Is your feature request related to a problem? Please describe
We're trying to import Nmap scans using the parser and we found that a bunch of data isn't being imported. Specifically, the outputs of scripts that are run on ports are not included in the findings, except for the vulners script.
Since we already create a finding for each port, and the scripts are run per port, I don't see a reason not to include at least the raw output of each script in that finding.
Is your feature request related to a problem? Please describe
We're trying to import Nmap scans using the parser and we found that a bunch of data isn't being imported. Specifically, the outputs of scripts that are run on ports are not included in the findings, except for the vulners script.
Since we already create a finding for each port, and the scripts are run per port, I don't see a reason not to include at least the raw output of each script in that finding.
Describe the solution you'd like
This scan output https://github.com/DefectDojo/django-DefectDojo/blob/master/unittests/scans/nmap/issue4406.xml already has several scripts in it that are ignored, namely "fingerprint-strings" and "rpcinfo". I was asked specifically for data in "ssl-cert" and "smtp-commands".
I think the simplest solution is just to loop over all the scripts (except vulners) and add something like this to the description field:
I'm not picky about the formatting. It shouldn't be too hard to add that to the parser https://github.com/DefectDojo/django-DefectDojo/blob/master/dojo/tools/nmap/parser.py.
Describe alternatives you've considered A clear and concise description of any alternative solutions or features you have considered.
Additional context
Here's an example of a script output from the issue4406.xml file already in the project:
The formatted table data is complicated to import into markdown, but the output should be easy enough.