Introducing scans2any: A Smarter Way to Merge Network Scans

19.03.2025 Wilfried Kirsch, Fabian Hafner, David Boelke

Handling large-scale network scans can be a nightmare. Whether you're assessing the security of an enterprise infrastructure or running multiple scanning tools for better coverage, you're often left with scattered results in various formats. Each scanner has its strengths, but combining their outputs manually is tedious, error-prone, and becomes infeasible with large scan targets.

That's where scans2any comes in.

Developed in-house at softScheck , scans2any is a lightweight yet powerful tool that parses, merges, and reformats scan results into a single, cohesive dataset. And the best part? We’re releasing it as open-source so the entire security community can benefit.

Overview of supported in and output formats
Overview of supported in and output formats

Why Use scans2any?

  • Merge scans from multiple tools – Supports Nmap, Masscan, Nessus, Aquatone, BloodHound, NetExec and more.
  • Flexible output formats – Export results as JSON, CSV, XML, Markdown, HTML, YAML, Excel, LaTeX, Typst and more.
  • Easy to customize using filters to allow or block certain services/IPs/hostnames, filter empty hosts and more.
  • Handles conflicts smartly – Automatically resolves inconsistencies between scans or lets you define custom rules.
  • Designed for scale – Works seamlessly with large infrastructure scans.
  • Open-source & extensible – Customize it for your own workflows.

How It Works

Using scans2any is straightforward. Simply pass in multiple scan results, and it will unify the data into a structured format of your choice. Here’s a quick example:

scans2any --nmap tcp_scan.xml --nmap udp_scan.xml --nessus scan.nessus -w json | jq

Need only the IP-addresses, hostnames and ports as CSV for reporting?

scans2any --nmap nmap-scans-dir -c ip-addresses,hostnames,ports -w csv -o out.csv

Want to create a list of URLs for all HTTP servers?

scans2any --nmap nmap-scans-dir --enable-filter services_allowlist --allowlist http -w url

Create a nice full-blown hosts tables of your whole infrastructure scan for your Typst report?

scans2any --nmap nmap-scans --bloodhound computers.json --nessus scan.nessus --nxc smb.db --txt dns.txt \
          --multi-table -w typst -o hosts.typ

Got conflicting data? scans2any detects inconsistencies and generates a MERGE_FILE.yaml, allowing you to fine-tune the final results.


Get Started

🚀 Ready to streamline your network scan analysis? Download scans2any today and start merging like a pro!
🔗 Check out the GitHub repo for installation instructions and documentation.
💡 Have feedback or ideas? Join the discussion and help us improve scans2any!


Read about other interesting topics on our blog.