after a couple of emails on this topic I decided to share some NMAP specific xml parsers. As many of you know through -oX flag it’s possible to save NMAP results into a well-structured xml file. But what about the visualization or the manipulation of such a file ?
Many different ways exist:
First above others the default NMAP command line supporting style sheets to NMAP output: nmap -A -oX –stylesheet http://insecure.org/nmap/data/nmap.xsl scanreport.xml www.example.com
xsltproc is the first external example. It applies different type of XSLT to the NMAP results in the following way: xsltproc nmap-output.xml -o nmap-output.html
Saxon a similart xslt processor. You can try in the following way: java -jar saxon9.jar -s:nmap-output.xml -o:nmap-output.html
xalan-java which is an XSLT processor for transforming XML documents into HTML, text, or other XML document types. You can try it in the following way: java -jar xalan.jar -IN nmap-output.xml -OUT nmap-output.html
PowerShellScript . This script converts an XML file into a .NET object within properties. Perfect if you need to write a software that keeps as input the NMAP xml output format. For example if you are building your own report software or a NMAP wrapper.
NMAP-XML Flat File converts NMAP xml file format into a HTML or EXCEL table. It’s written in java and it’s pretty “download ‘n run”. java XMLNMAPReader nmap-output.xmll > OutputFile.[html/xls]
PBNJ. Well it does much more that parsing NMAP XML, but for this post it is able to save NMAP xml file into a database.
NMAP2DB is a great tool for popolating SQLite databases with NMAP results
Ruby Nmap Parser Library. Great library for rubyans providing Ruby interface to Nmap’s scan data. It can run Nmap and parse its XML output directly from the scan, parse a file containing the XML data from a separate scan, parse a String of XML data from a scan, or parse XML data from an object via its read() method.
Well, I am pretty sure there are tons of other ways to modify NMAP xml format around Internet, so please feel free to add comments suggesting what is your own way or what is your favorite tool.