gnxtools /

Filename Size Date modified Message
11 B
Initial commit
6.6 KB
Epoch times in now correctly treated as integer rather than float. Discovered as ndiff was breaking on float 'time' values.
7.5 KB
Updated project url and todo comments in
4.4 KB
Updated readme with contact info

GNXTools - Glens Nmap XML Tools

GNXTools - Glens Nmap XML Tools - are several python scripts which parse and merge nmap XML output files on the cmdline. When used together, there are a number of potential uses, particularly when using gnxmerge to process results generated by nmap from the gnxparse 'rescan' output.

Author: (glen at) , @memoryresident

GNXParse (Nmap XML Parser)

List ips, ports, subnets and generate nmap 'rescan' commands.

GNXMerge (Nmap XML Merger)

Merge multiple nmap xml files.

GNXParse (Glens Nmap XML Parser)

GNXParse is a python script which parses nmap XML report files and outputs discovered IP addresses, /24 subnets and open ports for use with other tools.

GNXParse is also able to output nmap command lines in order to repeat a previous scan against known open ports. This may be useful for example when performing a full scan of a host or hosts from a fast/privileged/unfirewalled location (eg internal network) then performing a re-scan from an untrusted network to compare exposure levels.

Compared to repeating a comprehensive scan, this method has the advantage of significantly reducing both bandwidth and time consumption, along with producing a much quieter footprint in firewall and IDS logs.

Multiple nmap scans may be parsed by first merging the xml output using


$ ./  --help
usage: filename.xml [OPTIONS]

Glens Nmap XML Parser (gnxparse)

positional arguments:
  file  File containing nmap XML output

optional arguments:
      -h, --help    show this help message and exit
      -i, -ips      Output list of active ipv4 addresses
      -p, -ports    Output list of open ports
      -s, -subnets  Output list of /24 subnets containing live hosts
      -r [RESCAN], -rescan [RESCAN]
                    Generate nmap-compatible command-line for re-testing
                    hosts. If no nmap command prefix is given, defaults
                    to: nmap -PN --traceroute --open
      -c [CSVOUT], -csv [CSVOUT]
                    Output simple csv file format (HOSTIP,port1,port2,port3)
      -q, -quiet    Suppress header output for ip, port and subnet lists.
      -v, --version show program's version number and exit

usage examples: ./scan.xml -ips ./scan.xml -ports ./scan.xml -subnets ./scan.xml -rescan > ./ ./scan.xml -rescan 'nmap -A' > ./ ./scan.xml -i -s -r ./scan.xml -i -s -r 'nmap -A'

GNXMerge (Glens Nmap XML Merger)

GNXMerge is a python script which merges multiple separate nmap XML results files into a single XML output. This is primarily to provide an easy method of feeding multiple scan results to tools which accept Nmap .xml output files, for example Zenmap, Nessus or OpenVAS.

It attempts to emulate the official Nmap xml format as far as possible for the merged output, mainly to reduce the likelihood of any other tools not recognising the generated file.

Other tools for handing multiple nmap xml files include Zenmap and Magictree, both of which should also accept files generated by gnxmerge.

gnxmerge functions at the <host> container level, eg all <host> entries from input files will be joined together (including duplicates).

Merging of results within the <host> level (eg cumulation of port checks for the same IP over different scans) is not yet supported.


$ ./  --help
usage: -sources=./file.xml,file2.xml,/path/to/files

Glens Nmap XML Merger gnxmerge - Merges <host> sections from multiple nmap XML files

optional arguments:
  -h,                   --helpshow this help message and exit
  -s SOURCES, -sources SOURCES
                        Comma separated list of paths to files and/or folder
                        contents to merge. An .xml extension is not mandatory;
                        all files and contents of target folder will be (non-
                        recursively) processed, regardless of extension. If
                        files are present which are not valid XML, they will
                        be skipped with warnings.
  -v,                   --version show program's version number and exit