NmapX is an intelligent, mission-driven automation framework for Nmap that transforms raw reconnaissance data into actionable security insights. It's designed for penetration testers, security researchers, and system administrators who need powerful, flexible network scanning with minimal manual effort.
- Mission-Based Scanning: Define security goals in plain English; NmapX maps them to optimized Nmap workflows
- Guided Recon Actions: Walk through structured reconnaissance workflows step-by-step
- Scan Profiles: Pre-configured profiles for common scenarios (fast, default, safe, full)
- NSE Script Integration: Leverage Nmap's scripting engine with curated script catalogs
- Smart Intent Matching: AI-powered ranking of reconnaissance intents based on your objectives
- Result Diffing: Compare scan results and identify changes between runs
- Interactive Console: Numbers-only menu-driven interface for hands-free operation
- JSON/XML Output: Structured result storage for integration with other tools
- Workflow Persistence: Save and replay scan workflows for reproducibility
Install NmapX directly from the repository using pip:
pip install -e .Or install from PyPI (when published):
pip install nmapx- Python 3.9+
- Nmap 7.80+ - Must be installed and available in your system PATH
- Download: https://nmap.org/download.html
Verify Nmap installation:
nmap --versionStart the interactive console:
python -m nmapx.mainOr use direct commands:
nmapx scan --target 127.0.0.1 --profile default
nmapx ask --target localhost --intent host-presence
nmapx guide --target 192.168.1.0/24Intents represent high-level security goals (e.g., "Check if host is reachable", "Find all exposed services"). NmapX matches intents to optimized Nmap workflows.
Pre-configured scan templates:
- fast: Quick top-port discovery
- default: Balanced service detection
- safe: Safe enumeration with default scripts
- full: Comprehensive TCP exposure mapping
Interactive state machine where you set a target, define a goal, and let NmapX recommend or execute matching workflows.
nmapx/
├── cli.py # CLI entry point
├── main.py # Interactive console launcher
├── core/
│ ├── application.py # Core business logic
│ ├── planner.py # Workflow planning
│ ├── parser.py # Nmap XML parsing
│ ├── scan_service.py # Nmap execution
│ ├── presenter.py # Output rendering
│ └── ...
├── models/
│ └── scan.py # Data models
├── utils/
│ └── logger.py # Logging utilities
└── nse/
└── scripts/ # NSE script profiles
# Create virtual environment
python -m venv venv
# Activate it
# On Windows:
venv\Scripts\activate
# On Linux/Mac:
source venv/bin/activate
# Install with dev dependencies
pip install -e ".[dev]"pytestblack nmapx/
pylint nmapx/
mypy nmapx/nmapx scan --target example.com --profile fastnmapx guide --target 10.0.0.5
# Follow the interactive promptsStart the console and use the mission flow:
selection > 1 # Select target
selection > 2 # Guided recon actions
selection > [follow prompts]
nmapx diff
# Shows differences between the two most recent scansThe application stores results and logs in:
nmapx/data/results/- Scan result files (JSON/XML)nmapx/data/logs/- Execution logs
See pyproject.toml for a complete list. Main dependencies:
- rich: Terminal rendering and rich output formatting
- typer: CLI framework
- pydantic: Data validation
- lxml: XML parsing for Nmap output
Contributions are welcome! Please:
- Fork the repository
- Create a feature branch (
git checkout -b feature/my-feature) - Commit changes (
git commit -am 'Add my feature') - Push to branch (
git push origin feature/my-feature) - Open a Pull Request
NmapX is a security testing tool. Only use it on networks and systems you own or have explicit permission to test. Unauthorized network scanning may be illegal.
MIT License - See LICENSE file for details
- Issues: Report bugs and feature requests on GitHub
- Discussions: Join community discussions for questions and ideas
Built for security professionals