Created
December 10, 2019 19:25
-
-
Save flatlinebb/e5e15894f7158668ae637640e34c5c14 to your computer and use it in GitHub Desktop.
NMAP scan script for repeatable scans of the same target. Can target hosts or range of hosts
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # This script allows you to perform an nmap scan against targets listed in a TXT file. | |
| # Target can be a single IP, a hostname, or a network range (i.e. 192.168.2.0/24; 10.1.2.10-25) | |
| # Nmap will output in XML file, which then will be converted to HTML for web viewing. | |
| # The file will be copied to the web server folder when it can be viewed in a browser. | |
| # It may be publically viewable, so choose wisely! | |
| # Scan can be run on a schedule, it will save old scan copies | |
| # Optionally, use mailx or sendmail or whatever you want to email yourself when the scan is done | |
| # Exit script on error | |
| set -ex | |
| # Substitute for client acronym, i.e.: NWO, or anything you want. Will be used later as folder name | |
| CLIENT="xxxxx" | |
| # Don't forget to create the $CLIENT.txt file with the scan target host, IP, or network range | |
| # Capture output to a log file | |
| exec &> /var/www/$CLIENT.log | |
| # Create an archive folder to old reports if the folder doesn't exist | |
| mkdir -p -v /var/www/$CLIENT/$CLIENT/old | |
| # Run the actual nmap scan | |
| nmap --script vuln --open -sV -O --osscan-limit -R -sS -T4 -Pn -oX /var/www/$CLIENT/$CLIENT_scan.xml -iL $CLIENT.txt | |
| # Move old reports into archive folder | |
| mv -v /var/www/$CLIENT/*_report.html /var/www/$CLIENT/old/ | |
| # Convert the result XML file into HTML file | |
| xsltproc /var/www/$CLIENT/$CLIENT_scan.xml -o "/var/www/$CLIENT/$CLIENT_`date +%m%d%y`_report.html" | |
| cd /var/www/$CLIENT | |
| # Create a symlink to the report file for easier web browsing | |
| ln -s -f $CLIENT_*_report.html index.html | |
| # Give proper permissions to be web-viewable | |
| chmod 775 /var/www/$CLIENT/* | |
| # Change ownership to your web server user | |
| chown -v -R www:www /var/www/$CLIENT/* /var/www/$CLIENT.* | |
| # Send email alert that scan is done and include the report and the URL in the email | |
| echo "Access the report here: http://your.website.com/$CLIENT/ " | mailx -r "root@localhost" -s "Nmap scan completed!" -q "/var/www/$CLIENT.log" -S smtp="smtp.gmail.com:587" -S smtp-use-starttls -S smtp-auth=login -S smtp-auth-user="[email protected]" -S smtp-auth-password="xxxxXXxxxXXx" -S ssl-verify=ignore [email protected] | |
| echo "Access the report here: http://your.website.com/$CLIENT/ " | |
| # Profit! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment