masscan + nmap 快速端口存活检测和服务识别

Related tags

Testingmasnmap
Overview

masnmap

masscan + nmap 快速端口存活检测和服务识别。

思路很简单,将masscan在端口探测的高速和nmap服务探测的准确性结合起来,达到一种相对比较理想的效果。 先使用masscan以较高速率对ip存活端口进行探测,再以多进程的方式,使用nmap对开放的端口进行服务探测。

安装依赖

需先安装masscan nmappython-nmap库。 masscan和nmap请自行安装,python-nmap库可通过如下命令安装。

目前其版本为:python-nmap==0.6.1

文件说明

简要文件说明如下:

  • masnmap.py: masscan + nmap结合快速端口存活和服务探测脚本;
  • ips.txt: 需探测的ip地址列表,每行一个ip地址;
  • services.txt: 保存探测的结果,以"序号:ip:端口:服务名" msg = '{}:{}:{}:{}'.format(index, ip, port, service)

参数配置说明

简要参数说明如下:

  • ip_file = 'ips.txt' # ip地址文件
  • masscan_exe = '/usr/bin/masscan' # masscan可执行文件路径
  • masscan_rate = 1000000 # masscan扫描速率
  • masscan_file = 'masscan.json' # masscan扫描结果文件
  • process_num = 800 # 执行nmap扫描的进程数量

具体参数值可以自行调优。

检测说明

主要执行步骤调用在main函数中,如下:

def main():
    # Step 1, run masscan to detect all the open port on all ips
    run_masscan()

    # Step 2, extract masscan result file:masscan.json to ip:port format
    extract_masscan()

    # Step 3, using nmap to scan ip:port
    run_nmap()

    # Step 4, save results
    save_results()

使用说明

直接使用如下命令执行即可。

# python3 masnmap.py

扫描测试说明

对8930个ip地址进行探测,共探测出231687个开放端口及进行服务探测。

# wc -l ips.txt 
8930 ips.txt
# wc -l services.txt 
231687 services.txt

masscan rate 100 0000,并发nmap进程数800,共耗时: It takes 800 process 4761 seconds to run ... 231687 tasks

具体参数值配置需要根据扫描机器的性能和带宽进行调整。

脚本优化

版本探测

如上说明,masnmap.py只是探测服务的,如需获取服务的版本信息,可以使用-sV替换-sS

使用如下替换nmap_scan中对应的内容,可以获取服务详细版本信息,但速率会有较大的影响。

    ret = nm.scan(ip, port, arguments='-sV')
    # print(ret)
    name = ret['scan'][ip]['tcp'][int(port)]['name']
    product = ret['scan'][ip]['tcp'][int(port)]['product']
    version = ret['scan'][ip]['tcp'][int(port)]['version']
    msg = '{}:{}:{}:{}:{}:{}'.format(index, ip, port, name, product, version)

其它可优化项

  • 使用其它更有效的方式替换多进程;
  • 针对重要服务的版本探测,提高检测速率;
Owner
starnightcyber
information security engineer
starnightcyber
GitHub Repository
FFPuppet is a Python module that automates browser process related tasks to aid in fuzzing

FFPuppet FFPuppet is a Python module that automates browser process related tasks to aid in fuzzing. Happy bug hunting! Are you fuzzing the browser? G

Mozilla Fuzzing Security 24 Oct 25, 2022
Tattoo - System for automating the Gentoo arch testing process

Naming origin Well, naming things is very hard. Thankfully we have an excellent

Arthur Zamarin 4 Nov 07, 2022
Data-Driven Tests for Python Unittest

DDT (Data-Driven Tests) allows you to multiply one test case by running it with different test data, and make it appear as multiple test cases. Instal

424 Nov 28, 2022
hyppo is an open-source software package for multivariate hypothesis testing.

hyppo (HYPothesis Testing in PythOn, pronounced "Hippo") is an open-source software package for multivariate hypothesis testing.

neurodata 137 Dec 18, 2022
Pytest-typechecker - Pytest plugin to test how type checkers respond to code

pytest-typechecker this is a plugin for pytest that allows you to create tests t

vivax 2 Aug 20, 2022
a plugin for py.test that changes the default look and feel of py.test (e.g. progressbar, show tests that fail instantly)

pytest-sugar pytest-sugar is a plugin for pytest that shows failures and errors instantly and shows a progress bar. Requirements You will need the fol

Teemu 963 Dec 28, 2022
Compiles python selenium script to be a Window's executable

Problem Statement Setting up a Python project can be frustrating for non-developers. From downloading the right version of python, setting up virtual

Jerry Ng 8 Jan 09, 2023
UUM Merit Form Filler is a web automation which helps automate entering a matric number to the UUM system in order for participants to obtain a merit

About UUM Merit Form Filler UUM Merit Form Filler is a web automation which helps automate entering a matric number to the UUM system in order for par

Ilham Rachmat 3 May 31, 2022
An improbable web debugger through WebSockets

wdb - Web Debugger Description wdb is a full featured web debugger based on a client-server architecture. The wdb server which is responsible of manag

Kozea 1.6k Dec 09, 2022
Turn any OpenAPI2/3 and Postman Collection file into an API server with mocking, transformations and validations.

Prism is a set of packages for API mocking and contract testing with OpenAPI v2 (formerly known as Swagger) and OpenAPI v3.x. Mock Servers: Life-like

Stoplight 3.3k Jan 05, 2023
A Demo of Feishu automation testing framework

FeishuAutoTestDemo This is a automation testing framework which use Feishu as an example. Execute runner.py to run. Technology Web UI Test pytest + se

2 Aug 19, 2022
GitHub action for AppSweep Mobile Application Security Testing

GitHub action for AppSweep can be used to continuously integrate app scanning using AppSweep into your Android app build process

Guardsquare 14 Oct 06, 2022
Implement unittest, removing all global variable and returning values

Implement unittest, removing all global variable and returning values

Placide 1 Nov 01, 2021
Python selenium script to bypass simaster.ugm.ac.id weak captcha.

Python selenium script to bypass simaster.ugm.ac.id weak "captcha".

Hafidh R K 1 Feb 01, 2022
Multi-asset backtesting framework. An intuitive API lets analysts try out their strategies right away

Multi-asset backtesting framework. An intuitive API lets analysts try out their strategies right away. Fast execution of profit-take/loss-cut orders is built-in. Seamless with Pandas.

Epymetheus 39 Jan 06, 2023
This repository contains a set of benchmarks of different implementations of Parquet (storage format) <-> Arrow (in-memory format).

Parquet benchmarks This repository contains a set of benchmarks of different implementations of Parquet (storage format) - Arrow (in-memory format).

11 Dec 21, 2022
Free cleverbot without headless browser

Cleverbot Scraper Simple free cleverbot library that doesn't require running a heavy ram wasting headless web browser to actually chat with the bot, a

Matheus Fillipe 3 Sep 25, 2022
Load Testing ML Microservices for Robustness and Scalability

The demo is aimed at getting started with load testing a microservice before taking it to production. We use FastAPI microservice (to predict weather) and Locust to load test the service (locally or

Emmanuel Raj 13 Jul 05, 2022
Playwright Python tool practice pytest pytest-bdd screen-play page-object allure cucumber-report

pytest-ui-automatic Playwright Python tool practice pytest pytest-bdd screen-play page-object allure cucumber-report How to run Run tests execute_test

moyu6027 11 Nov 08, 2022
Mypy static type checker plugin for Pytest

pytest-mypy Mypy static type checker plugin for pytest Features Runs the mypy static type checker on your source files as part of your pytest test run

Dan Bader 218 Jan 03, 2023