The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new phishing campaign orchestrated by the Russia-linked APT28 group to deploy previously undocumented malware such as OCEANMAP, MASEPIE, and STEELHOOK to harvest sensitive information. The activity, which was detected by the agency between December 15 and 25, 2023, targeted Ukrainian government entities and […]
nmapAutomatorA script that you can run in the background! SummaryThe main goal for this script is to automate all of the process of recon/enumeration that is run every time, and instead focus our attention on real pen testing.This will ensure two things:1) Automate nmap scans. 2) Always have some recon running in the background.Once you […]
Nmap Automator is a great tool for initial port scans of a given ip address. It automates the scan techniques which I use on each host, I selected it over any other similar tool since it avoids unnecessary scanning. Installation and usage git clone https://github.com/21y4d/nmapAutomator After adding the vulners.nse nmap script to the right directory […]
LiveTargetsFinder Generates lists of live hosts and URLs for targeting, automating the usage of Massdns, Masscan, and nmap to filter out unreachable hosts Given an input file of domain names, this script will automate the usage of MassDNS to filter out unresolvable hosts, and then pass the results on to Masscan to confirm that the […]
vulnerability scanner tool is using nmap and nse scripts to find vulnerabilitiesThis tool puts an additional value into vulnerability scanning with nmap. It uses NSE scripts which can add flexibility in terms of vulnerability detection and exploitation. Below there are some of the features that NSE scripts provide Network discovery More sophisticated version detection Vulnerability […]
Trigmap is a wrapper for Nmap. You can use it to easily start Nmap scan and especially to collect informations into a well organized directory hierarchy. The use of Nmap makes the script portable (easy to run not only on Kali Linux) and very efficient thanks to the optimized Nmap algorithms. Trigmap can performs several […]
A Web Dashbord for Nmap XML Report Usage You should use this with docker, just by sending this command: $ mkdir /tmp/webmap $ docker run -d –name webmap -h webmap -p 8000:8000 -v /tmp/webmap:/opt/xml rev3rse/webmap $ # now you can run Nmap and save the XML Report on /tmp/webmap $ nmap -sT -A -T4 -oX […]
Use You should use this with docker. According to digital forensics specialists from the International Institute of Cyber Security, all you have to do is send this command: $ mkdir /tmp/webmap $ docker run -d –name webmap -h webmap -p 8000:8000 -v /tmp/webmap:/opt/xml rev3rse/webmap $ # now you can run […]
Automates some pentesting work via an nmap XML file. As soon as each command finishes it writes its output to the terminal and the files in output-by-service/ and output-by-host/. Runs fast-returning commands first. Please send me protocols/commands/options that you would like to see included. HTTP whatweb WPScan (only if whatweb returns a WordPress result) EyeWitness […]
As the title itself states, nmap-xsl-bootstrap, a brand-new utility or, better to say an Nmap hack, that helps in beautifying the regular Nmap output which comes out of your Nmap scans. This output is often fairly unpleasing to the eye since it is difficult to be read if the infrastructure is so large. Furthermore these […]
FireShodanMap is a Realtime map that integrates Firebase and Shodan. A search is carried out using Shodan searching vulnerable devices and they are showed on the map for analysis. All data updated in Firebase are Realtime. Changes We have a file named “fireshodan.py” responsible for fill Firebase database, we need to change: [+] FILE_WITH_KEY.json (Open […]
Nmap (“Network Mapper”) is a free and open source utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on […]
The Nmap Scanner for Telco. With the current focus on telecom security, there used tools in day to day IT side penetration testing should be extended to telecom as well. From here came the motivation for an nmap-like scanner but for telco The current security interconnect security controls might fail against reconnaissance , although mobile […]
Halcyon IDE lets you quickly and easily develop scripts for performing advanced scans on applications and infrastructures with a range from recon to exploitation capabilities. It is the first IDE released exclusively for Nmap script development. Halcyon IDE is free and open source project (always will be) to provide an easier development interface to rapidly growing […]
Use nmap to scan hidden “onion” services on the Tor network. Minimal image based on alpine, using proxychains to wrap nmap. Tor and dnsmasq are run as daemons via s6, and proxychains wraps nmap to use the Tor SOCKS proxy on port 9050. Tor is also configured via DNSPort to anonymously resolve DNS requests to port 9053. […]
BruteSpray takes nmap GNMAP/XML output and automatically brute-forces services with default credentials using Medusa. BruteSpray can even find non-standard ports by using the -sV inside Nmap. Installation pip install -r requirements.txt On Kali: apt-get install brutespray Usage First do an nmap scan with -oG nmap.gnmap or -oX nmap.xml. Command: python brutespray.py -h Command: python brutespray.py –file nmap.gnmap […]
Vulscan is a module which enhances nmap to a vulnerability scanner. The nmap option -sV enables version detection per service which is used to determine potential flaws according to the identified product. The data is looked up in an offline version scip VulDB. Version 2.0 of Nmap NSE Vulscan is available online. This major release […]
BruteSpray takes nmap GNMAP/XML output and automatically brute-forces services with default credentials using Medusa. BruteSpray can even find non-standard ports by using the -sV inside Nmap. Usage First do an nmap scan with -oG nmap.gnmap or -oX nmap.xml. Command: python brutespray.py -h Command: python brutespray.py –file nmap.gnmap Command: python brutesrpay.py –file nmap.xml Command: python brutespray.py […]
Today in this tutorial we will have a look at how we can use Nmap (Which stands for Network Mapper )in Kali Linux to scan for open ports. To do this, we will use OS detection. Nmap is an open source tool that can be used for network exploration and security auditing. This comes standard […]
Running Nmap on Windows is not as difficult or problematic as it was in the past. Nmap is supported on Windows 7 and higher with performance close to if not quite as good as Linux based operating systems. The majority of users still do use *nix based systems however a good number of people use […]
Live hosts detection is a very important tool for every penetration tester and ethical hacking. In this tutorial we are going to use Nmap in Kali Linux to scan the network for live hosts. You can use the command ifconfig to determine which IP range you will be scanning for live hosts. We will be […]