Sandmap - Supporting Network & System Reconnaissance


Description

SANDMAN is a tool supporting network and system reconnaissance using the massive Nmap engine. It provides a user-friendly interface, automates and speeds up scanning and allows you to easily use many advanced scanning techniques.

Key Features

  • simple CLI with the ability to run pure Nmap engine
  • predefined scans included in the modules
  • support Nmap Scripting Engine (NSE) with scripts arguments
  • TOR support (with proxychains)
  • multiple scans at one time
  • at this point: 31 modules with 459 scan profiles

How To Use

It's simple:

# Clone this repository
git clone --recursive https://github.com/trimstray/sandmap

# Go into the repository
cd sandmap

# Install
./setup.sh install

# Run the app
sandmap
  • symlink to bin/sandmap is placed in /usr/local/bin
  • man page is placed in /usr/local/man/man8

Command Line

Before using the sandmap read the Command Line introduction.

Configuration

The etc/main.cfg configuration file has the following structure:

# shellcheck shell=bash

# Specifies the default destination.
# Examples:
#   - dest="127.0.0.1,8.8.8.8"
dest="127.0.0.1"

# Specifies the extended Nmap parameters.
# Examples:
#   - params="--script ssl-ccs-injection -p 443"
params=""

# Specifies the default output type and path.
# Examples:
#   - report="xml"
report=""

# Specifies the TOR connection.
# Examples:
#   - tor="true"
tor=""

# Specifies the terminal type.
# Examples:
#   - terminal="internal"
terminal="internal"

Requirements

sandmap uses external utilities to be installed before running:

This tool working with:

  • GNU/Linux (testing on Debian and CentOS)
  • Bash (testing on 4.4.19)
  • Nmap (testing on 7.70)

Also you will need root access.

Next Post Previous Post
No Comment
Add Comment
comment url