Since the initial release of scans2any, we
have been hard at work making it faster, smarter, and more flexible. Version 1.0
is a major step forward — packed with new features, a completely rewritten core
engine, and quality-of-life improvements that make working with large-scale
infrastructure scans easier than ever.
Persistent Project Databases
Parsing hundreds of scan files takes time. With the new -p / --project flag,
scans2any automatically saves parsed infrastructure into a local SQLite
database. On subsequent runs, it reloads instantly — no re-parsing required.
# First run: parses everything and saves to myproject.db
scans2any -p myproject --nmap scans/ --nessus report.nessus
# Later: loads from the database in milliseconds
scans2any -p myproject -w html -o report.html
This is a game-changer for iterative workflows where you keep refining filters, columns, or output formats on the same dataset.
The New Column Filter
The old host_filter and service_filter have been replaced by a single, far
more powerful column filter (-C). It lets you match any column by regex,
negate patterns, and chain multiple conditions:
# Keep only HTTP services
scans2any --nmap scan.xml -C 'Services:(?i)http$'
# Exclude Linux hosts
scans2any --nmap scan.xml -C 'OS:!linux'
# Display all hosts with SMB services, keeping all their services and related columns (host mode)
scans2any --nmap scan.xml -Ch 'Services:smb'
# Keep only SSL vulnerabilities from a Nessus report
scans2any --nessus scan.nessus -c IP-Addresses,Vulnerability-Type -Cv 'Vulnerability-Type:SSL Version'
# Chain conditions (logical AND): SSH without "OpenSSH" in the banner
scans2any --nmap scan.xml -C 'Services:(?i)ssh Banners:!OpenSSH'
Two additional modes give you fine-grained control:
- Value mode (
-Cv): trims multi-value fields to only the matching entries, so each row shows exactly what you asked for. - Host mode (
-Ch): keeps the entire host (with all its services) if any service matches.
You can also filter by a file of IPs or hostnames with --hosts-file:
scans2any --nmap scan.xml --hosts-file targets.txt
A Beautiful New Interface
The terminal output has been completely redesigned. By default, scans2any now
shows you exactly what matters — clean, focused progress updates without the
noise. Want more detail? Just add -v for verbose mode or -vv for full debug
output.
Behind the scenes, we’ve swapped out tqdm for the excellent rich library,
bringing you:
- Non-blocking progress bars that update smoothly without interrupting other output
- Live status spinners that keep you informed during long operations
- Smart terminal integration that plays nicely with modern emulators
The result? A tool that feels responsive and polished, whether you’re processing a handful of files or orchestrating massive multi-parser workflows. It’s the kind of upgrade you notice immediately — and appreciate every time you run it.
Custom Columns and Trusted Fields
Parsers can now expose custom fields through the -c flag. Nessus scans, for
example, can export the vulnerability type alongside the usual columns:
scans2any --nessus scan.nessus -c +Vulnerability-Type
A new trusted fields system ensures that high-confidence parsers (like Bloodhound or Aquatone) don’t get their data overwritten when merging with less reliable sources. The result: more accurate combined output without manual intervention.
Performance: Rewritten From the Ground Up
This release delivers dramatic speedups across every phase of the pipeline:
- Smarter host merging — hosts sharing IPs or hostnames are now combined much more efficiently, making large datasets feasible where they weren’t before.
- Faster startup — heavy libraries are only loaded when actually needed, cutting startup time by ~50% for quick operations.
- 20x faster test suite — a reworked test harness runs the full suite in a fraction of the time.
- Adaptive File Parsing: Automatically switches to multi-process parsing for large batches of files to bypass the Python GIL.
Under the hood, core data structures now use Pydantic models for validation and serialization, improving reliability and making the codebase easier to extend.
Breaking Changes
The host_filter and service_filter have been removed. Both are fully
replaced by the new column filter:
| Old | New |
|---|---|
--enable-filters host_filter --hosts-regex ".*\.example\.com" | -C Hostnames:.*\.example\.com |
--enable-filters service_filter --service-regex "http.*" | -C Services:http.* |
Get Started
Upgrade to v1.0 today and experience the fastest, most flexible scans2any yet.
Check out the GitHub repo for
installation instructions and full documentation. Have feedback or ideas? Open
an issue or join the discussion — we’d love to hear from you!
Read about other interesting topics on our blog.