pnx - Parse Nmap XML
pnx is a simple Nmap's XML output parser.
Useful for creating per-port or per-service lists from nmap output.
Install
For Go 1.17+
go install -v git.sr.ht/~ohdude/pnx/cmd/pnx@latest
Alternatively:
git clone https://git.sr.ht/~ohdude/pnx
cd pnx
make
Features
pnx allows to filter results from nmap's XML output based on port, service, product or its version and returns CSV output.
Those names match corresponding names in Nmap's XML output, except of the portid which is called 'port':
<port protocol="tcp" portid="8123">
<state state="open" reason="syn-ack" reason_ttl="0"/>
<service name="http" product="Apache httpd" version="2.4.7" extrainfo="(Ubuntu)" method="probed" conf="10">
<cpe>cpe:/a:apache:http_server:2.4.7</cpe>
</service>
</port>
Text fields (service, product and version) matching can be altered using -exact-match
or -case-sensitive flags
.
By default pnx matches case-insentive substrings, eg. -product=tomcat flag will match entry like "Apache Tomcat".
Usage
$ cat full-sweep.xml | ./pnx
addr,port,service,product,version
172.28.128.1,2200,ms-wbt-server,Microsoft Terminal Services,
172.28.128.1,2212,leecoposserver,,
172.28.128.1,8123,http,Apache httpd,2.4.7
172.28.128.1,17500,db-lsp,,
172.28.128.1,57621,,,
$ cat full-sweep.xml | ./pnx -no-header -ports=2200,2212
172.28.128.1,2200,ms-wbt-server,Microsoft Terminal Services,
172.28.128.1,2212,leecoposserver,,
$ cat full-sweep.xml | ./pnx -no-header -products=apache
172.28.128.1,8123,http,Apache httpd,2.4.7
$ cat full-sweep.xml | ./pnx -no-header -products='Apache httpd' -exact-match -case-sensitive
172.28.128.1,8123,http,Apache httpd,2.4.7