masscan + nmap 快速端口存活检测和服务识别

Related tags

Testingmasnmap
Overview

masnmap

masscan + nmap 快速端口存活检测和服务识别。

思路很简单,将masscan在端口探测的高速和nmap服务探测的准确性结合起来,达到一种相对比较理想的效果。 先使用masscan以较高速率对ip存活端口进行探测,再以多进程的方式,使用nmap对开放的端口进行服务探测。

安装依赖

需先安装masscan nmappython-nmap库。 masscan和nmap请自行安装,python-nmap库可通过如下命令安装。

目前其版本为:python-nmap==0.6.1

文件说明

简要文件说明如下:

  • masnmap.py: masscan + nmap结合快速端口存活和服务探测脚本;
  • ips.txt: 需探测的ip地址列表,每行一个ip地址;
  • services.txt: 保存探测的结果,以"序号:ip:端口:服务名" msg = '{}:{}:{}:{}'.format(index, ip, port, service)

参数配置说明

简要参数说明如下:

  • ip_file = 'ips.txt' # ip地址文件
  • masscan_exe = '/usr/bin/masscan' # masscan可执行文件路径
  • masscan_rate = 1000000 # masscan扫描速率
  • masscan_file = 'masscan.json' # masscan扫描结果文件
  • process_num = 800 # 执行nmap扫描的进程数量

具体参数值可以自行调优。

检测说明

主要执行步骤调用在main函数中,如下:

def main():
    # Step 1, run masscan to detect all the open port on all ips
    run_masscan()

    # Step 2, extract masscan result file:masscan.json to ip:port format
    extract_masscan()

    # Step 3, using nmap to scan ip:port
    run_nmap()

    # Step 4, save results
    save_results()

使用说明

直接使用如下命令执行即可。

# python3 masnmap.py

扫描测试说明

对8930个ip地址进行探测,共探测出231687个开放端口及进行服务探测。

# wc -l ips.txt 
8930 ips.txt
# wc -l services.txt 
231687 services.txt

masscan rate 100 0000,并发nmap进程数800,共耗时: It takes 800 process 4761 seconds to run ... 231687 tasks

具体参数值配置需要根据扫描机器的性能和带宽进行调整。

脚本优化

版本探测

如上说明,masnmap.py只是探测服务的,如需获取服务的版本信息,可以使用-sV替换-sS

使用如下替换nmap_scan中对应的内容,可以获取服务详细版本信息,但速率会有较大的影响。

    ret = nm.scan(ip, port, arguments='-sV')
    # print(ret)
    name = ret['scan'][ip]['tcp'][int(port)]['name']
    product = ret['scan'][ip]['tcp'][int(port)]['product']
    version = ret['scan'][ip]['tcp'][int(port)]['version']
    msg = '{}:{}:{}:{}:{}:{}'.format(index, ip, port, name, product, version)

其它可优化项

  • 使用其它更有效的方式替换多进程;
  • 针对重要服务的版本探测,提高检测速率;
Owner
starnightcyber
information security engineer
starnightcyber
GitHub Repository
This file will contain a series of Python functions that use the Selenium library to search for elements in a web page while logging everything into a file

element_search with Selenium (Now With docstrings 😎 ) Just to mention, I'm a beginner to all this, so it it's very possible to make some mistakes The

2 Aug 12, 2021
A command-line tool and Python library and Pytest plugin for automated testing of RESTful APIs, with a simple, concise and flexible YAML-based syntax

1.0 Release See here for details about breaking changes with the upcoming 1.0 release: https://github.com/taverntesting/tavern/issues/495 Easier API t

909 Dec 15, 2022
Data-Driven Tests for Python Unittest

DDT (Data-Driven Tests) allows you to multiply one test case by running it with different test data, and make it appear as multiple test cases. Instal

424 Nov 28, 2022
Front End Test Automation with Pytest Framework

Front End Test Automation Framework with Pytest Installation and running instructions: 1. To install the framework on your local machine: clone the re

Sergey Kolokolov 2 Jun 17, 2022
Code coverage measurement for Python

Coverage.py Code coverage testing for Python. Coverage.py measures code coverage, typically during test execution. It uses the code analysis tools and

Ned Batchelder 2.3k Jan 04, 2023
Screenplay pattern base for Python automated UI test suites.

ScreenPy TITLE CARD: "ScreenPy" TITLE DISAPPEARS.

Perry Goy 39 Nov 15, 2022
Um scraper feito em python que gera arquivos de excel baseados nas tier lists do site LoLalytics.

LoLalytics-scraper Um scraper feito em python que gera arquivos de excel baseados nas tier lists do site LoLalytics. Começando por um único script com

Kevin Souza 1 Feb 19, 2022
bulk upload files to libgen.lc (Selenium script)

LibgenBulkUpload bulk upload files to http://libgen.lc/librarian.php (Selenium script) Usage ./upload.py to_upload uploaded rejects So title and autho

8 Jul 07, 2022
Useful additions to Django's default TestCase

django-test-plus Useful additions to Django's default TestCase from REVSYS Rationale Let's face it, writing tests isn't always fun. Part of the reason

REVSYS 546 Dec 22, 2022
A automated browsing experience.

browser-automation This app is an automated browsing technique where one has to enter the required information, it's just like searching for Animals o

Ojas Barawal 3 Aug 04, 2021
HTTP client mocking tool for Python - inspired by Fakeweb for Ruby

HTTPretty 1.0.5 HTTP Client mocking tool for Python created by Gabriel Falcão . It provides a full fake TCP socket module. Inspired by FakeWeb Github

Gabriel Falcão 2k Jan 06, 2023
Python 3 wrapper of Microsoft UIAutomation. Support UIAutomation for MFC, WindowsForm, WPF, Modern UI(Metro UI), Qt, IE, Firefox, Chrome ...

Python 3 wrapper of Microsoft UIAutomation. Support UIAutomation for MFC, WindowsForm, WPF, Modern UI(Metro UI), Qt, IE, Firefox, Chrome ...

yin kaisheng 1.6k Dec 29, 2022
PacketPy is an open-source solution for stress testing network devices using different testing methods

PacketPy About PacketPy is an open-source solution for stress testing network devices using different testing methods. Currently, there are only two c

4 Sep 22, 2022
Tutorial for integrating Oxylabs' Residential Proxies with Selenium

Oxylabs’ Residential Proxies integration with Selenium Requirements For the integration to work, you'll need to install Selenium on your system. You c

Oxylabs.io 8 Dec 08, 2022
✅ Python web automation and testing. 🚀 Fast, easy, reliable. 💠

Build fast, reliable, end-to-end tests. SeleniumBase is a Python framework for web automation, end-to-end testing, and more. Tests are run with "pytes

SeleniumBase 3k Jan 04, 2023
Sixpack is a language-agnostic a/b-testing framework

Sixpack Sixpack is a framework to enable A/B testing across multiple programming languages. It does this by exposing a simple API for client libraries

1.7k Dec 24, 2022
Pytest modified env

Pytest plugin to fail a test if it leaves modified os.environ afterwards.

wemake.services 7 Sep 11, 2022
Statistical tests for the sequential locality of graphs

Statistical tests for the sequential locality of graphs You can assess the statistical significance of the sequential locality of an adjacency matrix

2 Nov 23, 2021
API Test Automation with Requests and Pytest

api-testing-requests-pytest Install Make sure you have Python 3 installed on your machine. Then: 1.Install pipenv sudo apt-get install pipenv 2.Go to

Sulaiman Haque 2 Nov 21, 2021
Code for "SUGAR: Subgraph Neural Network with Reinforcement Pooling and Self-Supervised Mutual Information Mechanism"

SUGAR Code for "SUGAR: Subgraph Neural Network with Reinforcement Pooling and Self-Supervised Mutual Information Mechanism" Overview train.py: the cor

41 Nov 08, 2022