We know that the information must have many details but at the same time be easy to understand and analyze. That is why today we are presenting a new way to deliver reports of the port scans that we carry out with Nmap.
Note: this change does not require any user intervention, however we recommend that you read the entire article. We recommend our users to use Chrome/Chromium to view the HTML report.
The problem
Since our integration with Nmap we try to send as much information as possible to our users after performing the scan: open ports, services, used software, software versions and more. However, we have to accept that the way the information was sent was not optimal, it was a CSV file with all the information mixed up and difficult to analyze, of course our clients let us know. We weren’t sending the XML files from the scans either, naive on our side.
The solution
The first person to propose this solution was Octavian (@0xtavian), a hacker who has followed the development of the platform from the beginning. He let us know about two tools: nmap-boostrap-xsl, developed by Andreas Hontzia (@honze_net) and nMap_Merger, initially developed by (@_cbhue_) and improved by the well known Ben Bidmead (@pry0cc) in their axiom project, as well that we decided to inquire about how we could get the most out of delivering readable information to our users. Our final nmap-boostrap.xsl and merge-xml files can be found in our forked repo, we made some changes to nmap-boostrap.xsl among which are: a dark mode to view the reports and the possibility of selecting “All” the entries when viewing the report. These changes were adapted from nmap-boostrap-xsl pull requests 13 and 14.
This is the final result:
The HTML report will be sent to the email that the user has parameterized together with the XML reports generated directly by Nmap in the following format:
We hope that this change will help our users to have better results and that the reports are easily analyzed. We are working on integrating the information received after executing FFUF into the same report.
Regards,
Findomain Team