Output formats and Nmap Scripting Engine
Let's quickly recap how Nmap formats the output of a scan. If we run the default NSE category (-sC
) against the scanme.nmap.org
host, we get the following output:
nmap -n -Pn -p80 -sC scanme.nmap.orgPORT STATE SERVICE80/tcp open http|_http-title: Go ahead and ScanMe!
By default, Nmap returns the normal output if no option is given. The available output options are:
Normal output (
-oN
)XML output (
-oX
)Grepable output (
-oG
)Script kiddie (
-oS
)
Tip
The -oA <basename>
argument saves the output in normal, XML, and grepable formats. I personally use this option all the time. Let's say we want to scan port 80
with NSE and save the results in all formats. We would use a command similar to the following:
$nmap -p80 -sC -oA scanme.nmap.org scanme.nmap.org
When the scan is complete, new files will be generated in your current directory:
scanme.nmap.org.gnmap
scanme.nmap.org.nmap
scanme.nmap.org.xml
These files correspond to the results of the scan in grepable...