Daniel,
A few remarks on your post
The objective of IVIL is to define the lowest common denominator that is still useful. This will enable tools to write their output in a format that is instantly supported by tools that parse such information like Dradris and Seccubus. It is different from e.g. SCAP in that it does not try to be a structured representation of everything every tool can ever express about a vulnerability.
Maybe adding some sort of "meta section" where scanner-specific information can be added thinks like the parameters used to run the scan, or some other relevant information.
This meta section does exist, every send if free to add its own tags to the <sender> block.
Along the same lines it is probably a good idea to provide some way of 'extending' the information about the findings with stuff that is specific to each tool
It was may intention that tools could extend the <finding> block with tool specific data, but I guess I forgot to add this in my original blogpost.
I'm quite keen on adding your plugin to the Dradis repository to ensure that it is maintained if we manage to make some progress in terms of getting a few tools to commit to IVIL. I just ran a quick search and it seems that after your initial blog post there has not been a lot of movement... Are you still keen on the idea? What is the status of the effort?
Cool, I'd really like to have a tool a Dradris support IVIL. It is a new effort and thus facing the catch 22 of not being supported widely because it is not supported widely.
VILI is alive Zate Berg has written a tool that initiate a Nessus scan and returns the results as IVIL. I have written an nbe2ivil tool that I use to import Nikto output in Seccubus v2 and hope to add native IVIL support to Nikto as well. Nessus_html2ivil a qualys2ivil are on my list of things to do, but I have to balance work work and other work.
