Nmap Security Scanner
 Intro
Ref Guide
Install Guide
Download
Changelog
Book
Docs
Security Lists
Nmap Hackers
Nmap Dev
Bugtraq
Full Disclosure
Pen Test
Basics
More
Security Tools
Pass crackers
Sniffers
Vuln Scanners
Web scanners
Wireless
Exploitation
Packet crafters
More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
|
Some people have been working on extensions to nmap which
add new features or benefit it with other improvements. Here are
the projects I am aware of (mail me if you have others):
- RadialNet is a gorgeous tool for visualizing Nmap data. It was created by João Paulo de Souza Medeiros.
- Nmap Online is a handy web-based interface to Nmap, written and hosted by Matousec Security. This is a handy way to scan yourself and see what your computer looks like from the Internet side.
- Nmap-CGI is a web-based application for scanning your network with Nmap. It offers user management and privilege levels to control who can scan what.
- Nmap::Scanner performs
Nmap scans programatically using perl. It was written by Max Schubert (nmap&at&webwizarddesign.com).
- Nmap-Parser is a perl
module for parsing Nmap's XML output. It was created by Anthony Persaud (apersaud&at&gmail.com).
- Cancerbero is an nmap-based port scan engine which automates regular scans, storing results in MySQL and generating alerts, change reports, etc. A web interface is provided for configuration and data mining.
- Inprotect offers free
(GPL) web frontend software for Nmap and Nessus, as well as certain services.
- Alexandre Sagala has created a Qt/KDE frontend called
KNmap [ screenshot ]
- You can port
scan yourself with this simple but useful web service by Ulrich Keil.
- Dennis Webb has created
Qpenmapfe -- A graphical (QTopia) frontend for Nmap on handhelds like the Sharp Zaurus or specially configured IPAQ.
- Joshua D. Abraham <jabra&at&ccs.neu.edu> has created Pbnj, a tool for running Nmap scans and diff'ing the results.
- Remote nmap (Rnmap) is
a pair of client and server programs which allow for various
authorised clients to run their port scans from a centralised
server. It was written by Tuomo Makinen <tmakinen&at&pp.htv.fi>.
- Mac OS X users can also use the NmapFE port provided by the Fink project.
- Dylan Greene <trevise&at&u.washington.edu> has created Localscan,
a Perl-based frontend for nmap. It allows the user to compare the
results of an nmap portscan with the results of a previous nmap
portscan made when the subnet or IP range being scanned was in a
"known-good" configuration. Essentially, localscan allows the user
to use a portscanner and ask "What new ports are open?" instead of
just asking "What ports are active?"
- HD Moore has also created Spidermap, a
coordinated network scanning tool which can scans by running many Nmap
processes in parallel.
- Alek O. Komarnitsky (alek&at&komar.org) has created nmap-web, a simple Perl/CGI
script(s) you install on your web server which allows you to submit nmap
commands (and receive the responses) through a web interface. This is
especially oriented toward "white-hat" Sysadmins trying to figure out what
ports are open and what versions of programs are running.
- Gael Roualland <g_roualland&at&users.sourceforge.net> has
created a kernel patch called IP Personality for
fooling Nmap
OS Detection.
- Zach Smith <key&at&aye.net> has created a really cool GTK+ front end
for Nmap called NmapFE. An enhanced version is now included with Nmap.
[ screenshot ]
- Justin Beech <jb&at&dslreports.com> has created Secure-Me, an
automated security scan using Nmap and a few other tools. You can choose from free or commercial versions of the scanner.
- Scout is
a CGI program which displays information about a client's
connection like IP address(es), browser type, and system
information. Scout supports port scanning (with nmap), traceroute,
and ping statistics for the remote host. The author is Maciej
Plewa <redstar&at&subdimension.com>
- Alex Volkov <alex&at&cherepovets-city.ru> has
created a Russian version of Nmap he calls RuNmap:
- Izar Tarandach <izar&at&netect.com> is
working on a really cool 'visual nmap' which provides a TCL/TK GUI on
top of nmap. His latest version is available here. Remember to configure your nmap location in
the program (if it is not in /usr/local/bin)
- Yashy has created a PHP3 script which allows you to port scan yourself. Source code is available here.
- rain.forest.puppy <rfpuppy&at&iname.com> has written 'nmap stubs' in C and Perl which execute nmap and parse the output (allowing you to invoke nmap functionality from your C programs and perl scripts).The home page for this project is http://www.angio.net/security/rfp.
- James W. Abendschan <jwa&at&jammed.com> has written a very useful CGI for accepting nmap OS fingerprint submissions and sending them to the fingerprint maintainer (me). I have modified this script slightly and added it to the nmap site (here).
- Ajax <ajax&at&mobis.com>
has written some patches to nmap which allow nmap to do some
vulnerability scanning checks using a small sample vulnerability
database he has created. The patches (to nmap 2.01 at the time of
this writing) are available at http://www.mobis.com/ajax/code/nmap.
- Vacuum <vacuum&at&technotronic.com>
has created Winfingerprint, an
application that uses SMB to determine OS, shares, users, and other
information about Windows machines on a network (Note: this
scanner currently only runs on Windows NT).
- Yasholomew Yashinski sent in this
eggdrop bot script which sits on a channel and
port-scans channel users who request it and then msg's them the results.
- Security Space offers
an online
security audit using tools such as Nessus and Nmap. The cost
varies depending on the scope of the scan.
- Another commercial nmap-based web scanning application is Hacker Whacker. They charge
up to $300 per year.
|
|
