royharoush/masScan2nMap.sh

## masScan2nMap.sh
#!/bin/bash
#requires nmap and masscan to be installed and the following nmap scripts
apt-get install nmap masscan -y
sudo wget https://raw.githubusercontent.com/vulnersCom/nmap-vulners/master/vulners.nse -O /usr/share/nmap/scripts/vulners.nse
sudo wget https://raw.githubusercontent.com/vulnersCom/nmap-vulners/master/http-vulners-paths.txt  -O /usr/share/nmap/nselib/data/http-vulners-paths.txt
sudo wget https://raw.githubusercontent.com/vulnersCom/nmap-vulners/master/http-vulners-regex.json -O /usr/share/nmap/nselib/data/http-vulners-regex.json
sudo wget https://raw.githubusercontent.com/vulnersCom/nmap-vulners/master/http-vulners-regex.nse -O  /usr/share/nmap/scripts/http-vulners-regex.nse
sudo nmap --script-updatedb
rm ./nmapresults/*.xml
echo "starting masscan"
sudo masscan --rate=500 --banners  -iL $1 --randomize-hosts -p  `cat /usr/share/nmap/nmap-services | grep -i tcp| sort -k 3 -n -r  |   awk '{print $2}' |cut -d"/" -f1 | head -9000 |tr '\n' "," && echo 10255,10254` -oJ $1-targets-banners-2000-ports.json # run masscan against top 2000 ports from the nmap services file.
echo "finished masscan"
mkdir ./split
mkdir ./nmapresults
cat ./$1-targets-banners-2000-ports.json| awk '{print $3 $9}' |  tr -d , | tr '"' " " | sort -u  | awk '{print "nmap -p" $2" "  $1 " -sV -oA ./nmapresults/"$1"-result-"$2".xml --script=banner --host-timeout 55 -vvv -Pn -R --script=asn-query  --script=vulners --script=http-vulners-regex --script=http-headers "   }' | sort -u | sort -R  > ./scan.txt # create IP-port nmap command lines from the masscan results.
IFS=$'\n'       # make newlines the only separator
rm ./split/*-ScanTarget
#rm ./nmapresults/*.xml
split  -l 30 --additional-suffix=-ScanTarget   ./scan.txt  # split the nmap commands into smaller batches.
mv *-ScanTarget ./split
for file in $(ls ./split/*-ScanTarget); do sleep 60  &&  for target in  $(cat $file); do  sh -c $target    & done ;done # run each splitted file (contains 30 nmap commands) and wait for 60 seconds untill the next batch
	#!/bin/bash
	#requires nmap and masscan to be installed and the following nmap scripts
	apt-get install nmap masscan -y
	sudo wget https://raw.githubusercontent.com/vulnersCom/nmap-vulners/master/vulners.nse -O /usr/share/nmap/scripts/vulners.nse
	sudo wget https://raw.githubusercontent.com/vulnersCom/nmap-vulners/master/http-vulners-paths.txt -O /usr/share/nmap/nselib/data/http-vulners-paths.txt
	sudo wget https://raw.githubusercontent.com/vulnersCom/nmap-vulners/master/http-vulners-regex.json -O /usr/share/nmap/nselib/data/http-vulners-regex.json
	sudo wget https://raw.githubusercontent.com/vulnersCom/nmap-vulners/master/http-vulners-regex.nse -O /usr/share/nmap/scripts/http-vulners-regex.nse
	sudo nmap --script-updatedb
	rm ./nmapresults/*.xml
	echo "starting masscan"
	sudo masscan --rate=500 --banners -iL $1 --randomize-hosts -p `cat /usr/share/nmap/nmap-services \| grep -i tcp\| sort -k 3 -n -r \| awk '{print $2}' \|cut -d"/" -f1 \| head -9000 \|tr '\n' "," && echo 10255,10254` -oJ $1-targets-banners-2000-ports.json # run masscan against top 2000 ports from the nmap services file.
	echo "finished masscan"
	mkdir ./split
	mkdir ./nmapresults
	cat ./$1-targets-banners-2000-ports.json\| awk '{print $3 $9}' \| tr -d , \| tr '"' " " \| sort -u \| awk '{print "nmap -p" $2" " $1 " -sV -oA ./nmapresults/"$1"-result-"$2".xml --script=banner --host-timeout 55 -vvv -Pn -R --script=asn-query --script=vulners --script=http-vulners-regex --script=http-headers " }' \| sort -u \| sort -R > ./scan.txt # create IP-port nmap command lines from the masscan results.
	IFS=$'\n' # make newlines the only separator
	rm ./split/*-ScanTarget
	#rm ./nmapresults/*.xml
	split -l 30 --additional-suffix=-ScanTarget ./scan.txt # split the nmap commands into smaller batches.
	mv *-ScanTarget ./split
	for file in $(ls ./split/*-ScanTarget); do sleep 60 && for target in $(cat $file); do sh -c $target & done ;done # run each splitted file (contains 30 nmap commands) and wait for 60 seconds untill the next batch