Table of contents

  1. Nmap Python Script
Nmap Python Script Nmap Python Script

Nmap Python Script

2/1/2023 / 2 minutes read / Tags: coding, python, copilot, nmap, cybersecurity

One of my goals lately has being to learn how to program and what better way than to just find something that you can automate/improve and try to code it out. In this case, I wanted to create a nmap script that would do a quick scan mostly to just find out what ports where open, it is like a ping scan but it is full handshake. After it grabs all the open ports, then it will do a more comprehensive scan with the -sV argument and the default and safe nmap scripts. Here is the code I came up with, with some help of Copilot:

#!/usr/bin/python3


import subprocess
import os
import argparse
import shutil


# Create ArgumentParser object
parser = argparse.ArgumentParser(description='Perform nmap scan.')
group = parser.add_mutually_exclusive_group(required=True)
group.add_argument('-ip', help='Single IP address to scan')
group.add_argument('-f', '--file', help='File with list of hosts to scan, one per line')
parser.add_argument('-s', '--save', help='Directory to save the output files (optional)')
args = parser.parse_args()


# Check if nmap is installed on the host
if not shutil.which("nmap"):
    print("nmap not found. Please install nmap and try again.")
    exit(1)


# Create the directory if it doesn't exist
if args.save:
    os.makedirs(args.save, exist_ok=True)


try:
    hosts = []
    if args.ip:
        hosts.append(args.ip)
    elif args.file:
        with open(args.file, 'r') as file:
            hosts = file.read().splitlines()


    for ip in hosts:
        print(f"Scanning {ip}...")


        # Perform quick scan
        print("Performing quick scan of ALL ports...")
        quickScanResult = subprocess.run(["nmap", "-Pn", "-p-", "--min-rate=1000", "-T4", ip], capture_output=True, text=True)


        # Extract open ports
        open_ports = [line.split("/")[0] for line in quickScanResult.stdout.split("\n") if "open" in line]
        print("Open ports:", ",".join(open_ports))


        # Perform more comprehensive scan
        print("\nPerforming comprehensive scan with Default and safe nmap script...\n")
        comprehensiveScanResults = subprocess.run(["nmap", "-Pn", "-sV", "-p" + ",".join(open_ports), "--script=default,vuln", ip], capture_output=True)


        # Save results of comprehensive scan to file
        if args.save:
            underscoreIP = ip.replace(".", "_")
            output_file = os.path.join(args.save, "nmapComprehensive-" + underscoreIP + ".txt")
            with open(output_file, "w") as file:
                file.write(comprehensiveScanResults.stdout.decode())


        # Print results of comprehensive scan
        print(comprehensiveScanResults.stdout.decode())


except Exception as e:
    print(f"An error occurred: {e}")
← Back to blog