ndiff 1 ndiff Utility to compare the results of Nmap scans ndiff options a.xml b.xml Ndiff is a tool to aid in the comparison of Nmap scans. It takes two Nmap XML output files and prints the differences between them. The differences observed are: Host states (e.g. up to down) Port states (e.g. open to closed) Service versions (from -sV) OS matches (from -O) Script output Ndiff, like the standard diff utility, compares two scans at a time. -h --help Show a help message and exit. -v --verbose Include all hosts and ports in the output, not only those that have changed. --text Write output in human-readable text format. --xml Write output in machine-readable XML format. The document structure is defined in the file ndiff.dtd included in the distribution. Any other arguments are taken to be the names of Nmap XML output files. There must be exactly two. Report bugs to the nmap-dev mailing list at nmap-dev@insecure.org. Ndiff started as a project by Michael Pattrick during the 2008 Google Summer of Code. Michael designed the program and led the discussion of its output formats. He wrote versions of the program in Perl and C++, but the summer ended shortly after it was decided to rewrite the program in Python for the sake of Windows (and Zenmap) compatibility. This Python version was written by David Fifield. James Levine released a Perl script named Ndiff with similar functionality in 2000. David Fifield david@bamsoftware.com Michael Pattrick mpattrick@rhinovirus.org