Si eres amante y curioso en la seguridad Informática esta herramienta te va a encantar les presento a Scanless la cual es una utilidad de línea de comandos para usar sitios web que pueden realizar escaneos de puertos en su nombre. Útil para las primeras etapas de una prueba de penetración o si desea ejecutar un escaneo de puertos en un host y que no provenga de su dirección IP.

Puedes descargarlo desde el repositorio en Github

Esta herramienta usa los servicios de las siguientes urls:

 

Instalar

Para instalar, simplemente ejecuta:

$ sudo pip install scanless

Uso

$ scanless –help

usage: scanless [-h] [-t TARGET] [-s SCANNER] [-l] [-a]

 

scanless, public port scan scrapper

 

optional arguments:

-h, –help            show this help message and exit

-t TARGET, –target TARGET

ip or domain to scan

-s SCANNER, –scanner SCANNER

scanner to use (default: hackertarget)

-r, –random          use a random scanner

-l, –list            list scanners

-a, –all             use all the scanners

 

$ scanless –list

Scanner Name   | Website

—————|——————————

yougetsignal   | http://www.yougetsignal.com

viewdns        | http://viewdns.info

hackertarget   | https://hackertarget.com

ipfingerprints | http://www.ipfingerprints.com

pingeu         | http://ping.eu

spiderip       | https://spiderip.com

t1shopper      | http://www.t1shopper.com

 

$ scanless -t scanme.nmap.org -s ipfingerprints

Running scanless…

 

——- ipfingerprints ——-

Host is up (0.16s latency).

Not shown: 491 closed ports

PORT   STATE SERVICE

22/tcp open  ssh

80/tcp open  http

Device type: general purpose

Running: Linux 3.X|4.X

OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4

OS details: Linux 3.2 – 4.6

Network Distance: 7 hops

——————————

 

$ scanless -a -t scanme.nmap.org

Running scanless…

 

——- yougetsignal ——-

PORT     STATE  SERVICE

21/tcp   closed ftp

22/tcp   open   ssh

23/tcp   closed telnet

25/tcp   closed smtp

53/tcp   closed dns

80/tcp   open   http

110/tcp  closed pop3

115/tcp  closed sftp

135/tcp  closed msrpc

139/tcp  closed netbios

143/tcp  closed imap

194/tcp  closed irc

443/tcp  closed https

445/tcp  closed smb

1433/tcp closed mssql

3306/tcp closed mysql

3389/tcp closed rdp

5632/tcp closed pcanywhere

5900/tcp closed vnc

6112/tcp closed wc3

—————————-

 

——- viewdns ——-

PORT     STATE  SERVICE

21/tcp   closed ftp

22/tcp   open   ssh

23/tcp   closed telnet

25/tcp   closed smtp

53/tcp   closed dns

80/tcp   open   http

110/tcp  closed pop3

139/tcp  closed netbios

143/tcp  closed imap

443/tcp  closed https

445/tcp  closed smb

1433/tcp closed mssql

1521/tcp closed oracle

3306/tcp closed mysql

3389/tcp closed rdp

———————–

 

——- hackertarget ——-

Starting Nmap 7.01 ( https://nmap.org ) at 2017-05-14 16:46 UTC

Nmap scan report for scanme.nmap.org (45.33.32.156)

Host is up (0.066s latency).

Other addresses for scanme.nmap.org (not scanned): 2600:3c01::f03c:91ff:fe18:bb2f

PORT     STATE  SERVICE       VERSION

21/tcp   closed ftp

22/tcp   open   ssh           OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.8 (Ubuntu Linux; protocol 2.0)

23/tcp   closed telnet

25/tcp   closed smtp

80/tcp   open   http          Apache httpd 2.4.7 ((Ubuntu))

110/tcp  closed pop3

143/tcp  closed imap

443/tcp  closed https

445/tcp  closed microsoft-ds

3389/tcp closed ms-wbt-server

Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

 

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .

Nmap done: 1 IP address (1 host up) scanned in 6.94 seconds

—————————-

 

——- ipfingerprints ——-

Host is up (0.16s latency).

Not shown: 491 closed ports

PORT   STATE SERVICE

22/tcp open  ssh

80/tcp open  http

Device type: general purpose

Running: Linux 3.X|4.X

OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4

OS details: Linux 3.2 – 4.6

Network Distance: 7 hops

——————————

 

——- pingeu ——-

PORT     STATE  SERVICE

21/tcp   closed ftp

22/tcp   open   ssh

23/tcp   closed telnet

25/tcp   closed smtp

53/tcp   closed dns

80/tcp   open   http

139/tcp  closed netbios

443/tcp  closed https

445/tcp  closed smb

3389/tcp closed rdp

———————-

 

——- spiderip ——-

PORT     STATE  SERVICE

21/tcp   closed ftp

22/tcp   open   ssh

25/tcp   closed smtp

80/tcp   open   http

110/tcp  closed pop3

143/tcp  closed imap

443/tcp  closed https

465/tcp  closed smtps

993/tcp  closed imaps

995/tcp  closed pop3s

1433/tcp closed mssql

3306/tcp closed mysql

3389/tcp closed rdp

5900/tcp closed vnc

8080/tcp closed http-alt

8443/tcp closed https-alt

————————

 

——- t1shopper ——-

PORT     STATE  SERVICE

21/tcp   closed ftp

23/tcp   closed telnet

25/tcp   closed smtp

80/tcp   open   http

110/tcp  closed pop3

139/tcp  closed netbios

445/tcp  closed smb

1433/tcp closed mssql

1521/tcp closed oracle

1723/tcp closed pptp

3306/tcp closed mysql

3389/tcp closed rdp

5900/tcp closed vnc

8080/tcp closed http-alt

————————-

Aqui te dejamos un video demostrativo gracias a pentesttoolz.com

Danos tu reacción

0
Me encanta
0
Me alegra
0
Me sorprende
0
Me entristese
0
Me enoja