NMAP 2 XML | Generate NMAP Reports

12 Jun

I was looking a technique outside of Metasploit’s db_nmap command, which stores NMAP results in a database for later analysis, that enables me to generate some kind of reporting on scanned hosts.

Enter NMAP’s -oX switch. This switch coupled with the default style sheet of http://insecure.org/nmap/data/nmap.xsl generates this :

nmap -A -oX --stylesheet http://insecure.org/nmap/data/nmap.xsl scanreport.xml http://www.example.com


  • xsltproc is the first external example. It applies different type of XSLT to the NMAP results in the following way: xsltproc nmap-output.xml -o nmap-output.html
  • Saxon a similart xslt processor. You can try in the following way: java -jar saxon9.jar -s:nmap-output.xml -o:nmap-output.html
  • xalan-java which is an XSLT processor for transforming XML documents into HTML, text, or other XML document types. You can try it in the following way: java -jar xalan.jar -IN nmap-output.xml -OUT nmap-output.html
  • PowerShellScript . This script converts an XML file into a .NET object within properties. Perfect if you need to write a software that keeps as input the NMAP xml output format. For example if you are building your own report software or a NMAP wrapper.
  • NMAP-XML Flat File converts NMAP xml file format into a HTML or EXCEL table. It’s written in java and it’s pretty “download ‘n run”. java XMLNMAPReader nmap-output.xmll > OutputFile.[html/xls]
  • PBNJ. Well it does much more that parsing NMAP XML, but for this post it is able to save NMAP xml file into a database.
  • NMAP2DB is a great tool for popolating SQLite databases with NMAP results
  • Ruby Nmap Parser Library. Great library for rubyans providing Ruby interface to Nmap’s scan data. It can run Nmap and parse its XML output directly from the scan, parse a file containing the XML data from a separate scan, parse a String of XML data from a scan, or parse XML data from an object via its read() method.

One Response to “NMAP 2 XML | Generate NMAP Reports”


  1. Security News #0×13: PwnSQL « CyberOperations - June 19, 2012

    […] class labs and asked how I got the output of the Red Team nmap scans into such a nice html format. Zabomber has an explanation of how to get XML output from nmap. Share this:TwitterFacebookLike this:LikeBe […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: