Skip to content
/ np Public

A tool to parse, deduplicate, and query multiple port scans.

License

Notifications You must be signed in to change notification settings

leesoh/np

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

54 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

np

np is a tool for parsing, combining, deduplicating, and querying the output from multiple different tools.

Supported scan types:

  • Nmap XML output
  • Masscan XML output
  • Naabu JSON output
  • DNSx JSON output
  • np JSON output

Usage

Usage of np:
  -debug
     Display debug output
  -host string
     Show results for specified host
  -hosts
     Print alive hosts
  -json
     Display JSON output
  -path string
     Path to scan file (default ".")
  -port string
     Display hosts with matching port(s)
  -ports
     Print all ports
  -service string
     Display hosts with matching service name
  -services
     Print all services

The -json option will display all hosts with at least one open port, while the other formats will omit ports that are likely false positives (e.g. tcpwrapped).

Examples

Parse all scans in the current directory:

$ np
scanme.nmap.org (45.33.32.156)
PORT      SERVICE    PRODUCT      VERSION
80/tcp    http       Apache httpd 2.4.7
22/tcp    ssh        OpenSSH      6.6.1p1 Ubuntu 2ubuntu2.13
9929/tcp  nping-echo Nping echo
31337/tcp Elite

bishopfox.com (159.223.119.162)
PORT    SERVICE PRODUCT VERSION
80/tcp  http
443/tcp https

Print a specific host:

$ np -host scanme.nmap.org
scanme.nmap.org (45.33.32.156)
PORT      SERVICE    PRODUCT      VERSION
80/tcp    http       Apache httpd 2.4.7
22/tcp    ssh        OpenSSH      6.6.1p1 Ubuntu 2ubuntu2.13
9929/tcp  nping-echo Nping echo
31337/tcp Elite

Print all alive hosts:

$ np -hosts [-path /path/to/scans]
scanme.nmap.org (45.33.32.156)
bishopfox.com (159.223.119.162)

Print all services:

$ np -services [-path /path/to/scans]
scanme.nmap.org:9929 nping-echo
scanme.nmap.org:31337 Elite
scanme.nmap.org:22 ssh
scanme.nmap.org:80 http
bishopfox.com:80 http
bishopfox.com:443 https

Show instances of the given service:

$ np -service https [-path /path/to/scans]
bishopfox.com:443

Print all open ports:

$ np -ports [-path /path/to/scans]
22,80,443,9929,31337

Print all hosts with the given port open:

$ np -port 80 [-path /path/to/scans]
45.33.32.156:80
159.223.119.162:80

Print all hosts with the given ports open:

$ np -port 80,443 [-path /path/to/scans]
45.33.32.156:80
159.223.119.162:80
159.223.119.162:443

Print full JSON dump:

$ np [-path /path/to/scans] -json
[
  {
    "ip": "45.33.32.156",
    "hostname": "scanme.nmap.org",
    "tcp_ports": {
      "22": {
        "name": "ssh",
        "product": "OpenSSH",
        "version": "6.6.1p1 Ubuntu 2ubuntu2.13",
        "extra_info": "Ubuntu Linux; protocol 2.0"
      },
      "31337": {
        "name": "Elite"
      },
      "80": {
        "name": "http",
        "product": "Apache httpd",
        "version": "2.4.7",
        "extra_info": "(Ubuntu)"
      },
      "9929": {
        "name": "nping-echo",
        "product": "Nping echo"
      }
    }
  },
  {
    "ip": "159.223.119.162",
    "hostname": "bishopfox.com",
    "tcp_ports": {
      "443": {
        "name": "https"
      },
      "80": {
        "name": "http"
      }
    }
  }
]

Installation

Make sure that $GOPATH/bin is part of $PATH, then:

go install github.com/leesoh/np/cmd/np@latest

Similar Tools

In case np isn't quite what you're looking for, here are a few similar tools:

Thanks

  • go-nmap - For making the XML parsing less awful
  • naabu - For the beautiful source code

About

A tool to parse, deduplicate, and query multiple port scans.

Topics

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages