!Disclaimer: this is not nmap wrapper it's a standalone scanner made due to work process organisation and to automate/extend scanning routines as one instrument.
This is POC made as one-package monolith intentionally as this form will be simpler to maintain and support for the specific users who are customers here.
This version will be fixed as beta and won't be supported from the beta state.

The POC as the NVD parser for CVEs, CPEs and CWEs with all and known/used exploits.
The parser will be able to work in offline mode (for the closed networks) and online if you need it.
So, here is a huge work on go, just wait for a month and don't look into it yet.

The NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. The NVD includes databases of security checklist references, security related software flaws, misconfigurations, product names, and impact metrics.

Originally created in 1999 (called Internet - Categorization of Attacks Toolkit or ICAT), the NVD has undergone multiple iterations and improvements and will continue to do so to deliver its services. The NVD is a product of the NIST Computer Security Division, Information Technology Laboratory and is sponsored by the Cybersecurity & Infrastructure Security Agency.

The NVD performs analysis on CVEs that have been published to the CVE Dictionary. NVD staff are tasked with analysis of CVEs by aggregating data points from the description, references supplied and any supplemental data that can be found publicly at the time. This analysis results in association impact metrics (Common Vulnerability Scoring System - CVSS), vulnerability types (Common Weakness Enumeration - CWE), and applicability statements (Common Platform Enumeration - CPE), as well as other pertinent metadata. The NVD does not actively perform vulnerability testing, relying on vendors, third party security researchers and vulnerability coordinators to provide information that is then used to assign these attributes. As additional information becomes available CVSS scores, CWEs, and applicability statements are subject to change. The NVD endeavors to re-analyze CVEs that have been amended as time and resources allow to ensure that the information offered is up-to-date.

1. Fill JSON by keywords in ./assets/keywords.json file.

{
  "devices": ["Grandstream", "Mikrotik", "Cisco"],
  "javalibs": ["lib4j"]
}

Devices and libraries are separated as it shown in the example above.

go build -o gonmap
./gonmap or ./gonmap -m filljson - as 'filljson' is the default mode

2. Filling XLXS file with CVEs, CWEs and CPEs by device keywords.
   It was critical first customer's requirement as they have a report system in XLXS.

go build -o gonmap
./gonmap -m savexlxs

3. Port scanner.
   So, the necessity in my own scanner was held due to the overwhelming functionality in nmap which wasn't used by closed networks, and connected runtime with it.
   Nmap port policy wasn't satisfied for me as well, so I've made up my own algorithm based on port-weight (still inProgress) due to my pentest practice.
   One more reason is absolutely not satisfied nmap output format, which is absolutely various for different use-cases and hard automation connected to it (Still in development, only scanner is available).
   On the Alpha0.0016 stage few more flags were added:

 -n - means Network mode. Default set is 'false' so that scanner should work in the local network only  
 ! Important, you should pre-fill JSON assets with your network devices.  
 -v - verbose, setting up more wide logs mode for debugging purpose.  
 -cp - CVEs report by ports. Actually not recommending to use it as there will be a mess  
 in the logs with this key. It's just finding all CVE's by port and there is a HUGE number of 'em.
 -r - The count of CVEs for one report per socket (IP:PORT). Default value equals 5.
 -f - Flag to set output to syslog for logstah-elastic log organisation

go build -o gonmap
./gonmap -m scanner -u <target_url(s)> -p <target_port(s)> -v (verbose)
./gonmap -m scanner -u 127.0.0.1 -p 22,23
./gonmap -m scanner -u 127.0.0.53 -p 22,23,44,5001
./gonmap -m scanner -u 127.0.0.0/24 -p top -v - where 'top' is a top ports from nmap

4. Software scanner for CVEs
   Scanning different antivirus reports in CSV format with data on software.
   Added as it is requirement from the main customer.

So, NVD parser will work in few possible ways as I see it now:

• Knowledge base for the known/used CVEs, CWEs, CPEs in a comfortable view.
  Now, I see all the views as a comfortable to use spreadsheets as XLXS (Ready), GoogleSheets or maybe the Airtable to have all needed functions for data processing.
• Knowledge base for the all CVEs, CWEs and CPEs made by device(s) for the network monitoring.
  Now, I see all the views as a comfortable to use spreadsheets as XLXS (Ready), Google or maybe the Airtable to have all needed functions for data processing.
  (Actually working on it, the data grabber is ready, view is on to go).
• Libraries analyser as a linter for the corporate projects with a comfortable security report as a part of your CI/CD process with an optimal runtime.