Re: Passive nmap scanning via ShodanHQ

[Jacek Wielemborek <d33tah () gmail com>]

W dniu 03.03.2016 o 17:40, Glenn Wilkinson pisze:
> Hi all,
>
> Here's a nse script to do passive scanning, querying the Shodan API:
>   https://github.com/glennzw/shodan-hq-nse
>
> Example usage:
>   https://asciinema.org/a/f0unqk9uxbe6yeu22zpqu5xgz
>
> Tweet to RT/whatever if you're into such things:
>   https://twitter.com/glennzw/status/705430341650096129
>
> Cheers,
> Glenn

Hi,

Nice!

I'm not exactly an NSE pro, but I'm getting the impression that instead
of having to remember to specify -Pn -sn, perhaps it would be better to
also be able to specify the IP via --script-args so that Nmap doesn't
know about the IP at all. Right now we're not completely stealthy -
there's also the rDNS lookup performed.

I'm seeing a lot of potential for this kind of scripts - they could for
example diff against the already performed scan. If I was you though,
I'd first make sure that this is something that Nmap maintainers are
willing to include in the official distribution - I personally don't
know the line between acceptable and inacceptable external scripts.

Cheers,
d33ath

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/