New tool: nbtscan

[Patrick-DE]

{
  "name": "nbtscan",
  "phases": [
    "02. Reconnaissance"
  ],
  "category": "",
  "stealthy": false,
  "platforms": [
    "Linux"
  ],
  "source": "https://github.com/charlesroelli/nbtscan",
  "description": "NBTscan is a program for scanning IP networks for NetBIOS name information. It sends NetBIOS status queries to each address in the supplied range and lists received information in human-readable form.",
  "undetected": [],
  "detected": [],
  "content": "",
  "commands": [
    {
      "id": "f5f60dff-5db9-4e91-bfc6-ef010e5450f2",
      "name": "Help",
      "description": "",
      "tag": "",
      "results": [],
      "cmd": "Usage:\nnbtscan [-v] [-d] [-e] [-l] [-t TIMEOUT] [-b BANDWIDTH] [-r] [-q] [-s SEPARATOR] [-m RETRANSMITS] (-f FILENAME)|(IP_OR_RANGE)\n\nOptions:\n-v      verbose output. Print all names received\n        from each host\n-d      dump packets. Print whole packet contents.\n-e      Format output in /etc/hosts format.\n-l      Format output in lmhosts format.\n        Cannot be used with -v, -s or -h options.\n-t      timeout  wait timeout milliseconds for response.\n        Default 1000.\n-b      bandwidth    Output throttling. Slow down output\n        so that it uses no more that bandwidth bps.\n        Useful on slow links, so that ougoing queries\n        don't get dropped.\n-r      use local port 137 for scans. Win95 boxes\n        respond to this only.\n        You need to be root to use this option on Unix.\n-q      Suppress banners and error messages,\n-s      separator    Script-friendly output. Don't print\n        column and record headers, separate fields with separator.\n-h      Print human-readable names for services.\n        Can only be used with -v option.\n-m      retransmits  Number of retransmits. Default 0.\n-f      filename Take IP addresses to scan from file filename.\n        -f - makes nbtscan take IP addresses from stdin.\n<scan_range>  what to scan. Can either be single IP\n        like 192.168.1.1 or\n        range of addresses in one of two forms: \n        xxx.xxx.xxx.xxx/xx or xxx.xxx.xxx.xxx-xxx."
    },
    {
      "id": "0a58163e-9031-4310-bd3a-64aa03e6e579",
      "name": "Scans 192.168.1.0/24 subnet",
      "description": "",
      "tag": "",
      "results": [
        "INTEL:DOMAIN:COMPUTERS"
      ],
      "cmd": "nbtscan -r 192.168.1.0/24"
    },
    {
      "id": "c5110585-947e-4d16-af3e-9ab6028822fc",
      "name": "Scans C-class network",
      "description": "Prints results in script-friendly format using colon as field separator",
      "tag": "",
      "results": [
        "INTEL:DOMAIN:COMPUTERS"
      ],
      "cmd": "nbtscan -v -s : 192.168.1.0/24"
    },
    {
      "id": "d49dacf9-1f3c-4895-8567-06ef3fe628f3",
      "name": "Scan 192.168.1.0/24 subnet with service names",
      "description": "list all names received from each host (-v), print human-readable service names (-h)",
      "tag": "",
      "results": [
        "INTEL:DOMAIN:COMPUTERS"
      ],
      "cmd": "nbtscan -h -v 192.168.1.0/24"
    }
  ],
  "latest_commit": "2016-05-26T20:16:52Z"
}