Monday, August 8, 2022
HomeHackerA Drop-In Alternative For Nmap Powered By Shodan.Io

A Drop-In Alternative For Nmap Powered By Shodan.Io




Smap is a duplicate of Nmap which makes use of shodan.io’s free API for port scanning. It takes similar command line arguments as Nmap and produces the identical output which makes it a drop-in replacament for Nmap.

Options

  • Scans 200 hosts per second
  • Would not require any account/api key
  • Vulnerability detection
  • Helps all nmap’s output codecs
  • Service and model fingerprinting
  • Makes no contact to the targets

Set up

Binaries

You possibly can obtain a pre-built binary from right here and use it immediately.

Handbook

go set up -v github.com/s0md3v/smap/cmd/[email protected]

Confused or one thing not working? For extra detailed directions, click on right here

AUR pacakge

Smap is accessible on AUR as smap-git (builds from supply) and smap-bin (pre-built binary).

Homebrew/Mac

Smap can be avaible on Homebrew.

brew replace
brew set up smap

Utilization

Smap takes the identical arguments as Nmap however choices aside from -p, -h, -o*, -iL are ignored. If you’re unfamiliar with Nmap, this is how one can use Smap.

Specifying targets

You may as well use a listing of targets, seperated by newlines.

Supported codecs

1.1.1.1         // IPv4 deal with
instance.com // hostname
178.23.56.0/8 // CIDR

Output

Smap helps 6 output codecs which can be utilized with the -o* as follows

smap instance.com -oX output.xml

If you wish to print the output to terminal, use hyphen (-) as filename.

Supported codecs

oX    // nmap's xml format
oG // nmap's greppable format
oN // nmap's default format
oA // output in all 3 codecs above without delay
oP // IP:PORT pairs seperated by newlines
oS // customized smap format
oJ // json

Notice: Since Nmap does not scan/show vulnerabilities and tags, that information will not be accessible in nmap’s codecs. Use -oS to view that information.

Specifying ports

Smap scans these 1237 ports by default. If you wish to show outcomes for sure ports, use the -p possibility.

smap -p21-30,80,443 -iL targets.txt

Issues

Since Smap merely fetches existent port information from shodan.io, it’s tremendous quick however there’s extra to it. It is best to use Smap if:

You need

  • vulnerability detection
  • a brilliant quick port scanner
  • outcomes for most typical ports (high 1237)
  • no connections to be made to the targets

You might be okay with

  • not having the ability to scan IPv6 addresses
  • outcomes being as much as 7 days previous
  • a couple of false negatives



RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -
Google search engine

Most Popular

Recent Comments