-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathvulnerability_scanning.py
136 lines (109 loc) · 4.3 KB
/
vulnerability_scanning.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
# You need to run these before running this script:
# pip install python-nmap
# pip install elasticsearch-py
# pip install python-dotenv
from elasticsearch import Elasticsearch, helpers
from dotenv import load_dotenv
from datetime import datetime
import os
import nmap
def run_nmap(destination, ports, ping=True, versions_option=True):
# Create an Nmap object
nm = nmap.PortScanner()
# Construct Nmap arguments
nmap_args = f"-p {ports}" if ports else ""
nmap_args += " -Pn" if not ping else ""
nmap_args += " -sV" if versions_option else ""
# Run Nmap scan
json_output = nm.scan(hosts=destination, arguments=nmap_args)
# Print Nmap output to the console
print("NMAP JSON output:")
print()
print(nm.all_hosts())
print("----------------------------------------------------")
print("NMAP CSV output:")
print()
print(nm.csv())
# Process Nmap output
processed_data_array = []
command_line = nm.command_line()
scan_time = datetime.strptime(nm.scanstats()['timestr'], "%a %b %d %H:%M:%S %Y").timestamp()
# Iterating through hosts in the scan result
for host_ip in nm.all_hosts():
host_data = {
"scanner": "nmap",
"scanner_command": command_line,
"timestamp": scan_time,
"ip": host_ip,
"mac": "",
"hostname": "",
"ports": []
}
# Adding MAC address if available
mac = nm[host_ip]['addresses'].get('mac', '')
if mac:
host_data["mac"] = mac
# Adding hostname if available
hostnames = nm[host_ip].hostnames()
if hostnames:
host_data["hostname"] = hostnames[0].get('name', '')
# Iterating through open ports for the host
for port in nm[host_ip]['tcp']:
port_data = {
"port": str(port),
"protocol": "tcp", # All ports are TCP in this state of the program
"state": nm[host_ip]['tcp'][port]['state'],
"service": nm[host_ip]['tcp'][port]['name'],
"product_name": nm[host_ip]['tcp'][port]['product'],
"product_version": nm[host_ip]['tcp'][port]['version'],
"banner": nm[host_ip]['tcp'][port]['extrainfo'],
"scripts": {}
}
# Adding script information if available
scripts = nm[host_ip]['tcp'][port].get('scripts', {})
for script_id, script_output in scripts.items():
port_data["scripts"][script_id] = script_output
host_data["ports"].append(port_data)
processed_data_array.append(host_data)
return processed_data_array
def send_to_elastic(json_array_to_send):
# Create an Elasticsearch instance with credentials from .env file
load_dotenv()
es = Elasticsearch(
os.getenv("ELASTIC_URL"),
basic_auth=(
os.getenv("ELASTIC_USERNAME"),
os.getenv("ELASTIC_PASSWORD")
)
)
index_name = os.getenv("ELASTIC_INDEX")
# Check if the index exists, create it if not
if not es.indices.exists(index=index_name):
es.indices.create(index=index_name)
# Prepare data for Elasticsearch
actions = [
{
"_op_type": "index",
"_index": index_name,
"_source": doc
}
for doc in json_array_to_send
]
# Use the helpers library to bulk index the data
helpers.bulk(es, actions)
print("Data sent to Elastic Stack successfully.")
if __name__ == "__main__":
# Get user input
destination = input("Enter the destination (e.g., 192.168.1.0/24, or 192.168.100.101/32...): ")
ports = input("Enter the ports to scan (press Enter for default TCP ports): ")
ping_option = input("Ping the found machines? (y/n) (default=y): ").lower() == 'y'
versions_option = input("Attempt to detect service versions? (y/n) (default = y): ").lower() == 'y'
# Run Nmap and process output
nmap_processed_output = run_nmap(destination, ports, ping_option)
# Print processed output to the console
print("Data to be sent to Elastic Stack:")
print()
print(nmap_processed_output)
print("----------------------------------------------------")
# Send scan details to Elastic Stack
send_to_elastic(nmap_processed_output)