Didier Stevens

Monday 25 November 2013

Quickpost: nmap & xml

Filed under: Networking,Quickpost — Didier Stevens @ 20:46

A quick tip: since more than a year now I’ve been including xml output with each nmap scan I perform. I discovered that the xml output contains more (explicit) data than the other forms of output.


nmap -oG test.csv -oX test.xml scanme.nmap.org

Starting Nmap 5.51 ( http://nmap.org ) at 2013-11-23 05:05 EST
Nmap scan report for scanme.nmap.org (
Host is up (0.65s latency).
Not shown: 997 closed ports
22/tcp   open  ssh
80/tcp   open  http
9929/tcp open  nping-echo

Nmap done: 1 IP address (1 host up) scanned in 1.19 seconds

The grepable output:


The xml output:


Quickpost info


  1. Here’s a tool for playing a bit with the xml output, sorting, filtering etc. No data is uploaded to the server, but if you are paranoid, it’s all open source: http://martin.swende.se/tools/nmap-onepage/

    Source: https://bitbucket.org/holiman/nmap-onepage

    Comment by Anonymous — Tuesday 26 November 2013 @ 20:15

  2. […] time ago I recommended to include xml output with your nmap […]

    Pingback by nmap Grepable Script Output – Heartbleed | Didier Stevens — Wednesday 16 April 2014 @ 0:11

RSS feed for comments on this post. TrackBack URI

Leave a Reply (comments are moderated)

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Blog at WordPress.com.