For the longest time, I relied on awk and grep to deal with Nmap output. While this is still a go-to method, being the lazy pentester I am, decided to automate some of the repetitive parsing tasks. Thus parmap was born. Using the wonderful ruby-nmap gem this script gives you a few options for displaying and outputting the information from an Nmap XML file. All you need to make it work is the thor and ruby-nmap gem installed.
parmap Commands: parmap csv FILE OUTF_F # create a csv of the output parmap help [COMMAND] # Describe available commands or one specific command parmap hosts FILE # print a list of Up hosts in the file parmap nse FILE # parse the NSE script data from an nmap scan parmap parse FILE # parse the FILE and output the results to the screen parmap ports FILE PORT # create a file with a list of hosts where the port was open
This was actually one of the first tools I ever wrote with the intention of sharing with other people. I revisit it every few years to clean up the code and maybe add a few things. So why write a blog post about an old Nmap parsing script? I decided to add some significant functionality to it.
As I lean more heavily on other methods of host and service enumeration on internal pentest such as masscan or maybe something more stealthy like LDAP queries I have used Nmap a bit less. However, I still find much of the functionality very beneficial. What my goal is with this addition to my script is to add an interactive shell that will let me parse data from a scan and perform targeted actions against a subset of hosts or services based on that data. A practical example of this might be to run user enumeration against all SMB services, but Nmap’s powerful scripting engine means that the true possibilities can be far more complex and useful than that. In the end, this should be a lightweight and flexible way to streamline one of my major pentest processes. I’ve noticed that in many cases a big improvement in efficiency helps me find things that I may have otherwise been missing. If you have any ideas that might help with the implementation or functionality please take a look at what I have and let me know!