• Animesh Gupta

Sandmap : Supporting Network and System reconnaissance using the massive Nmap Engine


Sandmap is a tool supporting network and system reconnaissance using the massive Nmap engine. It provides a user-friendly interface, automates and speeds up scanning and allows you to easily use many advanced scanning techniques.


Key Features

  • simple CLI with the ability to run pure Nmap engine

  • predefined scans included in the modules

  • support Nmap Scripting Engine (NSE) with scripts arguments

  • TOR support (with proxychains)

  • multiple scans at one time

  • at this point: 31 modules with 459 scan profiles

How To Use


# Clone this repository

git clone --recursive https://github.com/trimstray/sandmap


# Go into the repository

cd sandmap


# Install

./setup.sh install


# Run the app

sandmap

symlink to bin/sandmap is placed in /usr/local/bin

man page is placed in /usr/local/man/man8


Command Line Options


https://github.com/trimstray/sandmap/wiki/CLI#help


Configuration


The etc/main.cfg configuration file has the following structure:


# shellcheck shell=bash


# Specifies the default destination.

# Examples:

# - dest="127.0.0.1,8.8.8.8"

dest="127.0.0.1"


# Specifies the extended Nmap parameters.

# Examples:

# - params="--script ssl-ccs-injection -p 443"

params=""


# Specifies the default output type and path.

# Examples:

# - report="xml"

report=""


# Specifies the TOR connection.

# Examples:

# - tor="true"

tor=""


# Specifies the terminal type.

# Examples:

# - terminal="internal"

terminal="internal"

Requirements

Sandmap uses external utilities to be installed before running:


nmap

xterm

proxychains


This tool working with:


GNU/Linux (testing on Debian and CentOS)

Bash (testing on 4.4.19)

Nmap (testing on 7.70)


Also you will need root access.

©2019 Security Unleashed | New Delhi