A single command-line mapping tool to execute multiple NMAP script for network penetration testing that will scan and detect security issues on common ports.
- Added crackmapexec to scan and detect SMBv1 since most of the time when doing internal netpen, there are targets that are running SMB version 1.
- Added Firewall Evasion option to execute firewall evasion scan on the targets.
- Added changes which will scan the -A scripts list in specific order instead of random loop to avoid hang time.
- Added changes which will exclude all port scan using -ap command.
List of Ports
- Port 139 and 445 (SMB)
- Port 443, 1443, 389, 3389 (SSL Cipher)
- Port 137 (NetBIOS)
- Port 1521 (Oracle TNS)
- Port 123 (NTP)
- Port 161 (SNMP)
- Port 389, 636, 3268, 3269 (LDAP)
- Port 80 (HTTP)
- Port 111 (Portmapper)
- Port 3306 (MySQL)
- Port 22 (SSH)
- Port 23 (Telnet)
- Port 8009 (Apache AJP)
- Port 3389 (RDP)
- Port 2049 (NFS)
- Port 110 (Pop3)
- Port 53 (DNS)
- Port 21 (FTP)
- Port 69 (TFTP)
- Port 25,465,587 (SMTP)
git clone https://github.com/evanricafort/lazymap.git && cd lazymap && sudo chmod +x lazymap.sh && sudo ./lazymap.sh
- Usage: ./lazymap.sh -u target [Single Host] or ./lazymap.sh -t multipletarget.txt [Multiple Hosts]
- Additional Options: Insert additional scripts with option -1 for [vulners], -2 for [vuln], -3 for both [vulners & vuln] NSE scripts, -4 for Firewall Evasion Scan and -ap if you want to exclude all port scan.
- Reminder: Option -3 may take some time to finish if you have multiple targets.