How To: Use Magic Tree to Organize Your Projects

Use Magic Tree to Organize Your Projects

MagicTree is often the go-to tool for data collection and reporting for many pentesters. It organizes data in nodes in a tree-structure which is very efficient at managing host and network data. Reports can be completely customized to meet the user's needs. Also, MagicTree allows you to import XML data and has XSLT transforms for Nessus, Nmap, OpenVas, Burp, Nikto. MagicTree comes pre-installed in Kali.

In this tutorial, I will show you how to use MagicTree to run an Nmap scan and import the results into the tree to be organized.

Step 1: Fire Up Kali and Navigate to MagicTree

Fire up Kali and navigate to Applications> Kali Tools> Reporting Tools> Evidence Management> magictree. A pop up will require you to accept a license agreement. Click 'accept'.

Step 2: Create Node Using Nmap

Click on Note> Autocreate
When prompted, enter the target's IP and click 'ok'

A. Under the 'table view' tap, near the bottom of the screen, you will see the 'Command' box, call nmap and specify the scan you'd like performed. In addition,

B. Specify that you'd like the results to be placed inside an xml file by including the '$' sign followed by the name you'd like to save your result file as followed by '.xml' to specify the type of file you're saving the results as. In my example, I am naming my output file 'results.xml'.

C. Because we've already told MagicTree the IP of my target address, I don't need to include it in nmap. Instead I'll simply use '$host'.

nmap -v -A $results.xml $host

D. Hit the 'Q*' button under 'tree view', then hit run for it to run the nmap commands.

Step 3: Import Scan Results into Tree to Be Organized

Under the 'task manager' tab, once the scan is complete you'll see your .xml file pop up under 'Output files'. Hit the 'import' button and MagicTree will automatically generate the node structure based on the results of nmap.

MagicTree is one of those tools you need to mess with a bit to get it down and appreciate it's full power. I hope you enjoyed this.

Want to start making money as a white hat hacker? Jump-start your hacking career with our 2020 Premium Ethical Hacking Certification Training Bundle from the new Null Byte Shop and get over 60 hours of training from cybersecurity professionals.

Buy Now (90% off) >

Other worthwhile deals to check out:

Join the Next Reality AR Community

Get the latest in AR — delivered straight to your inbox.


I'm having problems. After I put "nmap -v -A $results.xml $host" into the 'command' box, it tells me "You must have at least 1 row to use ENV input mode."

I'm sorry. I forgot a step. I will edit to fix. After you enter those commands you need to hit the 'Q*' button under 'tree view'. Then you can run and it'll work :)*

great post!! thank you for the tip!!!

Great tut but I feel it needs a LOT more details to effectively understand and use this very useful tool. I look forward to you adding to this tut in the future. =)

Share Your Thoughts

  • Hot
  • Latest