— 1 minute read

nmap is a highly sophisticated and widely used port scanner. It scans a single host or a group of hosts for open TCP and UDP ports. This allows administrators to verify firewall and port filter configurations. nmap-analyze is a very simplistic tool that helps to ease this verification process. Basically, it takes nmap’s scan results as XML, compares these results for each host scanned with a specification, and reports all deviations. nmap-analyze supports both, human readable as well as JSON output. The later can be used for further post-processing.

nmap-analyze needs three inputs: 1. nmap scan results in XML format, 2. a mapping of IP addresses to ports specifications, and 3. the port specifications. The mapping allows you to define groups of hosts that are mapped to the same port specification.