scandiff :: official homepage


scandiff is an open source utility used for displaying the differences between two machine readable nmap scan logs (both grep and XML output formats). The scans are checked not only for changes in hosts discovered and port states, but also for changes in DNS hostname, OS fingerprint and more.

The results can be presented as plain ascii text or HTML allowing easy integration into email notification systems or HTML based dashboards.

The goal for scandiff was to be fast and use a minimal amount of memory. These qualities are essential for processing large scan files (10Mb to 50Mb) that can quickly consume a system's memory if not handled efficiently.

I started writing scandiff on FreeBSD 4.x machine. I've now tested it on FreeBSD 5.x and 6.x and Slackware Linux 10 with success. I've even heard that it works on Fedora. I haven't had a chance to test on other platforms yet, so if anyone is interested I'd love to hear about experiences with Windows, and Solaris machines.

Scandiff 0.1.9-BETA was released on January 4, 2006. Downloads are available on the SourceForge Project Page.