Webmap - Nmap Spider Web Dashboard Together With Reporting



Influenza A virus subtype H5N1 Web Dashbord for Nmap XML Report


Usage
You should role this alongside docker, merely past times sending this command:
$ mkdir /tmp/webmap $ docker run -d \          --name webmap \          -h webmap \          -p 8000:8000 \          -v /tmp/webmap:/opt/xml \          rev3rse/webmap  $ # right away y'all tin run Nmap in addition to relieve the XML Report on /tmp/webmap $ nmap -sT -A -T4 -oX /tmp/webmap/myscan.xml 192.168.1.0/24
Now request your browser to http://localhost:8000

Quick in addition to Dirty
$ roll -sL http://bit.ly/webmapsetup | bash

Upgrade from previous release
$ # halt running webmap container $ docker halt webmap  $ # take away webmap container $ docker rm webmap  $ # push clitoris novel ikon from dockerhub $ docker push clitoris rev3rse/webmap  $ # run WebMap $ roll -sL http://bit.ly/webmapsetup | bash

Run without Docker
This projection is designed to run on a Docker container. IMHO it isn't a adept persuasion to run this on a custom Django installation, but if y'all necessitate it y'all tin honour all edifice steps within the Dockerfile.

Features
  • Import in addition to parse Nmap XML files
  • Statistics in addition to Charts on discovered services, ports, OS, etc...
  • Inspect a unmarried host past times clicking on its IP address
  • Attach labels on a host
  • Insert notes for a specific host
  • Create a PDF Report alongside charts, details, labels in addition to notes
  • Copy to clipboard every bit Nikto, Curl or Telnet commands
  • Search for CVE in addition to Exploits based on CPE collected past times Nmap

Changes on v2.1
  • Better usage of Django template
  • Fixed approximately Nmap XML parse problems
  • Fixed CVE in addition to Exploit collecting problems
  • Add novel Network View

PDF Report


XML Filenames
When creating the PDF version of the Nmap XML Report, the XML filename is used every bit document championship on the showtime page. WebMap volition supplant approximately parts of the filename every bit following:
  • _ volition replaced past times a infinite ()
  • .xml volition travel removed
Example: ACME_Ltd..xml
PDF title: ACME Ltd.

CVE in addition to Exploits
thank y'all to the amazing API services past times circl.lu, WebMap is able to looking for CVE in addition to Exploits for each CPE collected past times Nmap. Not all CPE are checked over the circl.lu API, but entirely when a specific version is specified (for example: cpe:/a:microsoft:iis:7.5 in addition to non cpe:/o:microsoft:windows).

Network View


Third Parts

Security Issues
This app is non intended to travel exposed on the internet. Please, DO NOT expose this app to the internet, role your localhost or, inwards instance y'all can't create it, accept attention to filter who in addition to what tin access to WebMap alongside a firewall dominion or something similar that. Exposing this app to the whole meshwork could Pb non entirely to a stored XSS but too to a leakage of sensitive/critical/private informations virtually your port scan. Please, travel smart.

Contributors
This projection is currently a beta, in addition to I'm non super skilled on Django so, every type of contribution is appreciated. I'll cite all contributors inwards this department of the README file.

Contributors List
  • s3th_0x @adubaldo (bug on unmarried host report)
  • Neetx @Neetx (bug on xml alongside no host up)

Contacts
In social club to have updates virtually this project, delight follow me on twitter:
Twitter: @Menin_TheMiddle
YouTube: Rev3rseSecurity