Nmmapper.com

Menu

Last update on .

A distributed nmap / masscan scanning framework
A distributed nmap / masscan scanning framework

Scantron is a distributed nmap scanner comprised of two components. The first is a Master node that consists of a web front end used for scheduling scans and storing nmap scan targets and results.

 

About Scantron

Scantron is a distributed nmap scanner comprised of two components. The first is a Master node that consists of a web front end used for scheduling scans and storing nmap scan targets and results. The second component is an agent that pulls scan jobs from Master and conducts the actual nmap scanning. A majority of the application's logic is purposely placed on Master to make the agent(s) as "dumb" as possible. All nmap target files and nmap results reside on Master and are shared through a network file share (NFS) leveraging SSH tunnels. The agents call back to Master periodically using a REST API to check for scan tasks and provide scan status updates.

Scantron is coded for Python3.6+ exclusively and leverages Django for the web front-end, Django REST Framework as the API endpoint, PostgreSQL as the database, and comes complete with Ubuntu-focused Ansible playbooks for smooth deployments. Scantron has been tested on Ubuntu 18.04 and may be compatible with other operating systems. Scantron's inspiration comes from:

  • Dnmap
  • Minions
  • Rainmap
  • Rainmap-lite

 

Scantron relies heavily on utilizing SSH port forwards (-R / -L) as an umbilical cord to the agents. Either an SSH connection from Master --> agent or agent --> Master is acceptable and may be required depending on different firewall rules, but tweaking the port forwards and autossh commands will be necessary. If you are unfamiliar with these concepts, there are some great overviews and tutorials out there:

Scantron Use cases

Scantron is not engineered to be quickly deployed to a server to scan for a few minutes, then torn down and destroyed.
It's better suited for having a set of static scanners (e.g., "internal-scanner", "external-scanner") with a relatively static set of assets to scan.

Scantron Architecture Diagram

 

Scantron Hardware Requirements

  • Agent: If you plan on compiling masscan on an agent, you'll need at least 1024 MB of memory. It fails to build with only 512 MB. If you do not want to build masscan, set install_masscan_on_agent to False in ansible-playbooks/group_vars/all

  • Master: 512 MB of memory was the smallest amount successfully tested.


Scantron Installation

Installation requires a general knowledge of Python, pip, and Ansible. Every attempt to make the deployment as simple as possible has been made.

 

Scantron API Documentation

There are 3 ways to explore and play around with the API.

  • The first is the Django REST Framework view
  • You can also dig through the API documentation using ReDoc

  • Lastly, you can interact with the API using Swagger:

Scantron Database Model Graph

 

Cross Reading

Top Linux Blogs by Feedspot

 

 

From our friends

Similar entries

Comments

Comments are closed.