Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/trevordavenport/MasscanAutomation

Masscan integrated with Shodan API
https://github.com/trevordavenport/MasscanAutomation

Last synced: about 7 hours ago
JSON representation

Masscan integrated with Shodan API

Host: GitHub
URL: https://github.com/trevordavenport/MasscanAutomation
Owner: trevordavenport
Created: 2015-08-22T03:10:26.000Z (about 9 years ago)
Default Branch: master
Last Pushed: 2017-07-12T20:04:32.000Z (over 7 years ago)
Last Synced: 2023-08-02T12:55:15.453Z (over 1 year ago)
Language: Python
Size: 9.77 KB
Stars: 40
Watchers: 3
Forks: 20
Open Issues: 2
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

awesome-ip-search-engines - Masscan Automation (Shodan)

README

        Masscan + Shodan Automation

===========================

> Integrating Masscan port scanner with Shodan API using Python

```

Author: Trevor Davenport

```

#### Update (12/5/15) ####

> We've Been Added to BlackArch Distro!

![](http://i.imgur.com/qscg347.png)

#### Background ####

```

  Masscan Port Scanner: https://github.com/robertdavidgraham/masscan

  Masscan Man Page:     http://manpages.ubuntu.com/manpages/vivid/man8/masscan.8.html

  

  Python Dependencies: Requests (http://www.python-requests.org/en/latest/)

                       BeautifulSoup (http://www.crummy.com/software/BeautifulSoup/)

                       Shodan API (https://shodan.readthedocs.org/en/latest/)

                       

  Other Dependencies: CURL (http://curl.haxx.se/)

```

___

#### Overview ####

```

 1  [*] Masscan initiates port scan

 2   [*] Results are generated in XML output

 3    [*] Output is pushed to scanhub.shodan.io/repo

 4     [*] Data Analysis for Security/Vulnerability Management

```

___

#### Usage ####

![](http://i.imgur.com/cFcey2H.png)

___

### Shodan API ###

###### Service to Port Shodan Mapping ######

  Shodan Provides a dictionary of common Ports to known Services, we can use this data to further expand the knowledge of our open port list.

![](http://i.imgur.com/WFUZstr.png)

  Data Analysis will render the Services and Service Count from the masscan results.

![](http://i.imgur.com/9R6er6y.png)

###### Parsing Masscan XML Results ######

  Using BeautifulSoup, we parse the XML File into meaningful data.

![](http://i.imgur.com/GAgC0Af.png)

  Cleaned Up. A Mapping of Host to Port(s).

![](http://i.imgur.com/eGS0gR0.png)

###### Output Results ######

![](http://i.imgur.com/5CXOxYM.png)

#### Future Versions ####

```

 If I had more time to implement this I would have done some aspects differently.

    - Integrate ShodanAPI Exploit search for known/unknown ports

    - Parse Banners for each Host, look for any vulnerabilities/verbose information about servers.

    - Utilize Amazon instances for MapReduce-esque efficiency

    - Input Formatting (IP Address)

    - Testing API Key

    - Do Away with Python.os() -- Yeah.. I know. Quick, Dirty and Effective was the name of the game

    - Integrate ShodanMaps (see screenshot below)

```

##### TODO: Integrate Shodan Maps #####

![](http://i.imgur.com/539sULZ.png)