leonjza / Awesome Nmap Grep
Awesome Nmap Grep
Stars: โญ 203
Labels
Projects that are alternatives of or similar to Awesome Nmap Grep
Crips
IP Tools To quickly get information about IP Address's, Web Pages and DNS records.
Stars: โญ 272 (+33.99%)
Mutual labels: pentesting, nmap
Rustscan
๐ค The Modern Port Scanner ๐ค
Stars: โญ 5,218 (+2470.44%)
Mutual labels: pentesting, nmap
Faraday
Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.
Stars: โญ 3,198 (+1475.37%)
Mutual labels: pentesting, nmap
massnmap
Scans an internal network using massscan and nmap
Stars: โญ 18 (-91.13%)
Mutual labels: scan, nmap
Docker Onion Nmap
Scan .onion hidden services with nmap using Tor, proxychains and dnsmasq in a minimal alpine Docker container.
Stars: โญ 345 (+69.95%)
Mutual labels: pentesting, nmap
nmap-formatter
A tool that allows you to convert NMAP results to html, csv, json, markdown, graphviz (dot). Simply put it's nmap converter.
Stars: โญ 129 (-36.45%)
Mutual labels: scan, nmap
Gorsair
Gorsair hacks its way into remote docker containers that expose their APIs
Stars: โญ 678 (+233.99%)
Mutual labels: pentesting, nmap
Nmap
Idiomatic nmap library for go developers
Stars: โญ 391 (+92.61%)
Mutual labels: pentesting, nmap
Webmap
A Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation during a Web Penetration Testing
Stars: โญ 188 (-7.39%)
Mutual labels: pentesting, nmap
Docker offensive elk
Elasticsearch for Offensive Security
Stars: โญ 112 (-44.83%)
Mutual labels: pentesting, nmap
A Red Teamer Diaries
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: โญ 382 (+88.18%)
Mutual labels: pentesting, nmap
Nmap Nse Info
Browse and search through nmap's NSE scripts.
Stars: โญ 54 (-73.4%)
Mutual labels: pentesting, nmap
Trigmap
A wrapper for Nmap to quickly run network scans
Stars: โญ 132 (-34.98%)
Mutual labels: pentesting, nmap
Betterbackdoor
A backdoor with a multitude of features.
Stars: โญ 195 (-3.94%)
Mutual labels: pentesting
Knary
A simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support
Stars: โญ 187 (-7.88%)
Mutual labels: pentesting
Nbzxing
๐ฅ 2020ๅนดๆๅฅฝ็จ็ๅผๆบๆซ็ ๏ผๅ
จๆนไฝไผๅ๏ผๅผบ็ๆจ่๏ผ๏ผ ๆฏๆๅค็งๅธธ่งzxingๆ ๆณๆซๅบ็็ ๏ผ็จๅฐฑๅฎไบ๏ผ๏ผ ๐ฅ
Stars: โญ 184 (-9.36%)
Mutual labels: scan
Discover
Custom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit.
Stars: โญ 2,548 (+1155.17%)
Mutual labels: nmap
awesome-nmap-grep ๐ฅ
A collection of awesome, grep-like commands for the nmap
greppable output
(-oG
) format. This repository aims to serve as a quick reference to modify the
output into readable formats.
All of the below commands assume the output was saved to a file called
output.grep
. The example command to produce this file as well as the sample
outputs was: nmap -v --reason 127.0.0.1 -sV -oG output.grep -p-
.
Finally, the NMAP_FILE
variable is set to contain output.grep
.
commands
- Count Number of Open Ports
- Top 10 Open Ports
- Top Service Identifiers
- Top Service Names
- Hosts and Open Ports
- Banner Grab
count number of open ports
command
NMAP_FILE=output.grep
egrep -v "^#|Status: Up" $NMAP_FILE | cut -d' ' -f2,4- | \
sed -n -e 's/Ignored.*//p' | \
awk -F, '{split($0,a," "); printf "Host: %-20s Ports Open: %d\n" , a[1], NF}' \
| sort -k 5 -g
output
Host: 127.0.0.1 Ports Open: 16
explained
$ NMAP_FILE=output.grep
$ egrep -v "^#|Status: Up" $NMAP_FILE | cut -d' ' -f2,4- | \
# | โโโโโโโโฌโโโโโโโ | | โโ Select the rest of
# | | | | the fields which
# | | | | will be the open
# | | | | ports.
# | | | |
# | | | โโ Select the second field
# | | | to print which will
# | | | be IP Address
# | | |
# | | โโ The file containing the grepable output.
# | |
# | โโ Ignore lines that start with a # or contain the string
# | 'Status: Up'
# |
# โโ Inverse the pattern match
sed -n -e 's/Ignored.*//p' | \
# | | โโโโโโโโฌโโโโโโโโ
# | | โโ Remove text from the string 'Ignored' onwards.
# | |
# | โโ Specify the script to execute.
# |
# โโ Be quiet on errors.
awk -F, '{split($0,a," "); printf "Host: %-20s Ports Open: %d\n" , a[1], NF}' | \
# | โโโโโโโโฌโโโโโโโ โโโฌโโ โโโฌโโ |
# | | | Use the second element โ |
# | | | in array a defined by |
# | | | the previous split(). |
# | | | |
# | | | The total columns โโโโโโ
# | | | extracted.
# | | |
# | | โโ Pad the string to 20 spaces.
# | |
# | โโ Split the item in the first column again by space,
# | storing the resultant array into a.
# |
# โโ Print a string from a format string
sort -k 5 -g
print the top 10 ports
command
NMAP_FILE=output.grep
egrep -v "^#|Status: Up" $NMAP_FILE | cut -d' ' -f4- | \
sed -n -e 's/Ignored.*//p' | tr ',' '\n' | sed -e 's/^[ \t]*//' | \
sort -n | uniq -c | sort -k 1 -r | head -n 10
output
1 9001/open/tcp//tor-orport?///
1 9000/open/tcp//cslistener?///
1 8080/open/tcp//http-proxy///
1 80/open/tcp//http//Caddy/
1 6379/open/tcp//redis//Redis key-value store/
1 631/open/tcp//ipp//CUPS 2.1/
1 6234/open/tcp/////
1 58377/filtered/tcp/////
1 53/open/tcp//domain//dnsmasq 2.76/
1 49153/open/tcp//mountd//1-3/
explained
$ NMAP_FILE=output.grep
$ egrep -v "^#|Status: Up" $NMAP_FILE | cut -d' ' -f4- | \
# | โโโโโโโโฌโโโโโโโ | โโ Select only the fields
# | | | with the port details.
# | | |
# | | โโ The file containing the grepable output.
# | |
# | โโ Ignore lines that start with a # or contain the string
# | 'Status: Up'
# |
# โโ Inverse the pattern match
sed -n -e 's/Ignored.*//p' | tr ',' '\n' | sed -e 's/^[ \t]*//' | \
# | | โโโโโโโโฌโโโโโโโโ โโฌโ โโโฌโ โโโโโโโฌโโโโโโ
# | | | | | โโ Remove tabs and
# | | | | | spaces.
# | | | | โโ ... with newlines.
# | | | |
# | | | โโ Replace commas ...
# | | |
# | | โโ Remove text from the string 'Ignored' onwards.
# | |
# | โโ Specify the script to execute.
# |
# โโ Be quiet on errors.
sort -n | uniq -c | sort -k 1 -r | head -n 10
# | | | โโ Print the first 10 lines.
# | | |
# | | โโ Output result in reverse
# | |
# | โโ Count occurrences
# |
# โโ Sort numerically.
top service identifiers
command
NMAP_FILE=output.grep
egrep -v "^#|Status: Up" $NMAP_FILE | cut -d ' ' -f4- | tr ',' '\n' | \
sed -e 's/^[ \t]*//' | awk -F '/' '{print $7}' | grep -v "^$" | sort | uniq -c \
| sort -k 1 -nr
output
2 Caddy
2 1-3 (RPC 100005)
1 dnsmasq 2.76
1 Redis key-value store
1 OpenSSH 6.9 (protocol 2.0)
1 MySQL 5.5.5-10.1.14-MariaDB
1 CUPS 2.1
top service names
command
NMAP_FILE=output.grep
egrep -v "^#|Status: Up" $NMAP_FILE | cut -d ' ' -f4- | tr ',' '\n' | \
sed -e 's/^[ \t]*//' | awk -F '/' '{print $5}' | grep -v "^$" | sort | uniq -c \
| sort -k 1 -nr
output
2 mountd
2 http
1 unknown
1 tor-orport?
1 ssl|https
1 ssh
1 redis
1 mysql
1 ipp
1 http-proxy
1 domain
1 cslistener?
hosts and open ports
command
NMAP_FILE=output.grep
egrep -v "^#|Status: Up" $NMAP_FILE | cut -d' ' -f2,4- | \
sed -n -e 's/Ignored.*//p' | \
awk '{print "Host: " $1 " Ports: " NF-1; $1=""; for(i=2; i<=NF; i++) { a=a" "$i; }; split(a,s,","); for(e in s) { split(s[e],v,"/"); printf "%-8s %s/%-7s %s\n" , v[2], v[3], v[1], v[5]}; a="" }'
output
Host: 127.0.0.1 Ports: 16
open tcp/22 ssh
open tcp/53 domain
open tcp/80 http
open tcp/443 https
open tcp/631 ipp
open tcp/3306 mysql
open tcp/4767 unknown
open tcp/6379
open tcp/8080 http-proxy
open tcp/8081 blackice-icecap
open tcp/9000 cslistener
open tcp/9001 tor-orport
open tcp/49152 unknown
open tcp/49153 unknown
filtered tcp/54695
filtered tcp/58369
banner grab
command
NMAP_FILE=output.grep
egrep -v "^#|Status: Up" $NMAP_FILE | cut -d' ' -f2,4- | \
awk -F, '{split($1,a," "); split(a[2],b,"/"); print a[1] " " b[1]; for(i=2; i<=NF; i++) { split($i,c,"/"); print a[1] c[1] }}' \
| xargs -L1 nc -v -w1
output
Sample
found 0 associations
found 1 connections:
1: flags=82<CONNECTED,PREFERRED>
outif lo0
src 127.0.0.1 port 52224
dst 127.0.0.1 port 3306
rank info not available
TCP aux info available
Connection to 127.0.0.1 port 3306 [tcp/mysql] succeeded!
Y
5.5.5-10.1.14-MariaDB๏ฟฝuds9^MIf๏ฟฝ๏ฟฝ!?๏ฟฝEgVZ>iv7KTD7mysql_native_passwordfound 0 associations
nc: connectx to 127.0.0.1 port 54695 (tcp) failed: Connection refused
nc: connectx to 127.0.0.1 port 58369 (tcp) failed: Connection refused
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].