Node-NMAP-Vulners
NPM package enabling your [NodeJs] application to interface with the features of [NMAP].
This package requires that [NMAP] is installed and available to the running node application.
If [VULNERS] script is installed, this package is able to parse the output to [NodeJs].
UPDATE 1.0.2
- Edited README.MD
UPDATE 1.0.1
- Improved Service and Vulnerabilities integration
UPDATE 1.0.0 (Tommaso Pezzi)
- Forked the [node-nmap] NPM package to read and parse the Vulners script output.
-
- Vulners.nse must be installed.(https://github.com/vulnersCom/nmap-vulners)
Installation
npm install node-nmap-vulners
Scan Types
NmapScan- This is the core of the package and runs the NMAP command.
Scan instance variables, methods, and events
scanResults: Array of host objects - contains the results of the scan.scanTime: number in ms - duration of scan.scanTimeout: number in ms - scan will cancel if timeout is reached.startScan()- begins the NMAP scan.cancelScan()- kills the NMAP process.'complete': event - returns array of host objects'error': event - returns string with error information
Usage
NmapScan is the core function of the package. It emits two events: 'complete' and 'error'. Both of these events return data. All methods are easy to set up. Simply define a variable as one of the methods, and that variable will become a new instance of NmapScan with appropriately set commands. All input accepts either a space separated string, or an array of strings to make it easier to work with a complex set of hosts. All methods return an array of JSON objects containing information on each host. Any key without information provided from NMAP is filled as null.
The return structure is:
"hostname":"theHostname" "ip":"127.0.0.1" "mac":null "openPorts": "port":80 "service":"http" "vulners": 'CVE-2011-4130' 'CVE-2010-3867' 'CVE-2010-4652' 'CVE-2009-0543' ... "osNmap":null //note that osNmap is not guaranteed to be correct. ...Examples
var nmap = ; nmapnmapLocation = "nmap"; //default // Accepts array or comma separarted string for custom nmap commands in the second argument.var nmapscan = '127.0.0.1 google.com' '-sn'; nmapscan;nmapscan; nmapscan; // returns// [ // { // "hostname":"localhost",// "ip":"127.0.0.1",// "mac":null,// "openPorts":[ // ],// "osNmap":null// },// { // "hostname":"google.com",// "ip":"74.125.21.113",// "mac":null,// "openPorts":[ // "vulners":[// 'CVE-2011-4130',// 'CVE-2010-3867',// 'CVE-2010-4652',// 'CVE-2009-0543',// ]// ],// "osNmap":null// }// ] // Accepts array or comma separarted string for nmap vulners script.var nmapscan = '127.0.0.1 --script vulners'; nmapscan;nmapscan; nmapscan; // returns// [ // { // "hostname":"localhost",// "ip":"127.0.0.1",// "mac":null,// "openPorts":[ // "vulners":[// 'CVE-2011-4130',// 'CVE-2010-3867',// 'CVE-2010-4652',// 'CVE-2009-0543',// ],// ],// "osNmap":null// },// { // "hostname":"google.com",// "ip":"74.125.21.113",// "mac":null,// "openPorts":[ // ],// "osNmap":null// }// ] Please open an issue if you have any questions concerns bugs or critiques NMAP: <https://nmap.org/>NPM: <https://www.npmjs.com/package/node-nmap-vulners>NodeJs: <https://nodejs.org/en/>