Sandmap is a tool supporting network and system reconnaissance using the massive Nmap engine.
Sandmap is a tool supporting network and system reconnaissance using the massive Nmap engine. It provides a user-friendly interface, automates and speeds up scanning and allows you to easily use many advanced scanning techniques.
- simple CLI with the ability to run pure Nmap engine
- predefined scans included in the modules
- support Nmap Scripting Engine (NSE) with scripts arguments
- TOR support (with proxychains)
- multiple scans at one time
- at this point: 31 modules with 459 scan profiles
How To Use
# Clone this repository git clone --recursive https://github.com/trimstray/sandmap # Go into the repository cd sandmap # Install ./setup.sh install # Run the app sandmap
- symlink to
bin/sandmapis placed in
- man page is placed in
Before using the Sandmap read the Command Line introduction.
etc/main.cfg configuration file has the following structure:
# shellcheck shell=bash # Specifies the default destination. # Examples: # - dest="127.0.0.1,22.214.171.124" dest="127.0.0.1" # Specifies the extended Nmap parameters. # Examples: # - params="--script ssl-ccs-injection -p 443" params="" # Specifies the default output type and path. # Examples: # - report="xml" report="" # Specifies the TOR connection. # Examples: # - tor="true" tor="" # Specifies the terminal type. # Examples: # - terminal="internal" terminal="internal"
Sandmap uses external utilities to be installed before running:
This tool working with:
- GNU/Linux (testing on Debian and CentOS)
- Bash (testing on 4.4.19)
- Nmap (testing on 7.70)
Also you will need root access.
Available modules: 31
Available scan profiles: 459
If you want to create your own modules, take a look this.
GPLv3 : http://www.gnu.org/licenses/
Free software, Yeah!