Nmap - Python

Introduction

Nmap is a powerful and flexible open-source network scanning tool used by network administrators and security professionals to discover hosts and services on a network. It is widely used for vulnerability assessment, system security auditing, and network inventory.

Nmap can be used interactively from the command-line or integrated into Python scripts using the python-nmap library. This library provides a convenient way to wrap the Nmap functionality, making it easier to automate network scanning tasks and retrieve scan results programmatically.

Features

• Host Discovery: Nmap can identify active hosts on a network by sending different types of network packets, such as ICMP echo requests or TCP SYN scans.
• Port Scanning: Nmap can scan for open ports on a target host to discover running services and identify potential vulnerabilities.
• Service Version Detection: Nmap can determine the version and type of service running on a port by analyzing the responses received from the target system.
• OS Fingerprinting: Nmap can guess the operating system of a target host based on various characteristics observed during the scanning process.
• Scripting: Nmap supports scripting using Nmap Scripting Engine (NSE), which allows users to create custom scripts for advanced scanning and automation.
• Output Formatting: Nmap can generate output in various formats, including plain text, XML, and even interactive HTML reports.

Installation

To use Nmap with Python, you need to install the python-nmap library. You can install it using pip:

$ pip install python-nmap

Additionally, you need to have Nmap installed on your system. You can download and install Nmap from the official website: https://nmap.org

Usage

Here is an example of how to use the python-nmap library to scan a target host:

import nmap

def scan(target):
    nm = nmap.PortScanner()
    nm.scan(target, arguments='-sV')
    
    for host in nm.all_hosts():
        print("Host: %s" % host)
        for proto in nm[host].all_protocols():
            print("Protocol: %s" % proto)
            
            ports = nm[host][proto].keys()
            for port in ports:
                service = nm[host][proto][port]['name']
                version = nm[host][proto][port]['product']
                print("Port: %s \t Service: %s \t Version: %s" % (port, service, version))
                
scan('192.168.0.1')

This script uses nmap.PortScanner() to create an instance of the scanner. It then uses the scan() method to perform a TCP service version scan on the specified target host.

The scan results are accessed using the properties of the nm object. The script iterates over all the discovered hosts, protocols, and ports, and prints out the relevant information.

Make sure to replace '192.168.0.1' with the IP address or hostname of the target you want to scan.

Conclusion

Nmap is a versatile network scanning tool that can be utilized effectively using the python-nmap library. With its extensive set of features and scripting capabilities, it can help automate network scanning tasks and provide valuable insights for securing your systems.