trimstray/sandmap trimstray/sandmap

  • Stars
    star
    1,530
  • Rank 29,470 (Top 0.6 %)
  • Language
    Shell
  • License
    GNU General Publi...
  • Created about 6 years ago
  • Updated over 1 year ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
trimstray/sandmap
github

trimstray

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Nmap on steroids. Simple CLI with the ability to run pure Nmap engine, 31 modules with 459 scan profiles.

sandmap

Travis-CI Version Rawsec's CyberSecurity Inventory BlackArch Repository License

Description β€’ How To Use β€’ Command Line β€’ Configuration β€’ Requirements β€’ Other β€’ Contributing β€’ License β€’ Wiki

Master

Created by trimstray and contributors

Description

sandmap is a tool supporting network and system reconnaissance using the massive Nmap engine. It provides a user-friendly interface, automates and speeds up scanning and allows you to easily use many advanced scanning techniques.

Key Features

  • simple CLI with the ability to run pure Nmap engine
  • predefined scans included in the modules
  • support Nmap Scripting Engine (NSE) with scripts arguments
  • TOR support (with proxychains)
  • multiple scans at one time
  • at this point: 31 modules with 459 scan profiles

How To Use

It's simple:

# Clone this repository
git clone --recursive https://github.com/trimstray/sandmap

# Go into the repository
cd sandmap

# Install
./setup.sh install

# Run the app
sandmap
  • symlink to bin/sandmap is placed in /usr/local/bin
  • man page is placed in /usr/local/man/man8

Command Line

Before using the sandmap read the Command Line introduction.

Configuration

The etc/main.cfg configuration file has the following structure:

# shellcheck shell=bash

# Specifies the default destination.
# Examples:
#   - dest="127.0.0.1,8.8.8.8"
dest="127.0.0.1"

# Specifies the extended Nmap parameters.
# Examples:
#   - params="--script ssl-ccs-injection -p 443"
params=""

# Specifies the default output type and path.
# Examples:
#   - report="xml"
report=""

# Specifies the TOR connection.
# Examples:
#   - tor="true"
tor=""

# Specifies the terminal type.
# Examples:
#   - terminal="internal"
terminal="internal"

Requirements

sandmap uses external utilities to be installed before running:

This tool working with:

  • GNU/Linux (testing on Debian and CentOS)
  • Bash (testing on 4.4.19)
  • Nmap (testing on 7.70)

Also you will need root access.

Other

Modules

Available modules: 31 Available scan profiles: 459

If you want to create your own modules, take a look this.

Project architecture

See this.

Contributing

See this.

License

GPLv3 : http://www.gnu.org/licenses/

Free software, Yeah!

More Repositories

1

the-book-of-secret-knowledge

A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
126,393
star
2

nginx-admins-handbook

How to improve NGINX performance, security, and other important things.
Shell
13,342
star
3

test-your-sysadmin-skills

A collection of Linux Sysadmin Test Questions and Answers. Test your knowledge and skills in different fields with these Q/A.
10,216
star
4

the-practical-linux-hardening-guide

This guide details creating a secure Linux production system. OpenSCAP (C2S/CIS, STIG).
9,650
star
5

htrace.sh

My simple Swiss Army knife for http/https troubleshooting and profiling.
Shell
3,706
star
6

iptables-essentials

Iptables Essentials: Common Firewall Rules and Commands.
1,416
star
7

linux-hardening-checklist

Simple checklist to help you deploying the most important areas of the GNU/Linux production systems - work in progress.
1,251
star
8

multitor

Create multiple TOR instances with a load-balancing.
Shell
991
star
9

otseca

Open source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.
Shell
471
star
10

technical-whitepapers

Collection of IT whitepapers, presentations, pdfs; hacking, web app security, db, reverse engineering and more; EN/PL.
460
star
11

mkchain

Open source tool to help you build a valid SSL certificate chain.
Shell
356
star
12

reload.sh

Wipe, reinstall or restore your system from running GNU/Linux distribution. Via SSH, without rebooting.
Shell
264
star
13

massh-enum

OpenSSH 2.3 up to 7.4 Mass Username Enumeration (CVE-2018-15473).
Shell
143
star
14

trimstray.github.io

Personal blog [PL/EN].
HTML
30
star
15

trimstray

Something about me.
14
star