Report stylesheet builds on Benjamin Erb’s nmap.xsl // license disclaimer //
Copyright (c) 2004-2006 Benjamin Erb
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. The name of the author may not be used to endorse or promote products
derived from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
Put pen-test outputs in one folder, run a short CLI, open one HTML report—merged scans, evidence, optional ASCII banner. PDF when you want slides (16:9) or a DIN-style A4 document.
- Python 3.8+
xsltproc(e.g.sudo apt install xsltprocon Debian/Kali)- Chromium or Chrome on PATH for PDF
No pip dependencies.
git clone https://github.com/CosmicSlothOracle/evidence2html.git
cd evididencetohtml
python3 evidence2html.pyPick your evidence folder and report name; the tool merges what it finds and opens the report.
- Scope — Target, timing, counts, tools; edit in the browser.
- Themes & ASCII — Sidebar looks; optional banners from
ascii_arts/(bundled or next to your run).
- Port matrix — Services, versions, extra fields, analyst notes, and command context per port.
- Editor - Edit style however you seem fit
-Notes - Export and autoformat after DIn5008 all notes and edits
-Attention - ! EDITS and NOTES live only in your BROWSERCACHE ! - ! CLEAR YOUR CACHE YOU WILL LOOSE ALL EDITS ! - If there is new evidence to be added after editing rerun evidence2html.py match the absolute path (DIR+NAME must match) and open the browser you used to edit.
- Evidence — Expandable items; edit titles and text;
E1…Enin notes for jump links. Optional risk views for richer PDF annexes.
-Risk-Evaluation - Run automated Risk assesements accordingly to NIST ISO BSI extracted only when nuclei evidence present - CVEE can be imported manually and appended to the export
- Export — Export clean DIN5008 PDF Security Report
-Export - A 16x9 html export
my_run/
scan_tcp.xml
scan_udp.xml
nuclei.json # optional
evidence_ffuf_*.json
evidence_*.txt
ascii_arts/ # optional; or use repo ascii_arts/
alice.txt
There are name conventions that need to be met or the script will not pick up that file
Practical names for a TCP sweep: anything like scan_tcp.xml, nmap_tcp.xml, or nmap_20260325.xml works. Using -oX (XML) is what you want.
Example (TCP SYN sweep, XML out):
nmap -sS -Pn -p 1-65535 -T4 --min-rate 500 10.0.0.1 -oX /path/to/evidence/scan_tcp.xml
evidence2html.py must be expanded for more naming conventions to work.
> > > ("scan_*.xml", "nmap*.xml", "portscan.xml", "services.xml", "merged_scan_*.xml") < < <
evidence2html.py — CLI and merge. cosmic_clean.xsl — report page. pdf_export.py — scripts cover CVE lookup and risk annex math if needed.
Easiest use is still the workflow evidence2html.py
Confusion is just friction anything unclear let me know :) Anyone reporting a issue,bug or suggestions will qualifie for eternal bliss.
MIT










