Nmap is released under a custom license, which is based on (but not compatible with) GPLv2. The Nmap license allows free usage by end users, and we also offer a commercial license for companies that wish to redistribute Nmap technology with their products. See Nmap Copyright and Licensing for full details.Full documentation is also available on the Nmap.org website.
c-plus-plus security port-scanner machine-learning osx network-discovery service-discovery asynchronous socket nmap libpcap pcre netcat pingA reconnaissance tool made for the OSCP labs to automate information gathering and service enumeration whilst creating a directory structure to store results, findings and exploits used for each host, recommended commands to execute and directory structures for storing loot and flags. This tool is based heavily upon the work made public in Mike Czumak's (T_v3rn1x) OSCP review (link) along with considerable influence and code taken from Re4son's mix-recon (link). Virtual host scanning is originally adapted from teknogeek's work which is heavily influenced by jobertabma's virtual host discovery script (link). Further Virtual Host scanning code has been adapted from a project by Tim Kent and I, available here (link).
oscp penetration-testing scanner security security-audit security-tools security-scanner offensive-security nmap enumeration scanning kali-linux service-enumeration services-discovered discover-services range snmp hacking hacking-tool virtual-hostsFindsploit is a simple bash script to quickly and easily search both local and online exploit databases. This repository also includes "copysploit" to copy any exploit-db exploit to the current directory and "compilesploit" to automatically compile and run any C exploit (ie. ./copysploit 1337.c && ./compilesploit 1337.c). This software is free to distribute, modify and use with the condition that credit is provided to the creator (1N3@CrowdShield) and is not for commercial use.
exploits metasploit nmap pentest hackers exploitdb find searchVulscan is a module which enhances nmap to a vulnerability scanner. The nmap option -sV enables version detection per service which is used to determine potential flaws according to the identified product. The data is looked up in an offline version of VulDB. Just execute vulscan like you would by refering to one of the pre-delivered databases. Feel free to share your own database and vulnerability connection with me, to add it to the official repository.
vulnerability vulnerability-scanners vulnerability-detection vulnerability-identification vulnerability-assessment security security-audit security-scanner penetration-testing nmap nmap-scripts exploit vulnerability-scanning vulnerability-databases vulnerability-database-entry nmap-scan-script nse nsescript lua-scriptAxiom is a dynamic infrastructure framework to efficiently work with multi-cloud environments, build and deploy repeatable infrastructure focussed on offensive and defensive security. Axiom works by pre-installing your tools of choice onto a 'base image', and then using that image to deploy fresh instances. From there, you can connect and instantly gain access to many tools useful for both bug hunters and pentesters. With the power of immutable infrastructure, most of which is done for you, you can just spin up 15 boxes, perform a distributed nmap/ffuf/screenshotting scan, and then shut them down.
tmux meg nmap bug-bounty nuclei masscan axiom massdns subfinder httprobe httpx gau hacking-vps gowitness ffuf shuffledns dnsx dnsgenNaabu is a port scanning tool written in Go that allows you to enumerate valid ports for hosts in a fast and reliable manner. It is a really simple tool that does fast SYN/CONNECT scans on the host/list of hosts and lists all ports that return a reply. This will display help for the tool. Here are all the switches it supports.
nmap scan-ports portscanner port-enumeration cdn-exclusionThe Modern Port Scanner. Fast, smart, effective.
docker security networking hacking port nmap pentesting scanning hacktoberfest security-toolsMASSCAN is Mass IP port scanner. This is the fastest Internet port scanner. It can scan the entire Internet in under 6 minutes, transmitting 10 million packets per second. It produces results similar to nmap, the most famous port scanner. Internally, it operates more like scanrand, unicornscan, and ZMap, using asynchronous transmission. The major difference is that it's faster than these other scanners. In addition, it's more flexible, allowing arbitrary address ranges and port ranges.
port-scan nmap port-scanner internet-portsGorsair is a penetration testing tool for discovering and remotely accessing Docker APIs from vulnerable Docker containers. Once it has access to the docker daemon, you can use Gorsair to directly execute commands on remote containers. Exposing the docker API on the internet is a tremendous risk, as it can let malicious agents get information on all of the other containers, images and system, as well as potentially getting privileged access to the whole system if the image uses the root user.
pentesting docker netsec infosec nmap penetration-testing securitySandmap is a tool supporting network and system reconnaissance using the massive Nmap engine. It provides a user-friendly interface, automates and speeds up scanning and allows you to easily use many advanced scanning techniques. Before using the Sandmap read the Command Line introduction.
nmap nmap-scripts port-scanner network-scanner network-discovery service-discovery information-gathering nse nsescript cli command-line hacking hacking-tool kali-linux kali-scripts backboxSeccubus automates regular vulnerability scans with various tools and aids security people in the fast analysis of its output, both on the first scan and on repeated scans. On repeated scan delta reporting ensures that findings only need to be judged when they first appear in the scan results or when their output changes.
seccubus repeated-scans nikto ssllabs security filters analysis vulnerability-detection vulnerability-management medusa nessus nmap testsslA type library that can be used to work with NMap scan results in .net.
network networking nmap scannerUse nmap to scan hidden "onion" services on the Tor network. Minimal image based on alpine, using proxychains to wrap nmap. Tor and dnsmasq are run as daemons via s6, and proxychains wraps nmap to use the Tor SOCKS proxy on port 9050. Tor is also configured via DNSPort to anonymously resolve DNS requests to port 9053. dnsmasq is configured to with this localhost:9053 as an authority DNS server. Proxychains is configured to proxy DNS through the local resolver, so all DNS requests will go through Tor and applications can resolve .onion addresses. When the container boots, it launches Tor and dnsmasq as daemons. The tor_wait script then waits for the Tor SOCKS proxy to be up before executing your command.
docker tor nmap proxychains pentesting security scanner reconThis article aims at showing how to improve the capability of the nmap network scanner to detect SAP services. This is by no mean a complete and 100% exact way of doing service detection as a lot of corner cases exist that are not covered in this text. If you want a more comprehensive way to do SAP services detection and even much more, the ERPScan Monitoring Suite is a good starting point with its port scanner feature. Our goal is to detect every network service exposed by SAP servers. Those servers are complex beasts with numerous components exposed to the network by default and each of these components potentially has vulnerabilities. So we want to send specific network probes to detect the presence of these services and then better assess if a service is vulnerable or not.
sap erpscan nmap scanningThe example show shows the types of host ranges supported. In this example the default IANA range of reserved ports is scanned per host in each range (1024). The discover method requires nodejs < v0.11.2 and can be used to aquire information about neighbors per network interface.
nmap libnmap node-libnmap nmap-host-discovery threaded-nmap-scanner network-host-discovery host-operating-system-discovery port-scanner network-scanner services-enumeration host-fingerprinting service-auditing ipv6-host-discovery network scanner securityTraditional “defensive” tools can be effectively used for Offensive security data analysis, helping your team collaborate and triage scan results. In particular, Elasticsearch offers the chance to aggregate a moltitude of disparate data sources, query them with a unifed interface, with the aim of extracting actionable knowledge from a huge amount of unclassified data.
pentesting nmap docker docker-compose elk-stack elasticsearch kibanaGoScan is a project I developed in order to learn @golang. It is an interactive network scanner client, featuring auto-complete, which provides abstraction and automation over nmap. It can be used to perform host discovery, port scanning, and service enumeration in situations where being stealthy is not a priority, and time is limited (think at CTFs, OSCP, exams, etc.).
pentesting nmap dockerUse Tor for anonymous scanning with nmap
tor pentesting nmap ansibleDocker images for infosec tools
docker-image docker metasploit arachni fierce nikto nmap wireshark wpscan nessus pentest pentest-tool
We have large collection of open source products. Follow the tags from
Tag Cloud >>
Open source products are scattered around the web. Please provide information
about the open source projects you own / you use.
Add Projects.