const grabber = require('grab.js');
grabber.grab(ip, port)
.run()
.then(result => { /* process the result */ })
.catch(err => { /* error handling */ })Returns a Grab object. You need to call run method to execute it.
ip: target ipportport numberoptions(optional): An object contains initial settings for theGrab, supportstlsandpayloadand both of them are optional.
Exeute the task, returns a Promise which yields a record. The record can have following fields:
record.banner: the banner Bufferrecord.certificate: certificate information (only avaliable when TLS is enabled)
Enable TLS.
The Buffer to send when connection established. Payload file can be found under nmap/paylaods.
Escape buffer to printable chars.
Returns a promise that loads a parser function with given parser rule name. Rule names can be found under nmap/parsers.
Parse buffer to fingerprints. Fingerprint could have following fields:
- cpes: common platform enumeration
- os: operating system
- product: product name
- device: device type
- service: service name, same as the only arguments for
grabber.parser - version: software version
Notice that a Parser object instance is not exported. This is by design.
This project provides a cli tool for quick banner grab like zgrab
For example, scanning ftp banner on given CIDR:
sudo zmap -p 80 [cidr] | node cli.js -p 80 --payload=tcp/GetRequest --parse http > http.json
Leave cidr blank to scan 0.0.0.0/20
find nmap to checkout all avaliable parsers and payloads.
-p, --portthe port-s, --tlsuse tls (https, imaps, etc)--payloadsend a payload upon connection.ls -R nmap/payloadsto see all supported parsers.--parserparse banner with nmap's rule.ls nmap/parsersto see all supported parsers.
Thanks to the marvellous nmap project who has collected so many rules for fingerprinting.
GPLv2
