Smap
| Project Name | Stars | Downloads | Repos Using This | Packages Using This | Most Recent Commit | Total Releases | Latest Release | Open Issues | License | Language |
|---|---|---|---|---|---|---|---|---|---|---|
| Rustscan | 10,721 | a month ago | 18 | November 07, 2022 | 128 | gpl-3.0 | Rust | |||
| 🤖 The Modern Port Scanner 🤖 | ||||||||||
| Awesome Security | 10,297 | 5 days ago | 13 | mit | ||||||
| A collection of awesome software, libraries, documents, books, resources and cools stuffs about security. | ||||||||||
| Naabu | 3,757 | 3 | 3 days ago | 36 | April 30, 2023 | 29 | mit | Go | ||
| A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests | ||||||||||
| Flan | 3,542 | 2 years ago | 22 | bsd-3-clause | Python | |||||
| A pretty sweet vulnerability scanner | ||||||||||
| Axiom | 3,476 | 2 days ago | 54 | mit | Shell | |||||
| The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more! | ||||||||||
| Cameradar | 3,451 | 2 months ago | 7 | November 08, 2021 | 29 | mit | Go | |||
| Cameradar hacks its way into RTSP videosurveillance cameras | ||||||||||
| Discover | 3,169 | 4 days ago | mit | PowerShell | ||||||
| Custom bash scripts used to automate various penetration testing tasks including recon, scanning, enumeration, and malicious payload creation using Metasploit. For use with Kali Linux. | ||||||||||
| Ivre | 3,065 | 9 days ago | 41 | gpl-3.0 | Python | |||||
| Network recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, collect and analyse network intelligence from your sensors, and much more! Uses Nmap, Masscan, Zeek, p0f, etc. | ||||||||||
| Vulscan | 2,983 | 2 months ago | 7 | other | Lua | |||||
| Advanced vulnerability scanning with Nmap NSE | ||||||||||
| Static Binaries | 2,638 | a month ago | 33 | other | Shell | |||||
| Various *nix tools built as statically-linked binaries | ||||||||||
passive Nmap like scanner built with shodan.io
Smap is a port scanner built with shodan.io's free API. It takes same command line arguments as Nmap and produces the same output which makes it a drop-in replacament for Nmap.
Features
- Scans 200 hosts per second
- Doesn't require any account/api key
- Vulnerability detection
- Supports all nmap's output formats
- Service and version fingerprinting
- Makes no contact to the targets
Installation
Binaries
You can download a pre-built binary from here and use it right away.
Manual
go install -v github.com/s0md3v/smap/cmd/smap@latest
Confused or something not working? For more detailed instructions, click here
AUR pacakge
Smap is available on AUR as smap-git (builds from source) and smap-bin (pre-built binary).
Homebrew/Mac
Smap is also avaible on Homebrew.
brew update
brew install smap
Usage
Smap takes the same arguments as Nmap but options other than -p, -h, -o*, -iL are ignored. If you are unfamiliar with Nmap, here's how to use Smap.
Specifying targets
smap 127.0.0.1 127.0.0.2
You can also use a list of targets, seperated by newlines.
smap -iL targets.txt
Supported formats
1.1.1.1 // IPv4 address
example.com // hostname
178.23.56.0/8 // CIDR
Output
Smap supports 6 output formats which can be used with the -o* as follows
smap example.com -oX output.xml
If you want to print the output to terminal, use hyphen (-) as filename.
Supported formats
oX // nmap's xml format
oG // nmap's greppable format
oN // nmap's default format
oA // output in all 3 formats above at once
oP // IP:PORT pairs seperated by newlines
oS // custom smap format
oJ // json
Note: Since Nmap doesn't scan/display vulnerabilities and tags, that data is not available in nmap's formats. Use
-oSto view that info.
Specifying ports
Smap scans these 1237 ports by default. If you want to display results for certain ports, use the -p option.
smap -p21-30,80,443 -iL targets.txt
Considerations
Since Smap simply fetches existent port data from shodan.io, it is super fast but there's more to it. You should use Smap if:
You want
- vulnerability detection
- a super fast port scanner
- results for most common ports (top 1237)
- no connections to be made to the targets
You are okay with
- not being able to scan IPv6 addresses
- results being up to 7 days old
- a few false negatives
