Bilbo 0.2 review

by on

Bilbo is a PHP frontend to run scans using the security scanner Nessus

License: GPL (GNU General Public License)
File size: 13K
Developer: Thomas Nilsen
0 stars award from

Bilbo is a PHP frontend to run scans using the security scanner Nessus.

Installation instructions:
1) Download bilbo-x.y.tgz and do:

tar -zxvf bilbo-x.y.tgz

This will create the following files in the current directory.


2) Modify entries in to reflect your setup.
Make sure you pick the right script variable. Use for Nessus 2.x and for Nessus 1.x

3) Modify entries in selected to reflect your setup. Make sure webserverurl is set to the same as in

4) Create the log file as you have defined in This must be writeable by the user which your web server runs as (normaly httpd or apache.)

i.e. touch /var/log/php-nessus.log
chown apache.apache /var/log/php-nessus.log

5) Make sure the web server has full access to all the files in the Bilbo installation folder. This can be done as follows:

chown apache.apache -R /var/www/html/bilbo

6) Copy an existing .nessusrc file to the location as specified in Make sure it is named accordingly to your definitions. A sample nessusrc file has been included as sample-nessusrc. Copy this file if you do not have one available, to /etc/nessusrc Give the web server read access to this file by doing:

chown apache.apache /etc/nessusrc

The sample nessusrc file is set up for login user root and nessus server on IP address If you have a different nessus user and or IP, change this on the sample file.

7) Make sure you have a working nessus client session with the username and password as specified in the

Here are some key features of "Bilbo":
1) Allow scanning of a given target(s) with Nessus.
2) Store reports on a web server
3) Optinally email all reports (apart from HTML based) to the specified email
1) Cannot email HTML reports to the user. Only non-HTML reports are sent by
2) Error checking could be better....

What's New in This Release:
Removed IP verification test to allow hostname/ip entries for scanning object. Now supports full Nessus target syntax.
Added support for Nessus v2.0.x

Bilbo 0.2 search tags