new file mode 100644 index 0000000..13cddf4 --- /dev/null +++ b/lists/tenable-cloud-ipv6/list.json @@ -0,0 +1,28 @@ +{ + "description": "Tenable IPv4 Cloud Sensors addresses used for scanning Internet-facing infrastructure", + "list": [ + "2406:da14:e76:5b00::/56", + "2406:da18:844:7100::/56", + "2406:da1a:5b2:8500::/56", + "2406:da1c:20f:2f00::/56", + "2600:1f11:622:3000::/56", + "2600:1f14:141:7b00::/56", + "2600:1f16:8ca:e900::/56", + "2600:1f18:614c:8000::/56", + "2600:1f1c:13e:9e00::/56", + "2600:1f1e:9a:ba00::/56", + "2606:4700:7::a29f:8153/128", + "2606:4700:7::a29f:8253/128", + "2a05:d014:532:b00::/56", + "2a05:d018:f53:4100::/56", + "2a05:d01c:da5:e800::/56" + ], + "matching_attributes": [ + "ip-src", + "ip-dst", + "domain|ip" + ], + "name": "List of known Tenable Cloud Sensors IPv6", + "type": "cidr", + "version": 20221005 +} diff --git a/tools/generate-tenable.py b/tools/generate-tenable.py new file mode 100644 index 0000000..07dbd87 --- /dev/null +++ b/tools/generate-tenable.py @@ -0,0 +1,54 @@ +#!/usr/bin/env python3 +# -*- coding: utf-8 -*- + +import json + +from generator import download, download_to_file, get_version, write_to_file, get_abspath_source_file, consolidate_networks + +def process(file, dst, name: str, description: str, prefixlist: str, prefixitem: str): + warninglist = { + 'name': name, + 'version': get_version(), + 'description': description, + 'matching_attributes': ["ip-src", "ip-dst", "domain|ip"], + 'type': 'cidr' + } + + with open(get_abspath_source_file(file), 'r') as json_file: + tenable_ip_list = json.load(json_file) + + values = [] + for value in tenable_ip_list[prefixlist]: + values.append(value[prefixitem]) + + warninglist['list'] = consolidate_networks(values) + + write_to_file(warninglist, dst) + + +if __name__ == '__main__': + TYPES = [ + { + "name": "List of known Tenable Cloud Sensors IPv4", + "description": "Tenable IPv4 Cloud Sensor addresses used for scanning Internet-facing infrastructure", + "url": "https://docs.tenable.com/ip-ranges/data.json", + "file": "tenable-cloud.json", + "destination_folder": "tenable-cloud-ipv4", + "prefixlist": "prefixes", + "prefixitem": "ip_prefix", + }, + { + "name": "List of known Tenable Cloud Sensors IPv6", + "description": "Tenable IPv6 Cloud Sensor addresses used for scanning Internet-facing infrastructure", + "url": "https://docs.tenable.com/ip-ranges/data.json", + "file": "tenable-cloud.json", + "destination_folder": "tenable-cloud-ipv6", + "prefixlist": "ipv6_prefixes", + "prefixitem": "ipv6_prefix", + } + ] + + for type in TYPES: + tenable_json_url = type["url"] + download_to_file(tenable_json_url, type["file"]) + process(type["file"], type["destination_folder"], type["name"], type["description"], type["prefixlist"], type["prefixitem"])