vdjagilev / nmap-formatter Goto Github PK
View Code? Open in Web Editor NEWA tool that allows you to convert NMAP results to html, csv, json, markdown, graphviz (dot) or sqlite. Simply put it's nmap converter.
License: MIT License
A tool that allows you to convert NMAP results to html, csv, json, markdown, graphviz (dot) or sqlite. Simply put it's nmap converter.
License: MIT License
Those parts needs to be covered with tests:
--skip*
output options--skip-down-hosts=false
if down hosts are not skippedgo test ./... -count=1 -v
)It's better to move types closer to the package where they belong. Types package stands out in this case and needs to be moved to formatter
package.
Add a possibility to read XML content from stdin. This would allow much easier piping.
nmap -A -T4 -oX - 10.10.10.100 | nmap-formatter json
TODO
Currently CSV outputs only hosts that have some ports opened. If there is none, there is no record for that.
The host record look like this:
[IP], "-", "-", "-", "-" ...
Add a possibility to pass custom variables for custom templates.
Example:
--x-opt "foo=${bar}"
Then this value can be used in a custom template like this:
Some custom variables:
<ul>
<li><b>Foo value:</b> {{.custom.foo}}</li>
</ul>
This could be used in automated environments (pipelines?) to pass some values to the custom templates.
Can be implemented only after #23
golangci-lint:
name: golangci-lint
runs-on: ubuntu-latest
steps:
- name: Set up Go
uses: actions/setup-go@v3
with:
go-version: 1.18
- uses: actions/checkout@v3
- name: Run golangci-lint
uses: golangci/golangci-lint-action@v3
with:
version: latest
For each type json
, md
, html
or csv
, there should be an output option 'prefix'.
For example:
--skip-summary
should be --html-skip-summary
and --md-skip-summary
.
https://github.com/mvdan/github-actions-golang
on: [push, pull_request]
name: Test
jobs:
test:
strategy:
matrix:
go-version: [1.15.x, 1.16.x]
os: [ubuntu-latest, macos-latest, windows-latest]
runs-on: ${{ matrix.os }}
steps:
- name: Install Go
uses: actions/setup-go@v2
with:
go-version: ${{ matrix.go-version }}
- name: Checkout code
uses: actions/checkout@v2
- name: Test
run: go test ./...
Update changelog pipeline creates broken changelog file. Needs to be removed.
Add a possibility to pass multiple nmap XML files
nmap-formatter json file1.xml file2.xml ...
Currently there is a duplicate for ports field. It should be simply Port[]
instead of Ports.Port[]
Implement github action that will do this automatically.
If there is huge output, it's better to navigate on a page using floating table of contents with anchor links.
Also add new option:
--html-floating-index
, true
by default.
Avoid using href links in markdown template
It would be good if it would be possible to skip certain parts of scan output, for example:
--skip-summary=false
--skip-traceroute=false
--skip-metrics=false
--skip-port-scripts=false
Available only for HTML & Markdown
Links:
https://github.com/vdjagilev/nmap-formatter/blob/main/cmd/root.go#L93 args is not used anywhere
There might be more than 1 osmatch
nodes.
<osmatch name="Some Linux Example" accuracy="94" line="1234"/>
<osmatch name="Another Linux Example" accuracy="89" line="4321"/>
when running nmap-formatter nmap.xml md > nmap.md, it generates 8 columns when only 7 are identified, you can find below the output :
Port | State | Service | Reason | Product | Version | Extra Info |
---|---|---|---|---|---|---|
22 | tcp | open | ssh | syn-ack | OpenSSH | 7.4 |
This will generate rendering issues when viewing mardown because tcp (protocol) would be in the state column.
You could either add protocol column or merge tcp with port like this 22/tcp
Currently spf13/cobra is used as a dependency, however app is quite simple and requires only a few features that are used.
Services
field often contains a big list of ports which is problematic to display in markdown table (it has to be hidden using <details><summary>...
html tags). Move this part in a sub-chapter, enclosing it in ```
would be better.
Great project to get the data into Elastic :) One thing is bothering ES, everything is a string in the json output, even stuff like port numbers. This makes it difficult to filter stuff. Could the numeric stuff be parsed that way?
Thanks!
It would be good if this repository could be used as a library to parse nmap xml output. For this purpose 2 things must be accomplished:
Would be good to know current version of the app by running --help
option or just version
arg or --version
flag.
Create a wiki with more in-depth topics.
jq
and etc.Add possibility to pretty-print JSON, example:
json.MarshalIndent(struct, "", " ") // 3-th = 4 spaces
Add go 1.17 to the testing pipeline and binary release pipeline
It's better to rename this option to --skip-down-hosts
with default value true
.
https://github.com/vdjagilev/nmap-formatter/runs/5994716990?check_suite_focus=true
Main issue is that it's impossible to remove temporary file on the runner
Add build status badge.
Readme: https://docs.github.com/en/actions/managing-workflow-runs/adding-a-workflow-status-badge
![example workflow](https://github.com/<OWNER>/<REPOSITORY>/actions/workflows/<WORKFLOW_FILE>/badge.svg)
![build status](https://github.com/vdjagilev/nmap-formatter/actions/workflows/go.yml/badge.svg)
Possibility to use custom templates. It can be achievable via option parameters --use-template [path-to-template]
Add TOC for easier navigation in the README.
Implement a possibility use dark or light mode in HTML template.
Update golang to 1.18
How to use this tool with jq (show hosts that are up, show only http service ports, show only filtered ports, count ports for each host, et cetera)
In order to access parent scope in templates, variables are used. It is possible to access parent scope via $.Parent.Name
Due to the nature of go text templates, there is a lot of blank space in markdown output. There should be way to filter output and remove unneeded spaces/newlines.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.