Python NMAP library enabling you to start async nmap tasks, parse and compare/diff scan results
libnmap is a python library enabling python developers to manipulate nmap process and data.
libnmap is what you were looking for if you need to implement the following:
automate or schedule nmap scans on a regular basis
manipulate nmap scans results to do reporting
compare and diff nmap scans to generate graphs
batch process scan reports
The above uses cases will be easy to implement with the help of the libnmap modules.
The lib currently offers the following modules:
process: enables you to launch nmap scans
parse: enables you to parse nmap reports or scan results (only XML so far) from a file, a string,…
report: enables you to manipulate a parsed scan result and de/serialize scan results in a json format
diff: enables you to see what changed between two scans
common: contains basic nmap objects like NmapHost and NmapService. It is to note that each object can be “diff()ed” with another similar object.
plugins: enables you to support datastores for your scan results directly in the “NmapReport” object. from report module:
aws s3: insert/get/getAll/delete (not supported for python3 since boto is not supporting py3)
csv: todo (easy to implement)
elastic search: todo
All the documentation is available on read the docs. This documentation contains small code samples that you directly reuse.
libnmap has by default no dependencies, except defusedxml if you need to import untrusted XML scans data.
The only additional python modules you’ll have to install depends if you wish to use libnmap to store reports on an exotic data store via libnmap’s independents plugins.
Below the list of optional dependencies:
If you are importing/parsing untrusted XML scan outputs with python-libnmap, install defusedxml library:
ronald@brouette:~/dev$ pip install defusedxml
This will prevent you from being vulnerable to XML External Entities attacks.
For more information, read the official libnmap documentation
This note relates to a cascaded CVE vulnerability from the python core library XML ElementTree. Nevertheless, python-libnmap has been assigned an official CVE to track this issue.
This CVE is addressed from v0.7.2.
The libnmap code is tested against the following python interpreters:
You can install libnmap via pip:
ronald@brouette:~$ pip install python-libnmap
or via git and dist utils (à l’ancienne):
ronald@brouette:~$ git clone https://github.com/savon-noir/python-libnmap.git ronald@brouette:~$ cd python-libnmap ronald@brouette:~$ python setup.py install
or via git and pip:
ronald@brouette:~$ git clone https://github.com/savon-noir/python-libnmap.git ronald@brouette:~$ cd python-libnmap ronald@brouette:~$ pip install .
Some codes samples are available in the examples directory or in the documentation.
Among other example, you notice an sample code pushing nmap scan reports in an ElasticSearch instance and allowing you to create fancy dashboards in Kibana like the screenshot below:
Mike @bmx0r Boutillier for S3 and SQL-Alechemy plugins and for the constructive critics. Thanks!
Release history Release notifications | RSS feed
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.