Skip to main content

A simple python script to convert Nmap output to CSV

Project description

NmaptoCSV

Description

A simple python script to convert Nmap output to CSV

Features

  • Support of Nmap version 5, 6, 7 normal format output (default format, -oN option)
  • Support of Nmap any version Grepable format output (-oG option) and XML (-oX)
  • Parsing main information : IP, FQDN, rDNS, MAC address and vendor, open ports, tcp/udp protocols, listening services and versions, OS, Number of hops to the target, and script output
  • Custom output format following the main items

Usage

Pass the Nmap output via stdin or from a specified file (-i).
The processed dump can be collected at stdout or to a specified file (-o).

Options

usage: nmaptocsv [-h] [-i INPUT] [-x XML_INPUT] [-o OUTPUT] [-f FORMAT] [-S]
                 [-d DELIMITER] [-n] [-s]

optional arguments:
  -h, --help            show this help message and exit

Mandatory parameters:
  -i INPUT, --input INPUT
                        Nmap scan output file in normal (-oN) or Grepable
                        (-oG) format (stdin if not specified)
  -x XML_INPUT, --xml-input XML_INPUT
                        Nmap scan output file in XML (-oX) format

Output parameters:
  -o OUTPUT, --output OUTPUT
                        CSV output filename (stdout if not specified)
  -f FORMAT, --format FORMAT
                        CSV column format { fqdn, rdns, hop_number, ip,
                        mac_address, mac_vendor, port, protocol, os, script,
                        service, version } (default: ip-fqdn-port-protocol-
                        service-version)
  -S, --script          Adds the script column in output, alias for -f "ip-
                        fqdn-port-protocol-service-version-script"
  -d DELIMITER, --delimiter DELIMITER
                        CSV output delimiter (default ";"). Ex: -d ","
  -n, --no-newline      Do not insert a newline between each host. By default,
                        a newline is added for better readability
  -s, --skip-header     Do not print the CSV header

Nmap Normal format (default output format -oN)

$ python nmaptocsv.py -i test.nmap -f ip-fqdn-port-protocol-service-version-os
IP;FQDN;PORT;PROTOCOL;SERVICE;VERSION;OS
192.168.1.2;Test.lan;135;tcp;msrpc;Microsoft Windows RPC;Windows 7 Professional 7601 Service Pack 1 (Windows 7 Professional 6.1)
192.168.1.2;Test.lan;139;tcp;netbios-ssn;;Windows 7 Professional 7601 Service Pack 1 (Windows 7 Professional 6.1)
192.168.1.2;Test.lan;445;tcp;netbios-ssn;;Windows 7 Professional 7601 Service Pack 1 (Windows 7 Professional 6.1)
192.168.1.2;Test.lan;5357;tcp;http;Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP);Windows 7 Professional 7601 Service Pack 1 (Windows 7 Professional 6.1)


$ python nmaptocsv.py -i test.nmap -f ip-fqdn-port-protocol-service-version -d ',' | csvlook
|--------------+----------+------+----------+-------------+------------------------------------------|
|  IP          | FQDN     | PORT | PROTOCOL | SERVICE     | VERSION                                  |
|--------------+----------+------+----------+-------------+------------------------------------------|
|  192.168.1.2 | Test.lan | 135  | tcp      | msrpc       | Microsoft Windows RPC                    |
|  192.168.1.2 | Test.lan | 139  | tcp      | netbios-ssn |                                          |
|  192.168.1.2 | Test.lan | 445  | tcp      | netbios-ssn |                                          |
|  192.168.1.2 | Test.lan | 5357 | tcp      | http        | Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)  |
|  |
|--------------+----------+------+----------+-------------+------------------------------------------|

$ nmap -sV -p- localhost -oN - | python nmaptocsv.py 
IP;FQDN;PORT;PROTOCOL;SERVICE;VERSION
127.0.0.1;localhost;22;tcp;ssh;OpenSSH 7.6p1 Debian 2 (protocol 2.0)
127.0.0.1;localhost;80;tcp;http;Apache httpd 2.4.29 ((Debian))
127.0.0.1;localhost;5432;tcp;postgresql;PostgreSQL DB 9.5.4
127.0.0.1;localhost;5433;tcp;postgresql;PostgreSQL DB 9.6.0 or later
127.0.0.1;localhost;5434;tcp;postgresql;PostgreSQL DB 9.6.0 or later

Nmap Grepable format (-oG)

$ cat scan.gnmap
# Nmap 6.01 scan initiated Thu Nov 22 11:28:15 2012 as: nmap -p- -sV -oA scan 10.0.0.0/24 
Host: 10.0.0.1 (test1.local)	Status: Up
Host: 10.0.0.1 (test1.local)	Ports: 23/open/tcp//telnet//Cisco router telnetd/	Ignored State: closed (65534)
Host: 10.0.0.2 (test2.local)	Status: Up
Host: 10.0.0.2 (test2.local)	Ports: 23/open/tcp//telnet//Cisco router telnetd/	Ignored State: closed (65534)
Host: 10.0.0.3 (test3.local)	Status: Up
Host: 10.0.0.3 (test3.local)	Ports: 23/open/tcp//telnet//Cisco router telnetd/	Ignored State: closed (65534)
Host: 10.0.0.50 (test50.local)	Status: Up
Host: 10.0.0.50 (test50.local)	Ports: 22/open/tcp//ssh//OpenSSH 3.8.1p1 Debian 8.sarge.6 (protocol 2.0)/, 80/open/tcp//http//Apache httpd 1.3.33 ((Debian GNU|Linux) PHP|4.3.10-19)/, 111/open/tcp//rpcbind (rpcbind V2)/(rpcbind:100000*2-2)/2 (rpc #100000)/, 113/open/tcp//ident///, 684/open/tcp//status (status V1)/(status:100024*1-1)/1 (rpc #100024)/, 5432/open/tcp//postgresql//PostgreSQL DB (French)/	Ignored State: closed (65529)
Host: 10.0.0.100 (test100.local)	Status: Up
Host: 10.0.0.100 (test100.local)	Ports: 80/closed/tcp//http///, 5432/open/tcp//postgresql//PostgreSQL DB (French)/, 19999/filtered/tcp/////	Ignored State: closed (65532)

$ python nmaptocsv.py -i scan.gnmap -f ip-fqdn
IP;FQDN
10.0.0.1;test1.local

10.0.0.2;test2.local

10.0.0.3;test3.local

10.0.0.50;test50.local

10.0.0.100;test100.local


$ cat scan.gnmap | python nmaptocsv.py 
IP;FQDN;PORT;PROTOCOL;SERVICE;VERSION
10.0.0.1;test1.local;23;tcp;telnet;Cisco router telnetd

10.0.0.2;test2.local;23;tcp;telnet;Cisco router telnetd

10.0.0.3;test3.local;23;tcp;telnet;Cisco router telnetd

10.0.0.50;test50.local;22;tcp;ssh;OpenSSH 3.8.1p1 Debian 8.sarge.6 (protocol 2.0)
10.0.0.50;test50.local;80;tcp;http;Apache httpd 1.3.33 ((Debian GNU|Linux) PHP|4.3.10-19)
10.0.0.50;test50.local;111;tcp;rpcbind (rpcbind V2);(rpcbind:100000*2-2)/2 (rpc #100000)
10.0.0.50;test50.local;113;tcp;ident;
10.0.0.50;test50.local;684;tcp;status (status V1);(status:100024*1-1)/1 (rpc #100024)
10.0.0.50;test50.local;5432;tcp;postgresql;PostgreSQL DB (French)

10.0.0.100;test100.local;5432;tcp;postgresql;PostgreSQL DB (French)

Dependencies and installation

  • A Python interpreter with version 2.7 or 3.X
    • Python 2.6 works with .nmap and .gnmap files but not with .xml ones
  • The easiest way to setup everything: pip install nmaptocsv and then directly use $ nmaptocsv
    • Or git clone that repository and pip install -r requirements.txt and then python nmaptocsv.py

Changelog

  • version 1.6 - 06/13/2019: Python 3 support
  • version 1.5 - 09/30/2018: few bugs fixed in XML parsing + script alias format added
  • version 1.4 - 08/16/2018: few bugs fixed + XML parsing implementation
  • version 1.3 - 08/13/2018: fixing the README layout on PyPI
  • version 1.2 - 01/07/2018: script output parsing addition
  • version 1.1 - 01/07/2018: Cleaning the code, fixing some parsing bugs, delimiter option addition and made newline default
  • version 1.0 - from 2012 to 2013

Copyright and license

Nmaptocsv is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

Nmaptocsv is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with nmaptocsv. If not, see http://www.gnu.org/licenses/.

Contact

  • Thomas Debize < tdebize at mail d0t com >

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

nmaptocsv-1.6.tar.gz (10.7 kB view hashes)

Uploaded Source

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page