Home >Operation and Maintenance >Safety >How to use Masscan, Nmap, and ELK to collect intranet assets
Install masscan
# yum install git gcc make libpcap-devel # git clone https://github.com/robertdavidgraham/masscan # cd masscan # make # cp bin/masscan /bin
Install the latest nmap 7.8
wget https://nmap.org/dist/nmap-7.80-1.x86_64.rpm rpm -ivh nmap-7.80-1.x86_64.rpm
Install es and kibana
docker run -d --name es -p 127.0.0.1:9201:9200 -p 9300:9300 -e ES_JAVA_OPTS="-Xms2G -Xmx2G" -e "discovery.type=single-node" docker.elastic.co/elasticsearch/elasticsearch-oss:7.1.1 docker run --name kibana -d -p 5601:5601 -e ELASTICSEARCH_HOSTS=http://127.0.0.1:9201 docker.elastic.co/kibana/kibana-oss:7.1.1
The general logic is,
1, use Masscan to do a host survival scan
2, then use Nmap to scan the surviving hosts above, export xml
3, format the xml, write it into es, and then kibana for visualization
Upload the code
#
代码地址: https://github.com/njcx/nmap_to_es.gitUse kibana for visualization:
The above is the detailed content of How to use Masscan, Nmap, and ELK to collect intranet assets. For more information, please follow other related articles on the PHP Chinese website!