loading
loading
Utilities
Generate a YAML report from the outputs of multiple tools.
overview
generate-yaml-report reads the JSON that httpx, naabu, nuclei, sslyze, and webanalyze emit and folds all five streams into one ordered YAML document. It keys the report by target and nests each host's open ports, live HTTP response, detected technologies, vulnerability hits, and TLS weaknesses in one block, so five separate result files become a single artifact you can read top to bottom.
A wide recon workflow scatters findings across nodes: open ports in one file, live hosts in another, nuclei matches, certificate problems, and technology fingerprints in three more. This node is where those streams converge. It lines up every finding under the host it belongs to, so the port scan, the HTTP probe, and the vulnerability results for a given target sit together instead of in five places.
On Trickest, generate-yaml-report is a Utilities node that takes the five JSON files as inputs and writes the merged report as a file and a folder. Put it at the tail of a recon pipeline so a run ends with one document a human reviewer or a downstream script can consume.
use cases
End a recon-and-scan pipeline with one YAML file instead of collating httpx, naabu, nuclei, sslyze, and webanalyze output by hand, so every run produces the same report shape.
Line up open ports, live HTTP responses, detected technologies, nuclei matches, and TLS weaknesses under the same target so the full picture of a host sits in one block.
Give an analyst structured YAML they can skim or diff between runs, rather than opening and cross-referencing five raw tool outputs by hand.
Emit one predictable document a ticketing script, notifier, or storage step can parse, instead of wiring each scanner's native format separately.
reference
| Name | Type | Flag | Description |
|---|---|---|---|
| httpx-file | FILE | --httpx | httpx JSONL of live HTTP responses; keys the report and gives each host its ip, url, and status code. |
| naabu-file | FILE | --naabu | naabu JSONL of discovered open ports, listed per host. |
| nuclei-file | FILE | --nuclei | nuclei JSONL of template findings; each becomes a scan entry with template id and severity. |
| sslyze-file | FILE | --sslyze | sslyze JSON; flags TLS weaknesses like heartbleed, ROBOT, and CCS injection per host. |
| webanalyze-file | FILE | --webanalyze | webanalyze JSONL of detected technologies, attached to the matching URL. |
Showing key inputs. generate-yaml-report exposes 5 inputs in total.
example
# merge each scanner's JSON into one reportgenerate-yaml-report --httpx httpx.json --naabu naabu.json --nuclei nuclei.json --sslyze sslyze.json --webanalyze webanalyze.json --output report.yamlexample.com: servers: - ip: 203.0.113.10 url: https://example.com status_code: 200 tech: - nginx scans: - template: CVE-2021-26855 severity: highguidance
Reach for generate-yaml-report at the end of a recon workflow that ran httpx, naabu, nuclei, sslyze, or webanalyze and you want their results in one YAML document. It reports, it scans nothing, so place it after those tools. For raw streaming JSON instead of a merged report, keep each tool's own output.
Slices a list into line ranges. A different utility job, splitting input rather than merging tool output.
Produces the vulnerability JSON this node consumes. Run it upstream, not in place of the report.
Produces the HTTP JSON this node folds in. An input to the report, not a substitute for it.
faq
related
Import, export, and link workflow data with Airtable.
Decode Android APK files into smali sources and resources.
Check a file's values against conditions and exit with a matching code.
Extract all hosted zones from AWS Route53.
Output file lines by batch size, given START_LINE and END_LINE.
Extract a batch range from a file's lines or a folder's files, with parallel processing.
A host list feeds nuclei, whose JSON findings flow into generate-yaml-report, which merges them into a single YAML document written as the workflow's final output.
Facts on this page come from the live Trickest tool library.