A fully self-contained Nmap like parallel port scanning module in pure Golang that supports SYN-ACK (Silent Scans)

gomap

GitHub Go Reference Go Report Card Codacy Badge

What is gomap?

Gomap is a fully self-contained nmap like module for Golang. Unlike other projects which provide nmap C bindings or rely on other local dependencies, gomap is a fully implemented in pure Go. Gomap imports zero non-core modules making it ideal for applications that have zero control on the clients operating system. Since this is a small library, it only focuses on providing a few core features. For the most part its API is stable with changes being applied to its unexposed internal scanning functions.

Features

  • Parallel port scanning using go routines
  • Automated CIDR range scanning
  • Service prediction by port number
  • SYN (Silent) Scanning Mode
  • UDP Scanning (Non-Stealth)
  • Fast and detailed scanning for common ports
  • Pure Go with zero dependencies
  • Easily integrated into other projects

Upcoming Features

  • More Known Ports for Detection
  • Stable Release

Example Usage - 1

Performs a fastscan for the most common ports on every IP on a local range

Create Files

  1. Create quickscan.go
package main

import (
	"fmt"

	"github.com/JustinTimperio/gomap"
)

func main() {
	var (
		proto    = "tcp"
		fastscan = true
		syn      = false
	)

	scan, err := gomap.ScanRange(proto, fastscan, syn)
	if err != nil {
		// handle error
	}
	fmt.Printf(scan.String())
}
  1. go mod init quickscan
  2. go mod tidy
  3. go run quickscan.go

Example Output

Host: computer-name (192.168.1.132)
        |     Port      Service
        |     ----      -------
        |---- 22        ssh
 
Host: server-nginx (192.168.1.143)
        |     Port      Service
        |     ----      -------
        |---- 443       https
        |---- 80        http
        |---- 22        ssh
 
Host: server-minio (192.168.1.112)
        |     Port      Service
        |     ----      -------
        |---- 22        ssh

Host: some-phone (192.168.1.155)
        |- No Open Ports

Example Usage - 2

Performs a detailed stealth scan on a single IP

Create Files

  1. Create stealthmap.go
package main

import (
	"fmt"

	"github.com/JustinTimperio/gomap"
)

func main() {
	// Stealth scans MUST be run as root/admin
	var (
		fastscan = false
		syn      = true
		proto    = "tcp"
		ip       = "192.168.1.120"
	)

	scan, err := gomap.ScanIP(ip, proto, fastscan, syn)
	if err != nil {
		// handle error
	}
	fmt.Printf(scan.String())
}
  1. go mod init stealthmap
  2. go mod tidy
  3. sudo go run stealthmap.go

Example Output

Host: 192.168.1.120 | Ports Scanned 3236/3236
Host: Voyager (192.168.1.120)
        |     Port      Service
        |     ----      -------
        |---- 22        SSH Remote Login Protocol
        |---- 80        World Wide Web HTTP
        |---- 443       HTTP protocol over TLS/SSL
Owner
jtimperio
Linux Head, Speed Freak, Open-Source Advocate
jtimperio
Comments
  • improve performance by reworking the port scan

    improve performance by reworking the port scan

    This results in decreasing the fast scan time from 0.309s to 0.020s for localhost on my machine.

    Expose the underlying errors in the public api, to allow users to handle these themselves.

  • Unlikely to Support UDP Port Scan

    Unlikely to Support UDP Port Scan

    Just a cursory look at the implementation of the code, I reckon the UDP port scan would not work just because of how UDP protocol works. If the the code dials the target with UDP protocol e.g. conn, err = net.Dial("udp", raddr), there will not be any error message from the target server just because UDP is connectionless. A server will only reply when a "meaningful" packet is sent to the UDP port on the target. For more info - https://serverfault.com/a/416269

    By the current way of checking for open/close UDP port i.e. presence of error dialing the target, all UDP ports would be open. Which defeats the purpose of a port scan.

    Alternatively, can refer to how nmap implements its UDP probe - https://nmap.org/book/scan-methods-udp-scan.html

  • Feature: Scan all possible ports

    Feature: Scan all possible ports

    Additionally, for my solution to #11 I expanded the "slow" scan (i.e. fastscan==false) option so it scans all 65536 ports. This does take longer (6.5 minutes in my case) but that is still short enough to be useful. So maybe there are three options instead of two: fastscan: 72 common ports mediumscan: 3000+ less common ports fullcan: all 65536 possible ports

  • Distinguish between open/refused/timeout

    Distinguish between open/refused/timeout

    In my local copy I've made modifications so that the portResult distinguishes between these three cases: Connect OK - LISTEN process on the other end made a connection Timeout - Firewall blocked connection Connection Refused - Firewall did not block connection, but no LISTENing process on the other end. Thus this port could be used for a new server process

    I find this handy because I don't want to have to open new ports in the firewall, and so I need to see what ports are open without having to run a listening process on all ports.

  • Feature request: sort results by port #

    Feature request: sort results by port #

    I've created a local version that modifies func (results *IPScanResult) String() string so that it sorts the result table by port number.

    I find this handy for scanning a large list of open ports.

    I can supply a PR if you like.

Product Analytics, Business Intelligence, and Product Management in a fully self-contained box
Product Analytics, Business Intelligence, and Product Management in a fully self-contained box

Engauge Concept It's not pretty but it's functional. Track user interactions in your apps and products in real-time and see the corresponding stats in

Nov 17, 2021
The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!
The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!

Axiom is a dynamic infrastructure framework to efficiently work with multi-cloud environments, build and deploy repeatable infrastructure focussed on

Dec 30, 2022
ARP spoofing tool based on go language, supports LAN host scanning, ARP poisoning, man-in-the-middle attack, sensitive information sniffing, HTTP packet sniffing
ARP spoofing tool based on go language, supports LAN host scanning, ARP poisoning, man-in-the-middle attack, sensitive information sniffing, HTTP packet sniffing

[ARP Spoofing] [Usage] Commands: clear clear the screen cut 通过ARP欺骗切断局域网内某台主机的网络 exit exit the program help display help hosts 主机管理功能 loot 查看嗅探到的敏感信息

Dec 30, 2022
PHP functions implementation to Golang. This package is for the Go beginners who have developed PHP code before. You can use PHP like functions in your app, module etc. when you add this module to your project.

PHP Functions for Golang - phpfuncs PHP functions implementation to Golang. This package is for the Go beginners who have developed PHP code before. Y

Dec 30, 2022
Naabu - a port scanning tool written in Go that allows you to enumerate valid ports for hosts in a fast and reliable manner
Naabu - a port scanning tool written in Go that allows you to enumerate valid ports for hosts in a fast and reliable manner

Naabu is a port scanning tool written in Go that allows you to enumerate valid ports for hosts in a fast and reliable manner. It is a really simple tool that does fast SYN/CONNECT scans on the host/list of hosts and lists all ports that return a reply.

Jan 2, 2022
Go-basic-port-scanner: Scanning of TCP ports only
Go-basic-port-scanner: Scanning of TCP ports only

go-basic-port-scanner Scanning of TCP ports only. Usage git clone https://git

Jan 22, 2022
Portmantool - Port scanning and monitoring tool

portmantool Port scanning and monitoring tool Components runner while true do r

Feb 14, 2022
Idiomatic nmap library for go developers
Idiomatic nmap library for go developers

nmap This library aims at providing idiomatic nmap bindings for go developers, in order to make it easier to write security audit tools using golang.

Jan 6, 2023
🗺 Allows quick generation of basic network plans based on nmap and scan6 output.

NPlan Transforms nmap XML into intermediate JSON and generates a basic network plan in the DrawIO XML format. Installation Just run go install github.

Mar 10, 2022
A compact, cross-platform scanner that scans ports and recognizes fingerprints.

portscan A compact, cross-platform scanner that scans ports and recognizes fingerprints. Usage: Usage of ./portscan: -H headers request headers

Apr 4, 2022
Scans files for .jars potentially vulnerable to Log4Shell (CVE-2021-44228) by inspecting the class paths inside the .jar.

log4shelldetect Scans a file or folder recursively for jar files that may be vulnerable to Log4Shell (CVE-2021-44228) by inspecting the class paths in

Dec 15, 2022
Scans and catches callbacks of systems that are impacted by Log4J Log4Shell vulnerability across specific headers.
Scans and catches callbacks of systems that are impacted by Log4J Log4Shell vulnerability across specific headers.

Log4ShellScanner Scans and catches callbacks of systems that are impacted by Log4J Log4Shell vulnerability across specific headers. Very Beta Warning!

Jun 17, 2022
WhiteSource Log4j Detect is a free CLI tool that quickly scans your projects to find vulnerable Log4j versions

Log4jDetect WhiteSource Log4j Detect is a free CLI tool that quickly scans your projects to find vulnerable Log4j versions containing the following kn

Nov 20, 2022
An authorization library that supports access control models like ACL, RBAC, ABAC in Golang
An authorization library that supports access control models like ACL, RBAC, ABAC in Golang

Casbin News: still worry about how to write the correct Casbin policy? Casbin online editor is coming to help! Try it at: https://casbin.org/editor/ C

Jan 6, 2023
🌘🦊 DalFox(Finder Of XSS) / Parameter Analysis and XSS Scanning tool based on golang
🌘🦊 DalFox(Finder Of XSS) / Parameter Analysis and XSS Scanning tool based on golang

Finder Of XSS, and Dal(달) is the Korean pronunciation of moon. What is DalFox ?? ?? DalFox is a fast, powerful parameter analysis and XSS scanner, bas

Jan 5, 2023
Gryffin is a large scale web security scanning platform.

Gryffin (beta) Gryffin is a large scale web security scanning platform. It is not yet another scanner. It was written to solve two specific problems w

Dec 27, 2022
EarlyBird is a sensitive data detection tool capable of scanning source code repositories for clear text password violations, PII, outdated cryptography methods, key files and more.
EarlyBird is a sensitive data detection tool capable of scanning source code repositories for clear text password violations, PII, outdated cryptography methods, key files and more.

EarlyBird is a sensitive data detection tool capable of scanning source code repositories for clear text password violations, PII, outdated cryptograp

Dec 10, 2022
Nuclei is a fast tool for configurable targeted vulnerability scanning based on templates offering massive extensibility and ease of use.
Nuclei is a fast tool for configurable targeted vulnerability scanning based on templates offering massive extensibility and ease of use.

Fast and customisable vulnerability scanner based on simple YAML based DSL. How • Install • For Security Engineers • For Developers • Documentation •

Dec 30, 2022