passive Nmap like scanner built with shodan.io
Smap is a replica of Nmap which uses shodan.io’s free API for port scanning. It takes same command line arguments as Nmap and proudces the same output which makes it a drop-in replacament for Nmap.
- Scans 200 hosts per second
- Vulnerability detection
- Supports all nmap’s output formats
- Service and version fingerprinting
- Makes no contact to the targets
- Doesn’t require any account/api key
go install -v github.com/s0md3v/smap/cmd/[email protected]
Smap takes the same arguments as Nmap but options other than
-iL are ignored. If you are unfamiliar with Nmap, here’s how to use Smap.
smap -sV 127.0.0.1 127.0.0.2
You can also use a list of targets, seperated by newlines.
smap -iL targets.txt
126.96.36.199 // IPv4 address example.com // hostname 188.8.131.52/8 // CIDR 184.108.40.206-87 // Range
SMap supports Nmap’s 3 major output formats
smap example.com -oX output.xml
If you want to print the output to terminal, use hyphen (
-) as filename.
oX // xml oG // greppable format oN // nmap format oA // output in all 3 formats at once
SMap scans these 1237 ports by default. If you want to display results for certain ports, use the
smap -p21-30,80,443 -iL targets.txt
Since Smap simply fetches existent port data from shodan.io, it is super fast but there’s more to it. You should use Smap if:
- vulnerability detection
- a super fast port scanner
- results for most common ports (top 1237)
- no connections to be made to the targets
You are okay with
- not being able to scan IPv6 addresses
- results being up to 7 days old
- a few false negatives