-
Notifications
You must be signed in to change notification settings - Fork 14
icmprecon
The goal of icmp_recon.rb is to carry out some basic ICMP ping sweeps across ranges of hosts and provide a summary view suitable for adapting into a security test report.
You can install the dependent gems using bundle install in the TestingScripts directory or you can install them manually. This script depends on nmap-parser , rubyXL if you use the Excel reporting option, builder if you use HTML reporting and rtf if you use RTF reporting. The script also requires access to nmap to run the scans.
The input for this is a file containing ranges to scan. the ranges can be in any format that nmap will accept.
There are a number of different formats available for the output. csv is just plain text (rather obviously), the HTML and Excel reports assign some colours to help visualization, the RTF doesn't as yet but probably will if I get round to it.
This script uses nmap in a way that requires root (or likely cap_net_raw at least) privileges, so there's a couple of options for running it. you can run as root (if you're feeling trusting) which works fine. You can supply the -s switch for sudo access, the downside of this is that if you need to supply a password for sudo access you'll get prompted for it quite a few times...
The other option would be to change nmap to SetUID root, but again this isn't the best from a security perspective. If you do that use the -b option to bypass the root check.
Running the command takes the -f switch which specifies the input file --reportPrefix which sets the report name and then one or more of --csvReport , --htmlReport , --rtfReport , or --excelReport