Sandmap - Supporting Network & System Reconnaissance
Description
SANDMAN is a tool supporting network and system reconnaissance using the massive Nmap engine. It provides a user-friendly interface, automates and speeds up scanning and allows you to easily use many advanced scanning techniques.
Key Features
- simple CLI with the ability to run pure Nmap engine
- predefined scans included in the modules
- support Nmap Scripting Engine (NSE) with scripts arguments
- TOR support (with proxychains)
- multiple scans at one time
- at this point: 31 modules with 459 scan profiles
How To Use
It's simple:
# Clone this repository
git clone --recursive https://github.com/trimstray/sandmap
# Go into the repository
cd sandmap
# Install
./setup.sh install
# Run the app
sandmap
- symlink to
bin/sandmap
is placed in/usr/local/bin
- man page is placed in
/usr/local/man/man8
Command Line
Before using the sandmap
read the Command Line introduction.
Configuration
The etc/main.cfg
configuration file has the following structure:
# shellcheck shell=bash
# Specifies the default destination.
# Examples:
# - dest="127.0.0.1,8.8.8.8"
dest="127.0.0.1"
# Specifies the extended Nmap parameters.
# Examples:
# - params="--script ssl-ccs-injection -p 443"
params=""
# Specifies the default output type and path.
# Examples:
# - report="xml"
report=""
# Specifies the TOR connection.
# Examples:
# - tor="true"
tor=""
# Specifies the terminal type.
# Examples:
# - terminal="internal"
terminal="internal"
Requirements
sandmap
uses external utilities to be installed before running:
This tool working with:
- GNU/Linux (testing on Debian and CentOS)
- Bash (testing on 4.4.19)
- Nmap (testing on 7.70)
Also you will need root access.