Script designed to generate a report from the nmap execution results. Specifically, the information from the output in nmap XML format is filtered to dump the vulnerabilities found in the scanned network into an Excel file.
How to use:
Installation:
Firstly, clone the repository in the /opt folder and change the owner of the downloaded folder. Then, you have to change to /opt/active-inventory-generator to continue the installation. Before that, it is recommended to create a virtual environment for installing the script dependencies. A quick way to create a virtual environment can be to use the 'virtualenv' command. Example of use:
cd /opt
sudo git clone https://github.com/juanse77/active-inventory-generator
sudo chown [user]:[group] -R active-inventory-generator
python -m virtualenv .envThis will create a virtual environment in the '.env' subfolder. Next, the environment must be activated by executing the command:
source ./.env/bin/activate # in LinuxNext, you must install the script dependencies, executing:
python -m pip install -r requirements.txtFor complete installation, you need to edit the ~/.bashrc in shell bash or ~/.zshrc to add the application folder to the PATH. Insert this line to the file:
export PATH=$PATH:/opt/active-inventory-generatorYou must run this command to activate the change if you just added the line. This will not be necessary on subsequent system reboots.
source ~/.bashrc # in shell bash
or
source ~/.zshrc # in shell zshWith this initial configuration you are now ready to run the application.
Running the application:
Running the application is as simple as launching the python script by calling the interpreter and passing it an XML file with the results of an nmap scan. For example, as follows:
python active-inventory-generator.py scanned-network.xml excel-file-name.xlsxRunning with integrated Nmap:
You can also run the application through the 'extended-nmap.sh' script. This script will execute the nmap command and then the filter script for the xml document generated, and pass it the parameters that you want Nmap to take as input, followed by the name of the excel file that will be generated if all goes well.
sudo chmod +x extended-nmap.sh
# If you are in the application folder and/or the application folder is not in the PATH
./extended-nmap.sh "-Pn -sCV --script vuln --top-ports 100 -iL stored-ips" excel-file-name.xlsx
# If the application folder is in the PATH
extended-nmap.sh "-Pn -sCV --script vuln --top-ports 100 -iL stored-ips" excel-file-name.xlsxOnce the execution is complete, an excel file should have been generated in the same folder from where the script was executed.
New utilities added in version 2:
A shell bash script has been modified for sending alerts during the sequential execution of nmap and the active inventory generator steps. During the progress of the execution, messages to Slack and email addresses will be sent.
How to use:
For it to work, it is necessary to have a valid file with three environment variables: EMAIL_ADDRESS, EMAIL_PASSWORD, and WEB_HOOK. EMAIL_ADDRESS and EMAIL_PASSWORD have to define a valid Gmail email and its application password of sixteen characters. The WEB_HOOK variable is a URL for the Slack channel to be published. For the script to be executed you need to pass the parameters of the nmap that will be used, the name of the excel file that will be created, and the email or the list of emails you want to send the generated excel file to. For example:
./extended-nmap.sh "-Pn -sCV --script vuln --top-ports 100 -iL stored-ips"
excel-file-name.xlsx recipient1@domain.com,recipient2@domain.com,recipient3@domain.comThe environment variables will be read from a file called 'environment_vars.env'. An example of that file could be like this:
EMAIL_ADDRESS="user@domain.com"
EMAIL_PASSWORD="emirhsalownernjk"
WEB_HOOK="https://hooks.slack.com/services/XXXXXX/XXXXXXXXXXXX"
export EMAIL_ADDRESS
export EMAIL_PASSWORD
export WEB_HOOKDeployment with Docker:
In the project folder there is a script called extended-nmap-docker.sh to run the application using a docker container. For which, you must first give it execution permissions.
sudo chmod +x extended-nmap-docker.shFor this script to work, you must have the Docker application installed. When the script is executed, an image will be created, using the Dockerfile configuration file from the same project folder, and then a volatile container will be launched that will be responsible for executing the application.
The script accepts the same parameters as the extended-nmap.sh script, and if the PATH has been set correctly, it will work the same as the original script.
# If the application folder is in the PATH
extended-nmap-docker.sh "-Pn -sCV --script vuln --top-ports 100 -iL stored-ips" excel-file-name.xlsx recipient1@domain.com,recipient2@domain.com,recipient3@domain.comDonate:
If you like the tool, please support us with a coffee ;D