Tuesday, September 29, 2015

NMAPgrapher: A tool to generate graph and other output from NMAP XML files.

NMAPgrapher can be found at https://github.com/attactics/NMAPgrapher

What is it?

A tool I created to assist me in providing supplementary data with my penetration test reports. I'm releasing it to the public to do as you wish with it. The primary purpose of this tool is to allow the user to quickly and easily output exploratory data from NMAP XML files. The tool is capable of generating the following:
  • Most and least common services
  • Most and least common ports
  • Most and least common operating systems
  • Hosts with most and least number of open ports
  • HTML document with tables including each host and open services / ports
Most of the data sets can be output to:
  • PNG
  • SVG
  • CSV
  • HTML
In order to make this tool more useful to others, I have added the ability to skin the HTML output with CSS styles, found in the css folder. In order to generate the included template I used csstablegenerator. If you want to create your own css styles, just make sure to name the css class name 'table'.

SVG and PNG graphs can be styled by modifying NMAPgrapher.py. I tried to use pygal's CSS styles and have a separate file for editing, however cairosvg was not liking it.

Quick Primer on Use

While NMAPgrapher has a fairly extensive help menu, here is the general usage structure:

NMAPgrapher.py [inputFile] [outputBaseName] [outputType]

where:
  • inputFile  is the NMAP XML file you wish to process
  • outputBaseName is the base name of the output files. All output files will be placed in a subfolder from where you ran NMAPgrapher
  • outputType is the type of output you want (csv, png, html, svg)
The default behavior is to produce all possible outputs for the output type specified. Some outputs such as the host lost detailing all open ports and services is only output in HTML for the time being. This will automatically be output in HTML regardless of the type you specify.

There are also a number of optional flags to only output certain types of data, for more information on these please invoke NMAPgrapher.py -h. They should be pretty straight forward.

Dependencies

NMAPgrapher requires a number of libraries to operate. I recommend using pip to install them. You can install them with pip like so:
pip install pygal cairosvg cssselect tinycss lxml elementtree

Bugs and Feature Requests

I'm not a python ninja (...yet?). I know the code is not the prettiest and I will work on refining it as time allows. If there are any bugs or feature requests, please message me on twitter (@evasiv3) and I'd be glad to help.

Sample Graph and Table Screenshots

The following are two example outputs from NMAPgrapher. The visuals are customizable.






1 comment :