Nmap Development mailing list archives
Re: New Feature for Nmap
From: Daniel Miller <bonsaiviking () gmail com>
Date: Tue, 26 Sep 2017 15:02:11 -0500
Thanks for the suggestion! We already have a "map" feature in Zenmap, the official GUI for Nmap [1]. But text-mode outputs can sometimes be useful, too. Since Nmap already emits all of its findings in machine-parseable XML, we are not likely to add another output format to Nmap itself, but there are a couple of potentially interesting options: You could write a post-processing script to convert the XML into a tabular or text tree format. I have done this myself in the past to "graph" open services vs systems for quick visualization. You could even do this with the Grepable output format [2] if you are only interested in addresses, names, and port numbers. You could also write a NSE script [2] to produce some alternative output. We have existing scripts that plot GeoIP coordinates [3] or print a reverse index of IPs by open service [4]. This would allow you to skip the XML parsing and just work directly with host and port objects. I look forward to hearing what you come up with! Dan [1] https://nmap.org/book/zenmap-topology.html [2] https://nmap.org/book/output-formats-grepable-output.html [3] One example: https://nmap.org/nsedoc/scripts/ip-geolocation-map-google.html [4] https://nmap.org/nsedoc/scripts/reverse-index.html On Mon, Sep 25, 2017 at 8:51 PM, Who Am I? <wh0am1terminal () gmail com> wrote:
Hello there. I was looking to add a new feature to Nmap that I thought would be useful. However, I would like to get the opinion of other individuals as well so I can decide whether to move forward with the idea. So, here is what I'm thinking of: Sometimes with Nmap, I like to run a ping scan on my network. The output is usually something like this after running "*nmap -sn 67.207.82.167/20 <http://67.207.82.167/20>*": *(hundreds of more addresses)* *...* *Nmap scan report for mgmt.smartwalk.tech (67.207.95.186)Host is up (0.0020s latency).Nmap scan report for 67.207.95.206Host is up (0.0022s latency).Nmap scan report for dokument.space (67.207.95.207)Host is up (0.0014s latency).Nmap scan report for tothinnerbodies.com <http://tothinnerbodies.com> (67.207.95.221)Host is up (0.00094s latency).Nmap scan report for 67.207.95.223Host is up (0.0018s latency).Nmap scan report for 67.207.95.224Host is up (0.0023s latency).Nmap scan report for 67.207.95.226Host is up (0.0043s latency).Nmap scan report for anotherorganicdiet.com <http://anotherorganicdiet.com> (67.207.95.227)Host is up (0.0021s latency).Nmap scan report for 67.207.95.228Host is up (0.0015s latency).Nmap scan report for emailsseguros1.com.br <http://emailsseguros1.com.br> (67.207.95.229)Host is up (0.0014s latency).Nmap scan report for 67.207.95.231Host is up (0.0019s latency).Nmap scan report for 67.207.95.236Host is up (0.0017s latency).Nmap scan report for 1000caloriestoburn.com <http://1000caloriestoburn.com> (67.207.95.237)Host is up (0.0025s latency).Nmap scan report for 67.207.95.242Host is up (0.0016s latency).Nmap scan report for globatel.faith (67.207.95.243)Host is up (0.0017s latency).Nmap scan report for 67.207.95.247Host is up (0.0017s latency).Nmap scan report for 67.207.95.248Host is up (0.0015s latency).Nmap scan report for 67.207.95.249Host is up (0.0024s latency).Nmap done: 4096 IP addresses (2230 hosts up) scanned in 77.77 seconds* These are a surplus of IP addresses and domains. Not to mention, this is only a portion of the IP addresses and domains that were scanned. What if I wanted to present this in an easy-to-understand format? What if I wanted to look at the data returned back more visually? For example, what if Nmap generated a "network map" like below? 67.207.82.167 (your IP) ======= 67.207.80.1 (gateway) | | | domain.example.com======= 67.207.80.3= + | | | 67.207.80.4-10======+ This is just an example, of course. Regardless of how it ends up looking, some sort of visual network graph would generally be helpful. In this graph, your IP address and your gateway's IP address is displayed. Other people within the same sub-net or network will also have their domain or IP displayed. In the above example, the data route of domain.example.com is shown (the data is routed to 67.207.80.3 and then is passed on to the gateway). IP addresses or domains that aren't passing their data through any IP address or aren't taking an interesting route to send their data will be abbreviated, e.g, 67.207.80.4-10. I'm not sure right now how this could be achieved yet, but I would love to hear your opinion on the idea. Also, please feel free to email me back. Cheers. _______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- New Feature for Nmap Who Am I? (Sep 26)
- Re: New Feature for Nmap Daniel Miller (Sep 26)