For the continuation of this project please see Peplum::Nmap.
QMap is a distributed network mapper/security scanner backed by:
- Cuboid for the distributed architecture.
- nmap for the scanning engine.
- ruby-nmap for the Ruby middleware.
Its basic function is to distribute the scanning of IP ranges across multiple machines and thus parallelize an otherwise quite time consuming task.
$ git clone git@github.com:qadron/qmap.git
$ cd qmap
$ bundle install
See the examples/ directory.
Qmap can initiate scans from the same machine, but the idea behind it is to use a Grid which transparently load-balances and line-aggregates, in order to combine resources and perform a faster scan than one single machine could.
That Grid technology is graciously provided by Cuboid and can be setup like so:
$ bundle exec irb
irb(main):001:0> require 'qmap'
=> true
irb(main):002:0> Qmap::Application.spawn( :agent, address: Socket.gethostname )
I, [2023-05-21T19:11:20.772790 #359147] INFO -- System: Logfile at: /home/zapotek/.cuboid/logs/Agent-359147-8499.log
I, [2023-05-21T19:11:20.772886 #359147] INFO -- System: [PID 359147] RPC Server started.
I, [2023-05-21T19:11:20.772892 #359147] INFO -- System: Listening on xps:8499
And at the terminal of another machine:
$ bundle exec irb
irb(main):001:0> require 'qmap'
=> true
irb(main):002:0> Qmap::Application.spawn( :agent, address: Socket.gethostname, peer: 'xps:8499' )
I, [2023-05-21T19:12:38.897746 #359221] INFO -- System: Logfile at: /home/zapotek/.cuboid/logs/Agent-359221-5786.log
I, [2023-05-21T19:12:38.998472 #359221] INFO -- System: [PID 359221] RPC Server started.
I, [2023-05-21T19:12:38.998494 #359221] INFO -- System: Listening on xps:5786
That's a Grid of 2 Qmap Agents, both of them available to provide scanner Instances that can be used to parallelize network mapping/security scans.
If those 2 machines use a different pipe to the network you wish to scan, the result will be that the network resources are going to be in a way combined; or if the scan is too CPU intensive for just one machine, this will split the workload amongst the 2.
The cool thing is that it doesn't matter to which you refer for Instance spawning, the appropriate one is going to be the one providing it.
You can then configure the REST service to use any of those 2 Agents and perform your scan -- see examples/rest.rb.
The REST service is good for integration, so it's your safe bet; you can however also take advantage of the internal RPC protocol and opt for something more like examples/rpc.rb.
Bug reports and pull requests are welcome on GitHub at https://github.com/qadron/qmap.
QMap is a Qadron project and as such funded by Ecsypno Single Member P.C..