zgrab2
zgrab2 copied to clipboard
zmap
Question Regarding Modification of ZGrab 2.0 Output Content
I have read the "ZGrab 2.0 schemas for zschema" documentation but I am not sure if I have understood it correctly. What is the role of the {protocol}.py files located in zgrab2_schemas/zgrab2? Do they only take effect when used with the zschema command? I ask because my modifications to zgrab2.py and http.py in that directory didn't seem to have any impact on the output.
I am looking to conduct some HTTP scans, but the extensive output of ZGrab 2.0 is causing issues with my disk space. Therefore, I am trying to simplify the output. Aside from modifying ZGrab 2.0’s output directly, do you have any other suggestions?
Thank you for your assistance.
I have read the "ZGrab 2.0 schemas for zschema" documentation but I am not sure if I have understood it correctly. What is the role of the {protocol}.py files located in zgrab2_schemas/zgrab2? Do they only take effect when used with the zschema command? I ask because my modifications to zgrab2.py and http.py in that directory didn't seem to have any impact on the output.
I believe the schemas are mainly for third-party tools to reference and for regression testing (not certain, but I'm not aware of them impacting what zgrab2 emits)
I am looking to conduct some HTTP scans, but the extensive output of ZGrab 2.0 is causing issues with my disk space. Therefore, I am trying to simplify the output. Aside from modifying ZGrab 2.0’s output directly, do you have any other suggestions?
Not sure what you mean by "aside from modifying .. output directly"
You could use something like this to reshape the output before writing it to disk:
zgrab2 ... | jq "<expression>"
That may be your only option, aside from some of the module-specific flags - but those are pretty limited to adding or removing a specific field, not for fully defining the output
I have read the "ZGrab 2.0 schemas for zschema" documentation but I am not sure if I have understood it correctly. What is the role of the {protocol}.py files located in zgrab2_schemas/zgrab2? Do they only take effect when used with the zschema command? I ask because my modifications to zgrab2.py and http.py in that directory didn't seem to have any impact on the output.
I believe the schemas are mainly for third-party tools to reference and for regression testing (not certain, but I'm not aware of them impacting what zgrab2 emits)
I am looking to conduct some HTTP scans, but the extensive output of ZGrab 2.0 is causing issues with my disk space. Therefore, I am trying to simplify the output. Aside from modifying ZGrab 2.0’s output directly, do you have any other suggestions?
Not sure what you mean by "aside from modifying .. output directly"
You could use something like this to reshape the output before writing it to disk:
zgrab2 ... | jq "<expression>"That may be your only option, aside from some of the module-specific flags - but those are pretty limited to adding or removing a specific field, not for fully defining the output
Thank you very much. My English is not very good, so there were some issues with my previous expression. I later modified the modules/http/scanner.go file to achieve simplified output. However, I'm still unclear about what the {protocol}.py files are for. It seems that they should be able to control the output content, but I haven't figured out how to use them. Regardless, my issue is now resolved.
Based on reading some work @phillip-stephens is doing, I see now that the schemas are indeed for regression testing - there is not anything you can do with them that will influence zgrab2 output
I think this can be closed