RustMap is a fast banner-grabbing port scanner that enriches findings with exploit-db lookups. It launches highly parallel TCP connect probes, fingerprints common services using a curated set of nmap-style payloads, and then ranks any matching exploits by an opinionated risk score.
- Fast TCP scanner – scan the top 1k–30k ports or all 65,535 with a multithreaded engine.
- Lightweight service detection – banner grabbing and protocol-specific probes inspired by nmap fingerprints.
- Exploit enrichment – automatic
searchsploitqueries for each detected product/version pair. - Risk scoring – heuristic score based on exploit count, CVSS keywords, and service criticality.
- Rich terminal UX – live progress bars, color-coded risk cards, and optional JSON output for automation.
- Rust 1.70 or newer
searchsploit(from exploit-db) available on your$PATH
git clone https://github.com/3xecutablefile/RustMap.git
cd RustMap
cargo install --path .rustmap <target> [-1k|-2k|...|-30k] [--json]
-Nk– limit the scan to the firstN * 1000TCP ports (e.g.-5kscans ports 1–5000). Without this flag, RustMap scans all 65,535 ports.--json– emit structured output instead of the interactive TUI.
# Scan the default full port range
rustmap 192.168.1.10
# Scan the top 5000 ports only
rustmap example.com -5k
# Pipe JSON results into jq
rustmap target.local --json | jq- Target resolution – resolve the hostname once and reuse every socket address.
- Parallel TCP scan – fire short-lived TCP connect attempts across a rayon thread pool.
- Protocol fingerprinting – run null reads and targeted probes to capture banners and detect services.
- Exploit lookup – query
searchsploitfor each unique product/version signature. - Risk aggregation – score and sort results before presenting either JSON or rich terminal cards.
MIT
Made by: 3xecutablefile