SabyasachiRana / Webmap
Licence: gpl-3.0
WebMap-Nmap Web Dashboard and Reporting
Stars: ✭ 357
Programming Languages
python
139335 projects - #7 most used programming language
Projects that are alternatives of or similar to Webmap
Faraday
Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.
Stars: ✭ 3,198 (+795.8%)
Mutual labels: infosec, nmap, cve
Cvebase.com
cvebase is a community-driven vulnerability data platform to discover the world's top security researchers and their latest disclosed vulnerabilities & PoCs
Stars: ✭ 88 (-75.35%)
Mutual labels: infosec, cybersecurity, cve
CVE-2021-44228-PoC-log4j-bypass-words
🐱💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks
Stars: ✭ 760 (+112.89%)
Mutual labels: cybersecurity, cve
targets
A collection of over 5.1 million sub-domains and assets belonging to public bug bounty programs, compiled into a repo, for performing bulk operations.
Stars: ✭ 85 (-76.19%)
Mutual labels: cybersecurity, infosec
dorothy
Dorothy is a tool to test security monitoring and detection for Okta environments
Stars: ✭ 85 (-76.19%)
Mutual labels: cybersecurity, infosec
HostEnumerator
A tool that automates the process of enumeration
Stars: ✭ 29 (-91.88%)
Mutual labels: cybersecurity, nmap
AutonomousThreatSweep
Threat Hunting queries for various attacks
Stars: ✭ 70 (-80.39%)
Mutual labels: cybersecurity, infosec
pyc2bytecode
A Python Bytecode Disassembler helping reverse engineers in dissecting Python binaries by disassembling and analyzing the compiled python byte-code(.pyc) files across all python versions (including Python 3.10.*)
Stars: ✭ 70 (-80.39%)
Mutual labels: cybersecurity, infosec
awesome-ddos-tools
Collection of several DDos tools.
Stars: ✭ 75 (-78.99%)
Mutual labels: cybersecurity, infosec
Open-source-tools-for-CTI
Public Repository of Open Source Tools for Cyber Threat Intelligence Analysts and Researchers
Stars: ✭ 91 (-74.51%)
Mutual labels: cybersecurity, infosec
Writeups
This repository contains writeups for various CTFs I've participated in (Including Hack The Box).
Stars: ✭ 61 (-82.91%)
Mutual labels: cybersecurity, cve
Phishapi
Comprehensive Web Based Phishing Suite for Rapid Deployment and Real-Time Alerting!
Stars: ✭ 272 (-23.81%)
Mutual labels: infosec, cybersecurity
Nmapgui
Advanced Graphical User Interface for NMap
Stars: ✭ 318 (-10.92%)
Mutual labels: cybersecurity, nmap
incident-response-plan-template
A concise, directive, specific, flexible, and free incident response plan template
Stars: ✭ 288 (-19.33%)
Mutual labels: cybersecurity, infosec
rawsec-cybersecurity-inventory
An inventory of tools and resources about CyberSecurity that aims to help people to find everything related to CyberSecurity.
Stars: ✭ 153 (-57.14%)
Mutual labels: cybersecurity, infosec
Cyber-Security
This repository is used to store answers when resolving ctf challanges, how i came to that answer and the line of thought used to reach it.
Stars: ✭ 42 (-88.24%)
Mutual labels: cybersecurity, infosec
MurMurHash
This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.
Stars: ✭ 79 (-77.87%)
Mutual labels: cybersecurity, infosec
pwn-pulse
Exploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)
Stars: ✭ 126 (-64.71%)
Mutual labels: infosec, cve
moonwalk
Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. 👻🐚
Stars: ✭ 544 (+52.38%)
Mutual labels: infosec, cve
A Web Dashbord for Nmap XML Report
Table Of Contents
- Usage
- Video
- Features
- PDF Report
- XML Filenames
- CVE and Exploits
- Network View
- RESTful API
- Third Parts
- Security Issues
- Contributors
- Contacts
Screenshot
Usage
You should use this with docker, just by sending this command:
$ mkdir /tmp/webmap
$ docker run -d \
--name webmap \
-h webmap \
-p 8000:8000 \
-v /tmp/webmap:/opt/xml \
reborntc/webmap
$ # now you can run Nmap and save the XML Report on /tmp/webmap
$ nmap -sT -A -T4 -oX /tmp/webmap/myscan.xml 192.168.1.0/24
Now point your browser to http://localhost:8000
Generate new token
In order to access to the WebMap dashboard, you need a token. You can create a new token with:
$ docker exec -ti webmap /root/token
Upgrade from previous release
$ # stop running webmap container
$ docker stop webmap
$ # remove webmap container
$ docker rm webmap
$ # pull new image from dockerhub
$ docker pull reborntc/webmap
$ # run WebMap
$ curl -sL http://bit.ly/webmapsetup | bash
Run without Docker
This project is designed to run on a Docker container. IMHO it isn't a good idea to run this on a custom Django installation, but if you need it you can find all building steps inside the Dockerfile.
Video
The HTML template changes often. This video could not be up to date with the latest version.
Features
- Import and parse Nmap XML files
- Run and Schedule Nmap Scan from dashboard
- Statistics and Charts on discovered services, ports, OS, etc...
- Inspect a single host by clicking on its IP address
- Attach labels on a host
- Insert notes for a specific host
- Create a PDF Report with charts, details, labels and notes
- Copy to clipboard as Nikto, Curl or Telnet commands
- Search for CVE and Exploits based on CPE collected by Nmap
- RESTful API
Roadmap for v2.3x
You love WebMap and you know python? We need your help! This is what we want deploy for the v2.3:
- [todo] Improve template: try to define better the html template and charts
- [todo] Improve API: create a documentation/wiki about it
- [todo] Wiki: create WebMap User Guide on GitHub
- [working] Authentication or something that could blocks access to WebMap if != localhost
- [working] Scan diff: show difference between two scheduled nmap scan report
- [todo] Zaproxy: Perform web scan using the OWASP ZAP API
Changes on v2.2
- fixed bug on missing services
- Run nmap from WebMap
- Schedule nmap run
- Add custom NSE scripts section
Changes on v2.1
- Better usage of Django template
- Fixed some Nmap XML parse problems
- Fixed CVE and Exploit collecting problems
- Add new Network View
- Add RESTful API
PDF Report
XML Filenames
When creating the PDF version of the Nmap XML Report, the XML filename is used as document title on the first page. WebMap will replace some parts of the filename as following:
-
_will replaced by a space () -
.xmlwill be removed
Example: ACME_Ltd..xml
PDF title: ACME Ltd.
CVE and Exploits
thanks to the amazing API services by circl.lu, WebMap is able to looking for CVE and Exploits for each CPE collected by Nmap.
Not all CPE are checked over the circl.lu API, but only when a specific version is specified
(for example: cpe:/a:microsoft:iis:7.5 and not cpe:/o:microsoft:windows).
Network View
RESTful API
From v2.1 WebMap has a RESTful API frontend that makes users able to query their scan files with something like:
curl -s 'http://localhost:8000/api/v1/scan?token=<token>'
"webmap_version": "v2.1/master",
"scans": {
"scanme.nmap.org.xml": {
"filename": "scanme.nmap.org.xml",
"startstr": "Sun Nov 4 16:22:46 2018",
"nhost": "1",
"port_stats": {
"open": 42,
"closed": 0,
"filtered": 0
}
},
"hackthebox.xml": {
"filename": "hackthebox.xml",
"startstr": "Mon Oct 8 20:56:32 2018",
"nhost": "256",
"port_stats": {
"open": 67,
"closed": 0,
"filtered": 2
}
}
}
}
A user can get information about a single scan by append to the URL the XML filename:
curl -v 'http://localhost:8000/api/v1/scan/hackthebox.xml?token=<token>'
{
"file": "hackthebox.xml",
"hosts": {
"10.10.10.2": {
"hostname": {},
"label": "",
"notes": ""
},
"10.10.10.72": {
"hostname": {
"PTR": "streetfighterclub.htb"
},
"label": "",
"notes": ""
},
"10.10.10.76": {
"hostname": {},
"label": "",
"notes": ""
},
"10.10.10.77": {
"hostname": {},
"label": "Vulnerable",
"notes": "PHNwYW4gY2xhc3M9ImxhYmVsIGdyZWVuIj5SRU1FRElBVElPTjwvc3Bhbj4gVXBncmFkZSB0byB0aGUgbGF0ZXN0IHZlcnNpb24g"
},
...
and he can get all information about a single host by append the IP address to URL:
curl -v 'http://localhost:8000/api/v1/scan/hackthebox.xml/10.10.10.87?token=<token>'
"file": "hackthebox.xml",
"hosts": {
"10.10.10.87": {
"ports": [
{
"port": "22",
"name": "ssh",
"state": "open",
"protocol": "tcp",
"reason": "syn-ack",
"product": "OpenSSH",
"version": "7.5",
"extrainfo": "protocol 2.0"
},
{
"port": "80",
"name": "http",
"state": "open",
"protocol": "tcp",
"reason": "syn-ack",
"product": "nginx",
"version": "1.12.2",
"extrainfo": ""
},
{
"port": "8888",
"name": "sun-answerbook",
"state": "filtered",
"protocol": "tcp",
"reason": "no-response",
"product": "",
"version": "",
"extrainfo": ""
}
],
"hostname": {},
"label": "Checked",
"notes": "",
"CVE": [
{
"Modified": "2018-08-17T15:29:00.253000",
"Published": "2018-08-17T15:29:00.223000",
"cvss": "5.0",
"cwe": "CWE-200",
"exploit-db": [
{
"description": "OpenSSH 7.7 - Username Enumeration. CVE-2018-15473. Remote exploit for Linux platform",
"file": "exploits/linux/remote/45233.py",
"id": "EDB-ID:45233",
"last seen": "2018-08-21",
"modified": "2018-08-21",
"platform": "linux",
"port": "",
"published": "2018-08-21",
"reporter": "Exploit-DB",
"source": "https://www.exploit-db.com/download/45233/",
"title": "OpenSSH 7.7 - Username Enumeration",
"type": "remote"
},
{
"id": "EDB-ID:45210"
}
],
"id": "CVE-2018-15473",
"last-modified": "2018-11-02T06:29:06.993000",
"metasploit": [
...
Third Parts
Security Issues
This app is not intended to be exposed to the internet, but to be used as localhost web application. Please, DO NOT expose this app to the internet, use your localhost or, in case you can't do it, take care to filter who and what can access to WebMap with a firewall rule or something like that. Exposing this app to the whole internet could lead not only to a stored XSS but also to a leakage of sensitive/critical/private informations about your port scan. Please, be smart.
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].