Last active
June 5, 2020 02:03
-
-
Save Malayke/1799c9449fd6c8ab73b1e7f76918c116 to your computer and use it in GitHub Desktop.
nmap quick scan script
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
NOCOLOR='\033[0m' | |
RED='\033[0;31m' | |
GREEN='\033[0;32m' | |
ORANGE='\033[0;33m' | |
BLUE='\033[0;34m' | |
PURPLE='\033[0;35m' | |
CYAN='\033[0;36m' | |
LIGHTGRAY='\033[0;37m' | |
DARKGRAY='\033[1;30m' | |
LIGHTRED='\033[1;31m' | |
LIGHTGREEN='\033[1;32m' | |
YELLOW='\033[1;33m' | |
LIGHTBLUE='\033[1;34m' | |
LIGHTPURPLE='\033[1;35m' | |
LIGHTCYAN='\033[1;36m' | |
WHITE='\033[1;37m' | |
echo -e -n "${GREEN}Input target:${NOCOLOR}" | |
read target | |
# Modify the --min-rate parameter according to your target network bandwidth | |
# ----------- | |
# Being careful with --min-rate even outside of production/ICS is a good idea. | |
# Stay well under 10.000 at first, you else might trip a switch or router over the edge, | |
# especially super old ones or if you just don't know. "Building switches" are sometimes really, really. | |
# from https://twitter.com/Wolpertwo/status/1247163736491614210 | |
# ----------- | |
echo -e "${GREEN}start quick scan all ports${NOCOLOR}" | |
ports=$(nmap -p- --min-rate=5000 --max-retries=0 --defeat-rst-ratelimit -n -Pn -T4 $target | grep ^[0-9] | cut -d '/' -f 1 | tr '\n' ',' | sed s/,$//) | |
echo -e "Open ports:${RED}$ports${NOCOLOR}" | |
echo -e "${GREEN}start version scan${NOCOLOR}" | |
nmap --min-rate=5000 --max-retries=0 --defeat-rst-ratelimit -n -Pn -T4 -p$ports -sC -sV $target |
You can also add -T5 to speed up and --max-retries 1 to just ignore ports which are dropping packets.
from: https://twitter.com/b0rn2r00t/status/1246890681219469312
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Since a SYN packet is about 60 bytes, you have roughly the following scan rates in Mbps:
10'000 p/s → 5 Mbps
20'000 p/s → 10 Mbps
100'000 p/s → 50 Mbps
200'000 p/s 100 Mbps
A good tuning option is also --defeat-rst-ratelimit if you only care about open ports!
from: https://twitter.com/mindfuckup/status/1246785570505883648