I recently (May 2018) published odle which is a Ruby gem and binary that takes XML data from various security tools and outputs their JSON equivalent. The goal is to be (1) simple, (2) fast, and (3) work on many platforms with only one dependency – nokogiri.
Below are two examples using odle to convert output from one tool (e.g. burpsuite) as input for something else (e.g. nmap scans). From the command line I typically use odle with gron which is an awesome tool that “makes json greppable” =).
Convert Burp to nmap script scan
Often I will take the passive data from one tool and feed it into another tool. One example is burp to something else; in this case, nmap script checks.
cat burp-scan.xml | odle --burp | gron | grep -i 'affected_hosts' | cut -d \" -f4 | cut -d/ -f3 | cut -d' ' -f1 | sort | uniq | xargs printf "nmap -sS -Pn -p 21 --script +ftp-anon %s \n"
nmap -sS -Pn -p 21 --script +ftp-anon apis.google.com
nmap -sS -Pn -p 21 --script +ftp-anon developer.cdn.mozilla.net
nmap -sS -Pn -p 21 --script +ftp-anon fakesite.com
nmap -sS -Pn -p 21 --script +ftp-anon fonts.googleapis.com
nmap -sS -Pn -p 21 --script +ftp-anon safebrowsing-cache.google.com
nmap -sS -Pn -p 21 --script +ftp-anon safebrowsing.google.com
Run nessus results through aquatone
cat nessus_v2.xml | odle --nessus | ~/Downloads/gron | grep -i 'affected_hosts' | cut -d \" -f4 | cut -d/ -f3 | cut -d' ' -f1 | sort | uniq | xargs printf "aquatone --discover %s \n"
aquatone --discover admin.fb.com
aquatone --discover js.fb.com
aquatone --discover blah.fb.com
Install
gem install nokogiri
gem install odle
Bugs
I am sure there are plenty. Please submit an issue if you find one or if you would like to see other supported tools. I am also interested in inconsistencies between outputs, missing data, and other issues if you see them.