1 comment

[ 2.6 ms ] story [ 15.1 ms ] thread
I built this after running into the same issue with Nmap: once scans get larger, the bottleneck isn’t collecting data, it’s figuring out what actually matters.

This is a small, dependency-free approach: a single XSLT that turns Nmap XML into an interactive HTML report using xsltproc.

The focus is on triage rather than listing everything: * highlighting unusual hosts based on service rarity * grouping services by version to spot drift * simple views to make patterns easier to see

Curious how others handle post-scan triage, especially in constrained environments