i WEBMAP – A Web Dashboard for Nmap XML Report – All things in moderation

WEBMAP – A Web Dashboard for Nmap XML Report


You should use this with docker, just by sending this command:

$ mkdir /tmp/webmap
$ docker run -d \
         --name webmap \
         -h webmap \
         -p 8000:8000 \
         -v /tmp/webmap:/opt/xml \

$ # now you can run Nmap and save the XML Report on /tmp/webmap
$ nmap -sT -A -T4 -oX /tmp/webmap/myscan.xml

Now point your browser to http://localhost:8000

Quick and Dirty

$ curl -sL http://bit.ly/webmapsetup | bash

Upgrade from previous release

$ # stop running webmap container
$ docker stop webmap

$ # remove webmap container
$ docker rm webmap

$ # pull new image from dockerhub
$ docker pull rev3rse/webmap

$ # run WebMap
$ curl -sL http://bit.ly/webmapsetup | bash

Run without Docker
This project is designed to run on a Docker container. IMHO it isn’t a good idea to run this on a custom Django installation, but if you need it you can find all building steps inside the Dockerfile.

– Import and parse Nmap XML files
– Statistics and Charts on discovered services, ports, OS, etc…
– Inspect a single host by clicking on its IP address
– Attach labels on a host
– Insert notes for a specific host
– Create a PDF Report with charts, details, labels and notes
– Copy to clipboard as Nikto, Curl or Telnet commands
– Search for CVE and Exploits based on CPE collected by Nmap

PDF Report

Network View

Third Parts
– Django
– Materialize CSS
– Clipboard.js
– Chart.js
– Wkhtmltopdf
– API cve.circl.lu
– vis.js

Security Issues
This app is not intended to be exposed on the internet. Please, DO NOT expose this app to the internet, use your localhost or, in case you can’t do it, take care to filter who and what can access to WebMap with a firewall rule or something like that. Exposing this app to the whole internet could lead not only to a stored XSS but also to a leakage of sensitive/critical/private informations about your port scan. Please, be smart.

This project is currently a beta, and I’m not super skilled on Django so, every type of contribution is appreciated. I’ll mention all contributors in this section of the README file.

The HTML template changes often. This video could not be up to date with the latest version.

One Response

  1. Srichakradhar Reddy Nagireddy April 11, 2019

Leave a Reply