node-nmap-vulners

Interfaces with locally installed NMAP and Vulners script

Usage no npm install needed!

<script type="module">
  import nodeNmapVulners from 'https://cdn.skypack.dev/node-nmap-vulners';
</script>

README

Node-NMAP-Vulners

NPM package enabling your [NodeJs] application to interface with the features of [NMAP].
This package requires that [NMAP] is installed and available to the running node application. If [VULNERS] script is installed, this package is able to parse the output to [NodeJs].

UPDATE 1.0.2

  • Edited README.MD

UPDATE 1.0.1

  • Improved Service and Vulnerabilities integration

UPDATE 1.0.0 (Tommaso Pezzi)

Installation

npm install node-nmap-vulners

Scan Types

  • NmapScan - This is the core of the package and runs the NMAP command.

Scan instance variables, methods, and events

  • scanResults : Array of host objects - contains the results of the scan.
  • scanTime : number in ms - duration of scan.
  • scanTimeout : number in ms - scan will cancel if timeout is reached.
  • startScan() - begins the NMAP scan.
  • cancelScan() - kills the NMAP process.
  • 'complete' : event - returns array of host objects
  • 'error' : event - returns string with error information

Usage

NmapScan is the core function of the package. It emits two events: 'complete' and 'error'. Both of these events return data. All methods are easy to set up. Simply define a variable as one of the methods, and that variable will become a new instance of NmapScan with appropriately set commands. All input accepts either a space separated string, or an array of strings to make it easier to work with a complex set of hosts. All methods return an array of JSON objects containing information on each host. Any key without information provided from NMAP is filled as null.

The return structure is:

[  
    {  
       "hostname":"theHostname",
       "ip":"127.0.0.1",
       "mac":null,
       "openPorts":[  
          {  
             "port":80,
             "service":"http"
         "vulners":[
            'CVE-2011-4130',
            'CVE-2010-3867',
            'CVE-2010-4652',
            'CVE-2009-0543',
            ]
          },...  
        ],
       "osNmap":null, //note that osNmap is not guaranteed to be correct.
    },...]

Examples

var nmap = require('node-nmap');

nmap.nmapLocation = "nmap"; //default

//    Accepts array or comma separarted string for custom nmap commands in the second argument.
var nmapscan = new nmap.NmapScan('127.0.0.1 google.com', '-sn');

nmapscan.on('complete',function(data){
  console.log(data);
});
nmapscan.on('error', function(error){
  console.log(error);
});

nmapscan.startScan();

// returns
// [  
//    {  
//       "hostname":"localhost",
//       "ip":"127.0.0.1",
//       "mac":null,
//       "openPorts":[  

//       ],
//       "osNmap":null
//    },
//    {  
//       "hostname":"google.com",
//       "ip":"74.125.21.113",
//       "mac":null,
//       "openPorts":[  
//			"vulners":[
// 					'CVE-2011-4130',
//  					'CVE-2010-3867',
//  					'CVE-2010-4652',
//  					'CVE-2009-0543',
//				]
//       ],
//       "osNmap":null
//    }
// ]

//    Accepts array or comma separarted string for nmap vulners script.
var nmapscan = new nmap.NmapScan('127.0.0.1 --script vulners');

nmapscan.on('complete',function(data){
  console.log(data);
});
nmapscan.on('error', function(error){
  console.log(error);
});

nmapscan.startScan();

// returns
// [  
//    {  
//       "hostname":"localhost",
//       "ip":"127.0.0.1",
//       "mac":null,
//       "openPorts":[  
//			"vulners":[
//  					'CVE-2011-4130',
//  					'CVE-2010-3867',
//  					'CVE-2010-4652',
//  					'CVE-2009-0543',
//				],
//       ],
//       "osNmap":null
//    },
//    {  
//       "hostname":"google.com",
//       "ip":"74.125.21.113",
//       "mac":null,
//       "openPorts":[  

//       ],
//       "osNmap":null
//    }
// ]

Please open an issue if you have any questions, concerns, bugs, or critiques.

[NMAP]: <https://nmap.org/>
[NPM]: <https://www.npmjs.com/package/node-nmap-vulners>
[NodeJs]: <https://nodejs.org/en/>