Nmap-API That Can Do Scans With A Good Speed Online

Nmap-API Uses python 3.10, Debian, python, and flask framework to create that can do scans with a good speed online and is easy to deploy. This is a implementation for our college PCL project which is still under development and constantly updating.

Nmap-API

Get all items of API

  GET /api/p1/{username}:{password}/{target}
  GET /api/p2/{username}:{password}/{target}
  GET /api/p3/{username}:{password}/{target}
  GET /api/p4/{username}:{password}/{target}
  GET /api/p5/{username}:{password}/{target}
ParameterTypeDescription
usernamestringRequired. username of the current user
passwordstringRequired. current user password
targetstringRequired. The target Hostname and IP

Get item of Nmap-API

  GET /api/p1/
  GET /api/p2/
  GET /api/p3/
  GET /api/p4/
  GET /api/p5/
ParameterReturn dataDescriptionNmap Command
p1jsonEffective Scan-Pn -sV -T4 -O -F
p2jsonSimple Scan-Pn -T4 -A -v
p3jsonLow Power Scan-Pn -sS -sU -T4 -A -v
p4jsonPartial Intense Scan-Pn -p- -T4 -A -v
p5jsonComplete Intense Scan-Pn -sS -sU -T4 -A -PE -PP -PS80,443 -PA3389 -PU40125 -PY -g 53 --script=vuln

Auth and User management of Nmap-API

  POST /adduser/{admin-username}:{admin-passwd}/{id}/{username}/{passwd}
  POST /deluser/{admin-username}:{admin-passwd}/{t-username}/{t-userpass}
  POST /altusername/{admin-username}:{admin-passwd}/{t-user-id}/{new-t-username}
  POST /altuserid/{admin-username}:{admin-passwd}/{new-t-user-id}/{t-username}
  POST /altpassword/{admin-username}:{admin-passwd}/{t-username}/{new-t-userpass}
  • make sure you use the ADMIN CREDS MENTIONED BELOW
ParameterTypeDescription
admin-usernameStringAdmin username
admin-passwdStringAdmin password
idStringId for newly added user
usernameStringUsername of the newly added user
passwdStringPassword of the newly added user
t-usernameStringTarget username
t-user-idStringTarget userID
t-userpassStringTarget users password
new-t-usernameStringNew username for the target
new-t-user-idStringNew userID for the target
new-t-userpassStringNew password for the target

Network I/O API

To allow for efficient and parallelizable network I/O, NSE provides an interface to Nsock, the Nmap socket library. The smart callback mechanism Nsock uses is fully transparent to NSE scripts. The main benefit of NSE’s sockets is that they never block on I/O operations, allowing many scripts to be run in parallel. The I/O parallelism is fully transparent to authors of NSE scripts. In NSE you can either program as if you were using a single non-blocking socket or you can program as if your connection is blocking. Even blocking I/O calls return once a specified timeout has been exceeded. Two flavors of Network I/O are supported: connect-style and raw packet.

Connect-style network I/O

This part of the network API should be suitable for most classical network uses: Users create a socket, connect it to a remote address, send and receive data and finally close the socket. Everything up to the Transport layer (which is either TCP, UDP or SSL) is handled by the library.

An NSE socket is created by calling nmap.new_socket, which returns a socket object. The socket object supports the usual connectsendreceive, and close methods. Additionally the functions receive_bytesreceive_lines, and receive_buf allow greater control over data reception. Example 9.3 shows the use of connect-style network operations. The try function is used for error handling, as described in the section called “Exception Handling”.

DEFAULT CREDENTIALS

ADMINISTRATOR : zAp6_oO~t428)@,

Download