Thursday, September 17, 2015

Parsing Multiple nmap Scan Output Files into a csv File

Today I was faced with a challenge where I had to parse multiple nmap scans that were saved in a directory.  The format was saved in the regular .nmap output.  The following python script came alive that parses the files and outputs the IP Address, MAC Address and each port that was found into output to the screen that could then be saved as a csv file.

This script depends on the output that is located in the .nmap output and the version of nmap.



import os
import re

for file in os.listdir(nmapOutputDirectory):
 portStatusPattern = re.compile("^[0-9]{1,5}\/(tcp|udp)\s*(open|closed)\s*[0-9a-zA-Z- ]{3,}$")
 macAddrPattern = re.compile(".*([0-9A-Fa-f]{1,2}[:-]){5}[0-9A-Fa-f]{2}.*")
 portInfoList = []
 ipAddress = ''
 macAddr = ''
 fileLocation = nmapOutputDirectory + "/" + file
 f = open(fileLocation, 'r')
 for line in f:
  currentLine = line.strip()
  if "Nmap scan report for" in currentLine:
   ipAddress = currentLine[21:]
  elif portStatusPattern.match(currentLine):
  elif macAddrPattern.match(currentLine):
   macAddr = currentLine[13:30]
 if len(portInfoList) > 0:
  for item in portInfoList:
   print '"' + ipAddress + '","' + macAddr + '","' + item + '"'
  print '"' + ipAddress + '","' + macAddr + '",""'


No comments:

Post a Comment

Powershell - Gather Mapped Drives from a List of Computer Names

I created the following Powershell script to gather remotely the mapped drives that users had in their profiles.  I had to create the script...