/pentest2xlsx

Excel parser for various pentesting tools.

Primary LanguagePythonApache License 2.0Apache-2.0

pentest2xlsx

lang license
bitcoin bitcoin cash ether

pentest2xlsx is a highly modular python script (adding an additional parser is a trivial task) to parse the results from popular tools used by security professionals into Excel workbooks to facilitate the reporting phase of penetration tests, especially useful when dealing with large scopes as customers and testers can make use of Excel powerful filtering capabilities.

Parsers for the following tools have been implemented:

  • nmap
  • testssl

Supported tools

nmap

The following Excel worksheets are generated:

  • Host vs Service
  • Host vs OS
  • OS vs Hosts

Note: The Host vs OS and OS vs Hosts worksheets are only generated when nmap scan results contain OS information (using the -O option).

testssl

The following Excel worksheets are generated:

  • Host vs Certificate (Details)
  • Host vs Certificates
  • Host vs Protocol (Details)
  • Host vs Protocols
  • Host vs Vulnerability (Details)
  • Host vs Vulnerabilities

All testssl worksheets will be autofitted and colorized by conditional formatting.

Installation

$ git clone https://github.com/AresS31/pentest2xlsx
# python -m pip install -r pentest2xlsx/requirements.txt

Usage

Generic usage

usage: pentest2xlsx.py [-h] [-oX OUTPUT_FILE] [-v] {nmap,testssl} ...

Parse the output from various penetration testing tools into an Excel workbook

positional arguments:
  {nmap,testssl}

optional arguments:
  -h, --help            show this help message and exit
  -oX OUTPUT_FILE, -output--xml OUTPUT_FILE
                        output results to a specified <OUTPUT_FILE> in XLSX
                        format
  -v, --verbose         increase verbosity level

nmap usage

usage: pentest2xlsx.py nmap [-h] -iX INPUT_FILES [INPUT_FILES ...]

optional arguments:
  -h, --help            show this help message and exit
  -iX INPUT_FILES [INPUT_FILES ...], --input-xml INPUT_FILES [INPUT_FILES ...]
                        input from nmap file(s) in XML format

testssl usage

usage: pentest2xlsx.py testssl [-h] -iJ INPUT_FILES [INPUT_FILES ...]

optional arguments:
  -h, --help            show this help message and exit
  -iJ INPUT_FILES [INPUT_FILES ...], --input-json INPUT_FILES [INPUT_FILES ...]
                        input from testssl file(s) in JSON format

Possible Improvements

  • Adding new parsers.
  • Adding new worksheets.
  • Source code optimisation.

Donation

  • Via Bitcoin : 15aFaQaW9cxa4tRocax349JJ7RKyj7YV1p
  • Via Bitcoin Cash : qqez5ed5wjpwq9znyuhd2hdg86nquqpjcgkm3t8mg3
  • Via Ether : 0x70bC178EC44500C17B554E62BC31EA2B6251f64B

Licenses

pentest2xlsx

Copyright (C) 2019 Alexandre Teyar

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.