p-l-
commented
4 years ago Sorry to interrupt but... you may want to use IVRE (web site, source code, doc) here. Disclaimer: I'm IVRE's main author, so my opinion is probably biased.
In Masscan, you will get one "host" result (one line in the XML output) per result (open port: one line, collected banner: another line, another open port: another line again). This is mandatory considering how Masscan works.
If you need to "merge" the results, per host, and to export them as an Nmap fully compatible XML format, an option would be to use IVRE.
With IVRE properly installed, you would just need to run:
$ ivre scan2db masscan_file.xml
[optionally, add more input files]
$ ivre db2view nmap
$ ivre view --nmap-xml > nmap_file.xmlThe file nmap_file.xml should work with anything that works with Nmap XML files.
Also, you should probably have a look at IVRE if you want to handle large Masscan results, as it will happily handle many more results than Zenmap would (or other tools that does not rely on a database).
Hope this helps.
re8el
Hi,
i need to import masscan -oX xml output to a tool that supports -oX xml nmap format, but using the output from masscan it does not work. ex: Zenmap, Legion, etc
Masscan xml
Nmap xml
I can supply more info if needed.
thks. R