Cyber Security / Ethical Hacking
  • Prologue
  • CTF/OSCP Prep
    • Fundamentals
      • Linux
        • Basics
        • Bash Scripting
      • Windows
        • Basics
        • PowerShell
          • Scripting
        • CMD
      • Kali Survivor Skills
    • Information Gathering
      • Passive Recon
      • Active Recon
    • Enumeration
      • Common Ports
      • Vulnerability Analysis
    • Exploitation
      • Shells
  • Binary Exploitation / Exploit Development
    • Useful tools and techniques for Binary Exploitation
    • Shellcoders Handbook
      • Chapter 2 - Stack Overflows
        • Linux Buffer Overflow With Command Injection
        • Linux Buffer Overflow Without Shellcode
      • Chapter 3 - Shellcode
  • TryHackMe
    • Linux Fundamentals
      • Linux Challenges
      • RP: tmux
      • Common Linux Privesc
    • Advent of Cyber
      • Inventory Management
      • Arctic Forum
      • Evil Elf
      • Training
      • Ho-Ho-Hosint
      • Data Elf-iltration
      • Skilling Up
      • SUID Shenanigans
      • Requests
      • Metasploit-a-ho-ho-ho
      • Elf Applications
      • Elfcryption
      • Accumulate
      • Unknown Storage
    • Web Application Security
      • Web Fundamentals
      • Juice Shop
      • WebAppSec 101
    • Linux Privesc Playground
    • Intro to x86-64
    • Ninja Skills
    • CC: Radare2
    • Reversing ELF
    • Intro to Python
    • ToolsRus
  • Programming
    • Python
      • Simple TCP Port Scanner/ Banner Grabber
      • Botnet
      • Keylogger
      • Nmap Scanner
    • Golang
      • Execute Commands
      • MAC changer
      • TCP Port Scanner
      • TCP Port Scanner (improved with goroutines)
      • GoNmap Scanner
  • Protostar
    • Stack 0
    • Stack 1
    • Stack 2
  • Web App Pentesting
    • Recon
    • Authentication (Portswigger Academy)
      • Vulnerabilities in password-based login
        • Username Enumeration via different responses
        • Username enumeration via subtly different responses
        • Username enumeration via response timing
        • Broken brute-force protection, IP block
        • Username enumeration via account lock
        • Broken brute-force protection, multiple credentials per request
      • Vulnerabilities in multi-factor authentication
        • 2FA simple bypass
        • 2FA Broken Logic
        • 2FA bypass using a brute-force attack
      • Vulnerabilities in other authentication mechanisms
    • Broken Acess Controls
      • Insecure direct object references (IDOR)
        • Insecure direct object references lab
  • HackTheBox
    • Active
      • Untitled
      • Blunder
Powered by GitBook
On this page

Was this helpful?

  1. Programming
  2. Python

Nmap Scanner

Python nmap scanner that goes through a list of the most common ports and check if their open + their service name.

#!/usr/bin/env python3

'''
Python nmap scanner that goes through a list of the most common ports and check if their open + their service name.
'''

import argparse
import nmap
import socket

# get arguments
def main():
    parser = argparse.ArgumentParser()
    parser.add_argument('-H', '--host', dest='tgt_host', help='specify target host')
    options = parser.parse_args()
    tgt_host = options.tgt_host
    if tgt_host is None:
        parser.print_usage()
        exit(0)
    nmap_scan(tgt_host, tgt_port='')

# scan all common ports
def nmap_scan(tgt_host, tgt_port):
    common_ports = [21, 22, 23, 25, 53, 79, 80, 88, 110, 111, 135, 137, 139, 145, 161, 162, 389, 443, 
    587, 631, 636, 1433, 1521, 1723, 2049, 2100, 3306, 3389, 5900, 5985, 6379, 8080, 11211]
    for port in common_ports:
        try:
            tgt_port = port
            nm_scan = nmap.PortScanner()
            nm_scan.scan(tgt_host, str(tgt_port))
            # get state (open/close)
            state = nm_scan[tgt_host]['tcp'][int(tgt_port)]['state']
            # get service name
            service = socket.getservbyport(tgt_port)
            print(f"[*] {tgt_host} tcp/ {tgt_port} {state} {service}")
        # handle error when no service is found on that port
        except:
            continue

if __name__ == '__main__':
    main()
PreviousKeyloggerNextGolang

Last updated 5 years ago

Was this helpful?