secator icon indicating copy to clipboard operation
secator copied to clipboard
verified publisher icon freelabz

feat: nmap scanning too many port (port_scan workflow)

Open romisfrag opened this issue 1 year ago • 1 comments

After a naabu scan in the "port_scan.yaml" workflow, nmap will scan all the open ports on all IP adresses image

romisfrag avatar Sep 08 '24 11:09 romisfrag

nmap cannot take a combination host / port unfortunately.

To implement this we would need to leverage the chunking mechanism already implemented in secator and add a feature to our workflow YAML language, which would (probably) look something like:

  naabu:
    description: Find open ports
  nmap:
    description: Search for vulnerabilities on open ports
    chunk_by: port.host
    targets_: port.host
    ports_: port.port

On naabu output like:

[
  {"port": 80, "host": "test.com"},
  {"port": 81, "host": "test.com"},
  {"port": 8080, "host": "test2.com"}
]

This would effectively run two instances of nmap: nmap -p 80,81 test.com (chunk 1/2) nmap -p 8080 test2.com (chunk 2/2)

ocervell avatar Sep 14 '24 08:09 ocervell

Okay, it took a lot of refactoring to get things right, but this was added by PR #659 and will be added to the next release !

ocervell avatar May 25 '25 14:05 ocervell