Nmap does not have an option for saving scan results in HTML, however it is easy to get an HTML view of Nmap XML output just by opening the XML file in a web browser. An example is shown in Figure 13.1, “XML output in a web browser”.

How does the web browser know how to convert XML to HTML? An Nmap XML output file usually contains a reference to an XSL stylesheet called nmap.xsl that describes how the transformation takes place.

The XML processing instruction that says where the stylesheet can be found will look something like

<?xml-stylesheet href="/usr/share/nmap/nmap.xsl" type="text/xsl"?>

The exact location may be different depending on the platform and how Nmap was configured.

Such a stylesheet reference will work fine when viewing scan results on the same machine that initiated the scan, but it will not work if the XML file is transferred to another machine where the nmap.xsl file is in a different place or absent entirely. To make the XML styling portable, give the --webxml option to Nmap. This will change the processing instruction to read

<?xml-stylesheet href="http://nmap.org/data/nmap.xsl" type="text/xsl"?>

The resultant XML output file will render as HTML on any web-connected machine. Using the network location in this fashion is often more useful, but the local copy of nmap.xsl is used by default for privacy reasons.

To use a different stylesheet, use the --stylesheet <file> option. Note that --webxml is an alias for --stylesheet http://nmap.org/data/nmap.xsl.

To omit the stylesheet entirely, use the option --no-stylesheet. This will cause web browsers to show the output as a plain, uninterpreted XML tree.