vdjagilev / nmap-formatter Goto Github PK
View Code? Open in Web Editor NEWA tool that allows you to convert NMAP results to html, csv, json, markdown, graphviz (dot) or sqlite. Simply put it's nmap converter.
License: MIT License
A tool that allows you to convert NMAP results to html, csv, json, markdown, graphviz (dot) or sqlite. Simply put it's nmap converter.
License: MIT License
Links:
Currently CSV outputs only hosts that have some ports opened. If there is none, there is no record for that.
The host record look like this:
[IP], "-", "-", "-", "-" ...
https://github.com/vdjagilev/nmap-formatter/runs/5994716990?check_suite_focus=true
Main issue is that it's impossible to remove temporary file on the runner
It's better to move types closer to the package where they belong. Types package stands out in this case and needs to be moved to formatter
package.
Currently spf13/cobra is used as a dependency, however app is quite simple and requires only a few features that are used.
Add TOC for easier navigation in the README.
Due to the nature of go text templates, there is a lot of blank space in markdown output. There should be way to filter output and remove unneeded spaces/newlines.
Implement github action that will do this automatically.
Possibility to use custom templates. It can be achievable via option parameters --use-template [path-to-template]
https://github.com/mvdan/github-actions-golang
on: [push, pull_request]
name: Test
jobs:
test:
strategy:
matrix:
go-version: [1.15.x, 1.16.x]
os: [ubuntu-latest, macos-latest, windows-latest]
runs-on: ${{ matrix.os }}
steps:
- name: Install Go
uses: actions/setup-go@v2
with:
go-version: ${{ matrix.go-version }}
- name: Checkout code
uses: actions/checkout@v2
- name: Test
run: go test ./...
Add build status badge.
Readme: https://docs.github.com/en/actions/managing-workflow-runs/adding-a-workflow-status-badge
![example workflow](https://github.com/<OWNER>/<REPOSITORY>/actions/workflows/<WORKFLOW_FILE>/badge.svg)
![build status](https://github.com/vdjagilev/nmap-formatter/actions/workflows/go.yml/badge.svg)
It's better to rename this option to --skip-down-hosts
with default value true
.
Update changelog pipeline creates broken changelog file. Needs to be removed.
Implement a possibility use dark or light mode in HTML template.
Currently there is a duplicate for ports field. It should be simply Port[]
instead of Ports.Port[]
Would be good to know current version of the app by running --help
option or just version
arg or --version
flag.
Services
field often contains a big list of ports which is problematic to display in markdown table (it has to be hidden using <details><summary>...
html tags). Move this part in a sub-chapter, enclosing it in ```
would be better.
If there is huge output, it's better to navigate on a page using floating table of contents with anchor links.
Also add new option:
--html-floating-index
, true
by default.
Great project to get the data into Elastic :) One thing is bothering ES, everything is a string in the json output, even stuff like port numbers. This makes it difficult to filter stuff. Could the numeric stuff be parsed that way?
Thanks!
Update golang to 1.18
Create a wiki with more in-depth topics.
jq
and etc. golangci-lint:
name: golangci-lint
runs-on: ubuntu-latest
steps:
- name: Set up Go
uses: actions/setup-go@v3
with:
go-version: 1.18
- uses: actions/checkout@v3
- name: Run golangci-lint
uses: golangci/golangci-lint-action@v3
with:
version: latest
It would be good if it would be possible to skip certain parts of scan output, for example:
--skip-summary=false
--skip-traceroute=false
--skip-metrics=false
--skip-port-scripts=false
Available only for HTML & Markdown
https://github.com/vdjagilev/nmap-formatter/blob/main/cmd/root.go#L93 args is not used anywhere
There might be more than 1 osmatch
nodes.
<osmatch name="Some Linux Example" accuracy="94" line="1234"/>
<osmatch name="Another Linux Example" accuracy="89" line="4321"/>
when running nmap-formatter nmap.xml md > nmap.md, it generates 8 columns when only 7 are identified, you can find below the output :
Port | State | Service | Reason | Product | Version | Extra Info |
---|---|---|---|---|---|---|
22 | tcp | open | ssh | syn-ack | OpenSSH | 7.4 |
This will generate rendering issues when viewing mardown because tcp (protocol) would be in the state column.
You could either add protocol column or merge tcp with port like this 22/tcp
Add a possibility to read XML content from stdin. This would allow much easier piping.
nmap -A -T4 -oX - 10.10.10.100 | nmap-formatter json
TODO
Add possibility to pretty-print JSON, example:
json.MarshalIndent(struct, "", " ") // 3-th = 4 spaces
Avoid using href links in markdown template
Add go 1.17 to the testing pipeline and binary release pipeline
Those parts needs to be covered with tests:
--skip*
output options--skip-down-hosts=false
if down hosts are not skippedgo test ./... -count=1 -v
)How to use this tool with jq (show hosts that are up, show only http service ports, show only filtered ports, count ports for each host, et cetera)
Add a possibility to pass multiple nmap XML files
nmap-formatter json file1.xml file2.xml ...
For each type json
, md
, html
or csv
, there should be an output option 'prefix'.
For example:
--skip-summary
should be --html-skip-summary
and --md-skip-summary
.
Add a possibility to pass custom variables for custom templates.
Example:
--x-opt "foo=${bar}"
Then this value can be used in a custom template like this:
Some custom variables:
<ul>
<li><b>Foo value:</b> {{.custom.foo}}</li>
</ul>
This could be used in automated environments (pipelines?) to pass some values to the custom templates.
Can be implemented only after #23
In order to access parent scope in templates, variables are used. It is possible to access parent scope via $.Parent.Name
It would be good if this repository could be used as a library to parse nmap xml output. For this purpose 2 things must be accomplished:
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.