Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/nitram2342/extract-web-servers-from-nmap-xml

This is a python helper script for generating a list of web URLs from an Nmap XML file.
https://github.com/nitram2342/extract-web-servers-from-nmap-xml

nmap pentest-tool python

Last synced: about 2 months ago
JSON representation

This is a python helper script for generating a list of web URLs from an Nmap XML file.

Awesome Lists containing this project

README 

        
``extract_hosts_from_nmap.py`` is a python script for generating a list of web URLs from an Nmap XML file.



Purpose

==================



Network penetration testing usually starts with a portscan of available hosts and services and almost always you will find all kinds of web servers and web applications. While it is easy find all web servers on standard ports, Nmap does not always detect web services, when they are on non-standard ports while Nmap may even have enough information to derive this.



This python script scrapes information from Nmap XML files together in order to identify web server ports and renders a list of URIs.



::

   

   $ ./extract_hosts_from_nmap.py --xml 2018-05-23_fullrange_*.xml --port www

   https://aaa.bbb.ccc.ddd:8443

   http://aaa.bbb.ccc.ddd:8080

   http://aaa.bbb.ccc.ddd:10000

   http://aaa.bbb.ccc.ddd:12000

   [...]



::

   

   $ ./extract_hosts_from_nmap.py --xml 2018-05-23_fullrange_*.xml --port 445

   192.168.23.42

   192.168.23.23

   192.168.23.5   

   [...]

   

When you have a list of URLs, you may want to open them in a browser or lauch a screen shot tool, for example:



::

   

   ./extract_hosts_from_nmap.py --xml nmap_*tcp.xml --port web | xargs -n 25 -P 1 firefox



Copyright and Licence

=====================



The tool is developed by Martin Schobert [email protected] and

published under a BSD licence with a non-military clause. Please read

``LICENSE.txt`` for further details.