passive Nmap like scanner built with shodan.io
Smap is a replica of Nmap which uses shodan.io’s free API for port scanning. It takes same command line arguments as Nmap and proudces the same output which makes it a drop-in replacament for Nmap.
go install -v github.com/s0md3v/smap/cmd/smap@latest
Smap takes the same arguments as Nmap but options other than -p
, -h
, -o*
, -iL
are ignored. If you are unfamiliar with Nmap, here’s how to use Smap.
smap <targets here>
SMap scans these 1237 ports by default. If you want to display results for certain ports, use the -p
option.
smap -p21-30,80,443 -iL targets.txt
Since Smap simply fetches existent port data from shodan.io, it is super fast but there’s more to it. You should use Smap if:
$ smap kb.offsec.nl
Starting Nmap 9.99 ( https://nmap.org ) at 2022-04-01 14:06 CEST
Nmap scan report for kb.offsec.nl (104.21.67.203)
Host is up.
rDNS record for 104.21.67.203: sni.cloudflaressl.com
PORT STATE SERVICE VERSION
80/tcp open http?
443/tcp open https?
2082/tcp open infowave?
2083/tcp open radsec?
2086/tcp open gnunet?
2087/tcp open eli?
2096/tcp open nbx-dir?
8080/tcp open http-alt?
8443/tcp open pcsync-https?
8880/tcp open cddbp-alt?
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 0.38 seconds