Scantron: A distributed nmap scanning framework

in #scantron6 years ago

Disclaimer: All information and software available on this site are for educational purposes only. Use these at your own discretion, the site owners cannot be held responsible for any damages caused. The views expressed on this site are our own and do not necessarily reflect those of our employers. If you don't know how to attack, you will not know how to defense.


Scantron

Scantron  is a distributed nmap scanner comprised of two components. The first is  a master node that consists of a web front end used for scheduling  scans and storing nmap scan targets and results. The second component is  an agent that pulls scan jobs from the master and conducts the actual  nmap scanning. A majority of the application’s logic is purposely placed  on the master to make the agent(s) as “dumb” as possible. All nmap  target files and nmap results reside on master and are shared through a  network file share (NFS) leveraging SSH tunnels. The agents call back  to master periodically using a REST API to check for scan tasks and  provide scan status updates.

Scantron is coded for Python3.6+ exclusively and leverages Django for  the web front-end, Django REST Framework as the API endpoint,  PostgreSQL as the database, and comes complete with Ubuntu-focused  Ansible playbooks for smooth deployments. Scantron has been tested on  Ubuntu 18.04 and may be compatible with other operating systems.  Scantron’s inspiration comes from:

Scantron relies heavily on utilizing SSH port forwards (-R / -L) as an  umbilical cord to the agents. Either an SSH connection from master –> agent or agent –> master is  acceptable and may be required depending on different firewall rules,  but tweaking the port forwards and autossh commands will be necessary.