leesoh / np Goto Github PK
View Code? Open in Web Editor NEWA tool to parse, deduplicate, and query multiple port scans.
License: GNU Affero General Public License v3.0
A tool to parse, deduplicate, and query multiple port scans.
License: GNU Affero General Public License v3.0
Should likely be Error, not Fatal
HTTPS://github.com/projectdiscovery/Naabu/pull/460 changed the structure of Naabu's output, which breaks parsing in np.
In internal/scan/np.go
, I stupidly do this:
func (s *Scan) ParseNP() {
// We're importing an old np session so just unpack into results
err := json.Unmarshal(s.Bytes, &s.Result.Hosts)
if err != nil {
s.Logger.Errorf("error unmarshaling np results: %v", err)
}
}
This is fine as long as the np
JSON file is the first thing to be unpacked, but there is no guaranteeing that. Need to refactor this to add hosts rather than unmarshal onto results.
It should work like this:
$ np -service http
scanme.nmap.org:80
some.site.com:8443
Currently internal/scan/nmap.go
imports internal/result
. This shouldn't be the case; each type of scan should be a more or less standalone package and we should handle importing the result elsewhere, probably in internal/scan
.
Some hosts annoyingly and falsely state that every port is open. Likely to gum up port scans. This can result in 65k open ports in scan output, which is gross to look at.
The following should work:
np -exclude 10.2.4.1
np -exclude 10.2.4.1,10.1.5.9
np -exclude www.bishopfox.com
We should be able to do someHost.GetName()
or something to get the Name if present, or the IP as a fallback.
They're a bit too... much. Tidy them up to be a bit more relevant. Also, flip -verbose
to -debug
.
Move to an output.go, decide on the format. We'll need:
Update services
Update IPs
Need to decide whether we're going to do last scan wins or what
This code returns but it should continue:
https://github.com/leesoh/np/blob/main/internal/scan/dnsx/dnsx.go#L42
It should be possible to do something like this:
np -range 10.10.10.0/24
Check for ports before printing the headers so we don't get this:
PORT SERVICE PRODUCT VERSION
161/udp snmp net-snmp; net-snmp SNMPv3 server
PORT SERVICE PRODUCT VERSION
PORT SERVICE PRODUCT VERSION
PORT SERVICE PRODUCT VERSION
It would be handy to be able to ingest name resolution data along with port scan data. This would allow us to scan by IP initially, and then later add hostnames.
All outputs with the exception of JSON should be sorted according to the output type (e.g. -services
should be sorted by service, -hosts
should be sorted by hostname or IP)
It would be neat to show the changes over time rather than the end state. For example, if you run one scan per day, np
would start at the oldest and process scan 1:
$ np
2022-01-01 12:10 AM 10.1.23.5 80/tcp open
2022-01-01 12:10 AM 10.1.23.5 22/tcp open
Then a subsequent scan against the host after SNMP has been enabled:
2022-01-02 12:10 AM 10.1.23.5 161/udp open
And later HTTP is disabled:
2022-01-03 12:10 AM 10.1.23.5 80/tcp closed
This would allow us to review only the changes for each new scan processed.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.