Home >Operation and Maintenance >Safety >How to use Masscan, Nmap, and ELK to collect intranet assets

How to use Masscan, Nmap, and ELK to collect intranet assets

WBOY
WBOYforward
2023-06-03 15:43:361166browse
Installation

Install masscan

# yum install git gcc make libpcap-devel
# git clone https://github.com/robertdavidgraham/masscan
# cd masscan
# make
# cp bin/masscan  /bin

Install the latest nmap 7.8

wget https://nmap.org/dist/nmap-7.80-1.x86_64.rpm
rpm -ivh nmap-7.80-1.x86_64.rpm

Install es and kibana

docker run -d --name es -p 127.0.0.1:9201:9200 -p 9300:9300 -e ES_JAVA_OPTS="-Xms2G -Xmx2G" -e "discovery.type=single-node"  docker.elastic.co/elasticsearch/elasticsearch-oss:7.1.1   

docker run --name kibana -d -p 5601:5601 -e ELASTICSEARCH_HOSTS=http://127.0.0.1:9201   docker.elastic.co/kibana/kibana-oss:7.1.1

The general logic is,

1, use Masscan to do a host survival scan

2, then use Nmap to scan the surviving hosts above, export xml

3, format the xml, write it into es, and then kibana for visualization

Upload the code

How to use Masscan, Nmap, and ELK to collect intranet assetsHow to use Masscan, Nmap, and ELK to collect intranet assets

How to use Masscan, Nmap, and ELK to collect intranet assets

How to use Masscan, Nmap, and ELK to collect intranet assets#

代码地址:

https://github.com/njcx/nmap_to_es.git
Use kibana for visualization:

How to use Masscan, Nmap, and ELK to collect intranet assets

The above is the detailed content of How to use Masscan, Nmap, and ELK to collect intranet assets. For more information, please follow other related articles on the PHP Chinese website!

Statement:
This article is reproduced at:yisu.com. If there is any infringement, please contact admin@php.cn delete