SandMap: Network and System Reconnaissance using Nmap engine.

Published On: June 22, 2018

Sandmap is a tool supporting network and system reconnaissance using the massive Nmap engine. It provides a user-friendly interface, automates and speeds up scanning and allows you to easily use many advanced scanning techniques.

Key Features

  • simple CLI with the ability to run pure Nmap engine
  • predefined scans included in the modules
  • support Nmap Scripting Engine (NSE) with scripts arguments
  • TOR support (with proxychains)
  • multiple scans at one time
  • at this point: 31 modules with 459 scan profiles

How To Use
It’s simple:

# Clone this repository
git clone –recursive https://github.com/trimstray/sandmap
# Go into the repository
cd sandmap
# Install ./setup.sh
install
# Run the app
sandmap

  • symlink to bin/sandmap is placed in /usr/local/bin
  • man page is placed in /usr/local/man/man8

Command Line
Before using the Sandmap read the Command Line introduction.

Configuration

The etc/main.cfg configuration file has the following structure:

# shellcheck shell=bash
# Specifies the default destination.
# Examples:
# – dest=”127.0.0.1,8.8.8.8″ dest=”127.0.0.1″
# Specifies the extended Nmap parameters.
# Examples:
# – params=”–script ssl-ccs-injection -p 443″ params=””
# Specifies the default output type and path.
# Examples:
# – report=”xml” report=””
# Specifies the TOR connection.
# Examples: # – tor=”true” tor=””
# Specifies the terminal type.
# Examples:
# – terminal=”internal” terminal=”internal”

Requirements

Sandmap uses external utilities to be installed before running:

This tool working with:

  • GNU/Linux (testing on Debian and CentOS)
  • Bash (testing on 4.4.19)
  • Nmap (testing on 7.70)

Also you will need root access.

Related Post

SSH-Snake: Automated SSH-Based Network Traversal

Related Post January 14, 2024

teler : Real-time HTTP Intrusion Detection

Related Post December 4, 2022

EmailAll – A powerful Email Collect tool

Related Post November 24, 2022

Leave a Comment