https://github.com/morpheuslord/nmap-api
Uses python3.10, Debian, python-Nmap, OpenaAI, and flask framework to create a Nmap API that can do scans with a good speed online and is easy to deploy. This is a implementation for our college PCL project which is still under development and constantly updating.
https://github.com/morpheuslord/nmap-api
chatgpt flask flask-restful flask-sqlalchemy hacking hacking-tool nmap nmap-api nmap-scanner-api nmap-scripts nmap-vulnerability openai-api poc python python-flask-api python-nmap-api reasearch-papers
Last synced: 3 months ago
JSON representation
Uses python3.10, Debian, python-Nmap, OpenaAI, and flask framework to create a Nmap API that can do scans with a good speed online and is easy to deploy. This is a implementation for our college PCL project which is still under development and constantly updating.
- Host: GitHub
- URL: https://github.com/morpheuslord/nmap-api
- Owner: morpheuslord
- License: mit
- Created: 2022-09-05T02:47:49.000Z (almost 3 years ago)
- Default Branch: main
- Last Pushed: 2025-01-22T19:08:53.000Z (5 months ago)
- Last Synced: 2025-03-30T17:09:26.658Z (3 months ago)
- Topics: chatgpt, flask, flask-restful, flask-sqlalchemy, hacking, hacking-tool, nmap, nmap-api, nmap-scanner-api, nmap-scripts, nmap-vulnerability, openai-api, poc, python, python-flask-api, python-nmap-api, reasearch-papers
- Language: HTML
- Homepage:
- Size: 229 KB
- Stars: 78
- Watchers: 3
- Forks: 18
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- License: LICENSE
- Code of conduct: CODE_OF_CONDUCT.md
Awesome Lists containing this project
README
# Nmap API
Uses python3.10, Debian, python-Nmap, and flask framework to create an Nmap API that can do scans with a good speed online and is easy to deploy.
This is an implementation for our college PCL project which is still under development and constantly updating.
## API Reference
#### Get all items
```
GET /api/p1/{auth_key}/{target}
GET /api/p2/{auth_key}/{target}
GET /api/p3/{auth_key}/{target}
GET /api/p4/{auth_key}/{target}
GET /api/p5/{auth_key}/{target}
```
| Parameter | Type | Description |
| :--------- | :------- | :--------------------------------------- |
| `auth_key` | `string` | **Required**. The API auth key gebe |
| `target` | `string` | **Required**. The target Hostname and IP |
#### Get item
```
GET /api/p1/
GET /api/p2/
GET /api/p3/
GET /api/p4/
GET /api/p5/
GET /api/p6/
GET /api/p7/
GET /api/p8/
GET /api/p9/
GET /api/p10/
GET /api/p11/
GET /api/p12/
GET /api/p13/
```
| Parameter | Return data | Description | Nmap Command |
| :-------- | :---------- | :--------------------------------------------------- | :---------------------------------------------------- |
| `p1` | `json` | Effective Scan | `-Pn -sV -T4 -O -F` |
| `p2` | `json` | Simple Scan | `-Pn -T4 -A -v` |
| `p3` | `json` | Low Power Scan | `-Pn -sS -sU -T4 -A -v` |
| `p4` | `json` | Partial Intense Scan | `-Pn -p- -T4 -A -v` |
| `p5` | `json` | Complete Intense Scan | `-Pn -sS -sU -T4 -A -PE -PP -PY -g 53 --script=vuln` |
| `p6` | `json` | Comprehensive Service Version Detection | `-Pn -sV -p- -A` |
| `p7` | `json` | Aggressive Scan with OS Detection | `-Pn -sS -sV -O -T4 -A` |
| `p8` | `json` | Script Scan for Common Vulnerabilities | `-Pn -sC` |
| `p9` | `json` | Intense Scan, All TCP Ports | `-Pn -p 1-65535 -T4 -A -v` |
| `p10` | `json` | UDP Scan | `-Pn -sU -T4` |
| `p11` | `json` | Service and Version Detection for Top Ports | `-Pn -sV --top-ports 100` |
| `p12` | `json` | Aggressive Scan with NSE Scripts for Vulnerabilities | `-Pn -sS -sV -T4 --script=default,discovery,vuln` |
| `p13` | `json` | Fast Scan for Common Ports | `-Pn -F` |
#### Auth and User management
```
GET /register//
```
| Parameter | Type | Description |
| :-------- | :------- | :---------- |
| `ID` | `Int` | user ID |
| `Passwd` | `String` | User Passwd |
## Improvements
Added GPT functionality with chunking module.
The methodology is based on how `Langchain GPT embeddings` operate. Basically the operation goes like this:
```text
Data -> Chunks_generator ─┐ ┌─> AI_Loop -> Data_Extraction -> Return_Data
├─> Chunk1 ─┤
├─> Chunk2 ─┤
├─> Chunk3 ─┤
└─> Chunk N ─┘
```
AI code:
```python
def AI(analize: str) -> dict[str, any]:
prompt = f"""
Do a NMAP scan analysis on the provided NMAP scan information
The NMAP output must return in a JSON format accorging to the provided
output format. The data must be accurate in regards towards a pentest report.
The data must follow the following rules:
1) The NMAP scans must be done from a pentester point of view
2) The final output must be minimal according to the format given.
3) The final output must be kept to a minimal.
4) If a value not found in the scan just mention an empty string.
5) Analyze everything even the smallest of data.
6) Completely analyze the data provided and give a confirm answer using the output format.
The output format:
{{
"critical score": [""],
"os information": [""],
"open ports": [""],
"open services": [""],
"vulnerable service": [""],
"found cve": [""]
}}
NMAP Data to be analyzed: {analize}
"""
messages = [{"content": prompt, "role": "assistant"}]
response = openai.ChatCompletion.create(
model=model_engine,
messages=messages,
max_tokens=2500,
n=1,
stop=None,
)
response = response['choices'][0]['message']['content']
ai_output = {
"markdown": response
}
return ai_output
```
**Default_Key**: **e43d4**
`newer updates are still in progress`