Sandmap is a tool supporting network and system reconnaissance using the massive Nmap engine. It provides a user-friendly interface, automates and speeds up scanning and allows you to easily use many advanced scanning techniques.

Key Features

simple CLI with the ability to run pure Nmap engine

with the ability to run pure predefined scans included in the modules

support Nmap Scripting Engine (NSE)

(NSE) TOR support (with proxychains)

support (with proxychains) multiple scans at one time

at this point: 30 modules with 451 scan profiles

How To Use

# Clone this repository git clone https://github.com/trimstray/sandmap # Go into the repository cd sandmap # Install ./setup.sh install # Run the app sandmap

symlink to bin/sandmap is placed in /usr/local/bin

is placed in man page is placed in /usr/local/man/man8

Modules

Configuration file

etc/main.cfg

# shellcheck shell=bash # Specifies the default destination. # Examples: # - dest="127.0.0.1,8.8.8.8" dest="127.0.0.1" # Specifies the extended Nmap parameters. # Examples: # - params="--script ssl-ccs-injection -p 443" params="" # Specifies the default output type and path. # Examples: # - report="xml" report="" # Specifies the TOR connection. # Examples: # - tor="true" tor="" # Specifies the terminal type. # Examples: # - terminal="internal" terminal="internal"

Requirements

Logging

log/

<script_name>.<date>.log - all _logger() function calls are saved in it

- all function calls are saved in it stdout.log - a standard output and errors from the _init_cmd() function are written in it. If you want to redirect the output from command, use the following structure: your_command >>"$_log_stdout" 2>&1 &

Project architecture

|-- LICENSE.md # GNU GENERAL PUBLIC LICENSE, Version 3, 29 June 2007 |-- README.md # this simple documentation |-- CONTRIBUTING.md # principles of project support |-- .gitignore # ignore untracked files |-- .travis.yml # continuous integration with Travis CI |-- setup.sh # install sandmap on the system |-- bin |-- sandmap # main script (init) |-- doc # includes documentation, images and manuals |-- man8 |-- sandmap.8 # man page for sandmap |-- img # images (eg. gif) |-- etc # contains configuration files |-- lib # libraries, external functions |-- log # contains logs, created after init |-- modules # contains modules |-- src # includes external project files |-- helpers # contains core functions |-- import # appends the contents of the lib directory |-- __init__ # contains the __main__ function |-- settings # contains sandmap settings |-- templates # contains examples and template files |-- tmp # contains temporary files (mktemp)

It's simple:Available modules:Available scan profiles:Theconfiguration file has the following structure:uses external utilities to be installed before running:After running the script, thedirectory is created and in it the following files with logs: