Smap - A Drop-In Replacement For Nmap Powered By Shodan.Io

Smap is a replica of Nmap which uses shodan.io's free API for port scanning. It takes same command line arguments as Nmap and produces the same output which makes it a drop-in replacament for Nmap.

Features

Scans 200 hosts per second Doesn't require any account/api key Vulnerability detection Supports all nmap's output formats Service and version fingerprinting Makes no contact to the targets

Installation

Manual

go install -v github.com/s0md3v/smap/cmd/[email protected]

Confused? For more detailed instructions, click here

AUR pacakge

Smap is available on AUR as smap-git.

Usage

Smap takes the same arguments as Nmap but options other than -p, -h, -o*, -iL are ignored. If you are unfamiliar with Nmap, here's how to use Smap.

Specifying targets

You can also use a list of targets, seperated by newlines.

Supported formats

Output

Smap supports 6 output formats which can be used with the -o* as follows

If you want to print the output to terminal, use hyphen (-) as filename.

Supported formats

Note: Since Nmap doesn't scan/display vulnerabilities and tags, that data is not available in nmap's formats. Use -oS to view that info.

Specifying ports

Smap scans these 1237 ports by default. If you want to display results for certain ports, use the -p option.

Considerations

Since Smap simply fetches existent port data from shodan.io, it is super fast but there's more to it. You should use Smap if:

You want

vulnerability detection a super fast port scanner results for most common ports (top 1237) no connections to be made to the targets

You are okay with

not being able to scan IPv6 addresses results being up to 7 days old a few false negatives