Cangibrina – A Fast And Powerfull Dashboard (Admin) Finder

Cangibrina is a multi platform tool which aims to obtain the Dashboard of sites using brute-force over wordlist, google, nmap, and robots.txtRequirements:Python 2.7mechanizePySocksbeautifulsoup4html5libNmap (–nmap)TOR (–tor)Install:Linux git clone http://github.com/fnk0c/cangibrina.git cd cangibrina pip install -r requirements.txtUsageusage: cangibrina.py [-h] -u U [-w W] [-t T] [-v] [–ext EXT] [–user-agent] [–tor] [–search] [–dork DORK] [–nmap [NMAP]]Fast and powerful admin finderoptional arguments: -h, –help show this help message and exit -u U target site -w W set wordlist (default: wl_medium) -t T set threads number (default: 5) -v enable verbose –ext EXT filter path by target extension –user-agent modify user-agent –tor set TOR proxy –search use google and duckduckgo to search –dork DORK set custom dork –nmap [NMAP] use nmap to scan ports and servicesExamples python cangibrina.py -u facebook.com python cangibrina.py -u facebook.com -v python cangibrina.py -u facebook.com -w /root/diretorios.txt -t 10 -v python cangibrina.py -u facebook.com –search -v python cangibrina.py -u facebook.com –search –dork ‘site:facebook.com inurl:login’ python cangibrina.py -u facebook.com -v –nmap python cangibrina.py -u facebook.com -v –nmap ‘sudo nmap -D 127.0.0.1 -F facebook.com’ python cangibrina.py -u facebook.com –user-agent python cangibrina.py -u facebook.com –ext php [IMPORTANT] DORK MUST BE WRITE BETWEEN QUOTES ! [Example] ‘inurl:login.php’Download Cangibrina

Link: http://feedproxy.google.com/~r/PentestTools/~3/4R-YSa8oJ-c/cangibrina-fast-and-powerfull-dashboard.html

Cameradar – An RTSP Surveillance Camera Access Multitool

Cameradar hacks its way into RTSP CCTV camerasCameradar allows you to:Detect open RTSP hosts on any accessible targetGet their public info (hostname, port, camera model, etc.)Launch automated dictionary attacks to get their stream route (for example /live.sdp)Launch automated dictionary attacks to get the username and password of the camerasGenerate thumbnails from them to check if the streams are valid and to have a quick preview of their contentTry to create a Gstreamer pipeline to check if they are properly encodedPrint a summary of all the informations Cameradar could getAnd all of this in a single command-line.Of course, you can also call for individual tasks if you plug in a Database to Cameradar using the MySQL cache manager for example. You can create your own cache manager by following the simple example of the dumb cache manager.Quick installThe quick install uses docker to build Cameradar without polluting your machine with dependencies and makes it easy to deploy Cameradar in a few commands. However, it may require networking knowledge, as your docker containers will need access to the cameras subnetwork.DependenciesThe only dependencies are docker, docker-tools, git and make.Five steps guidegit clone https://github.com/EtixLabs/cameradar.gitcd cameradar/deploymentTweak the conf/cameradar.conf.json as you need (see the configuration guide here for more information)docker-compose build ; docker-compose upBy default, the version of the package in the deployment should be the last stable release.If you want to scan a different target or different ports, change the values CAMERAS_TARGET and CAMERAS_PORTS in the docker-compose.yml file.The generated thumbnails will be in the cameradar_thumbnails folder after Cameradar has finished executing.If you want to deploy your custom version of Cameradar using the same method, you should check the advanced docker deployment tutorial here.Manual installationThe manual installation is recommended if you want to tweak Cameradar and quickly test them using CMake and running Cameradar in command-line. If you just want to use Cameradar, it is recommended to use the quick install instead.DependenciesTo install Cameradar you will need these packagescmake (cmake)git (git)gstreamer1.x (libgstreamer1.0-dev)ffmpeg (ffmpeg)boost (libboost-all-dev)libcurl (libcurl4-openssl-dev)StepsThe simplest way would be to follow these steps :git clone https://github.com/EtixLabs/cameradar.gitcd cameradarmkdir buildcd buildcmake ..makecd cameradar_standalone./cameradar -s the_target_you_want_to_scanOutputFor each camera, Cameradar will output these JSON objects :{ “address" : "173.16.100.45", "ids_found" : true, "password" : "123456", "path_found" : true, "port" : 554, "product" : "Vivotek FD9381-HTV", "protocol" : "tcp", "route" : "/live.sdp", "service_name" : "rtsp", "state" : "open", "thumbnail_path" : "/tmp/127.0.0.1/1463735257.jpg", "username" : "admin"}Check camera accessIf you have VLC Media Player, you should be able to use the GUI to connect to the RTSP stream using this format : rtsp://username:password@address:port/routeWith the above result, the RTSP URL would be rtsp://admin:123456@173.16.100.45:554/live.sdpIf you’re still in your console however, you can go even faster by using vlc in commmand-line and just run vlc rtsp://username:password@address:port/route with the camera’s info instead of the placeholders.Command line options"-c" : Set a custom path to the configuration file (-c /path/to/conf) <<<<<<< HEAD"-s" : Set custom subnets (overrides configuration) : You can use this argument in many ways, using a subnet (e.g.: 172.16.100.0/24) or even an IP (e.g.: 172.16.100.10), a range of IPs (e.g.: 172.16.100.10-172.16.100.20) or a mix of all those (e.g.: 172.17.100.0/24,172.16.100.10-172.16.100.20,0.0.0.0). ======="-s" : Set custom target (overrides configuration)"-p" : Set custom ports (overrides configuration)"-m" : Set number of threads (Default value : 1)"-l" : Set log level "-l 1" : Log level DEBUG Will print everything including debugging logs"-l 2" : Log level INFO Prints every normal information"-l 4" : Log level WARNING Only prints warning and errors"-l 5" : Log level ERROR Only prints errors"-l 6" : Log level CRITICAL Doesn't print anything since Cameradar can't have critical failures right now, however you can use this level to debug your own code easily or if you add new critical layers"-d" : Launch the discovery tool"-b" : Launch the dictionary attack tool on all discovered devices Needs either to be launched with the -d option or to use an advanced cache manager (DB, file, ...) with data already present"-t" : Generate thumbnails from detected cameras Needs either to be launched with the -d option or to use an advanced cache manager (DB, file, ...) with data already present"-g" : Check if the stream can be opened with GStreamer Needs either to be launched with the -d option or to use an advanced cache manager (DB, file, ...) with data already present"-v" : Display Cameradar's version"-h" : Display this help"--gst-rtsp-server" : Use this option if the attack does not seem to work (only detects the username but not the path, or the opposite). This option will switch the order of the attacks to prioritize path over credentials, which is the way priority is handled for cameras that use GStreamer's RTSP server.Download Cameradar

Link: http://feedproxy.google.com/~r/PentestTools/~3/v__FLCUv4Uk/cameradar-rtsp-surveillance-camera.html

Reconnoitre – A Security Tool For Multithreaded Information Gathering And Service Enumeration

A reconnaissance tool made for the OSCP labs to automate information gathering and service enumeration whilst also creating a directory structure of results for each host, recommended commands to execute and directory structures for storing loot and flags.UsageThis tool can be used and copied for personal use freely however attribution and credit should be offered to Mike Czumak who originally started the process of automating this work. Argument Description -h, –help Display help message and exit -t TARGET_HOSTS Set either a target range of addresses or a single host to target. May also be a file containing hosts. -o OUTPUT_DIRECTORY Set the target directory where results should be written. -w WORDLIST Optionally specify your own wordlist to use for pre-compiled commands, or executed attacks. –dns DNS_SERVER Optionally specify a DNS server to use with a service scan. –pingsweep Write a new target.txt file in the OUTPUT_DIRECTORY by performing a ping sweep and discovering live hosts. –dnssweep Find DNS servers from the list of target(s). –snmpsweep Find hosts responding to SNMP requests from the list of target(s). –services Perform a service scan over the target(s) and write recommendations for further commands to execute. –snmpwalk SNMP walk target hosts and save results. –hostnames Attempt to discover target hostnames and write to hostnames.txt. –quiet Supress banner and headers and limit feedback to grepable results. –execute Execute shell commands from recommendations as they are discovered. Likely to lead to very long execution times depending on the wordlist being used and discovered vectors. –simple_exec Execute non-brute forcing shell comamnds only commands as they are discovered. Likely to lead to very long execution times depending on the wordlist being used and discovered vectors. –quick Move to the next target after performing a quick scan and writing first-round recommendations. Usage ExamplesNote that these are some examples to give you insight into potential use cases for this tool. Command lines can be added or removed based on what you wish to acomplish with your scan.Scan a single host, create a file structure and discover servicespython ./reconnoitre.py -t 192.168.1.5 -o /root/Documents/labs/ –servicesAn example output would look like:root@kali:~/Documents/tools/reconnoitre/reconnoitre# python ./reconnoitre.py -t 192.168.1.5 –services -o /root/Documents/labs/ __|”""\-= RECONNOITRE(____) An OSCP scanner[#] Performing service scans[*] Loaded single target: 192.168.1.5[+] Creating directory structure for 192.168.1.5 [>] Creating scans directory at: /root/Documents/labs/192.168.1.5/scans [>] Creating exploit directory at: /root/Documents/labs/192.168.1.5/exploit [>] Creating loot directory at: /root/Documents/labs/192.168.1.5/loot [>] Creating proof file at: /root/Documents/labs/192.168.1.5/proof.txt[+] Starting quick nmap scan for 192.168.1.5[+] Writing findings for 192.168.1.5 [>] Found HTTP service on 192.168.1.5:80 [>] Found MS SMB service on 192.168.1.5:445 [>] Found RDP service on 192.168.1.5:3389[*] TCP quick scan completed for 192.168.1.5[+] Starting detailed TCP/UDP nmap scans for 192.168.1.5[+] Writing findings for 192.168.1.5 [>] Found MS SMB service on 192.168.1.5:445 [>] Found RDP service on 192.168.1.5:3389 [>] Found HTTP service on 192.168.1.5:80[*] TCP/UDP Nmap scans completed for 192.168.1.5Which would also write the following recommendations file in the scans folder for each target:[*] Found HTTP service on 192.168.1.50:80 [>] Use nikto & dirb / dirbuster for service enumeration, e.g [=] nikto -h 192.168.1.50 -p 80 > /root/Documents/labs/192.168.1.50/scans/192.168.1.50_nikto.txt [=] dirb http://192.168.1.50:80/ -o /root/Documents/labs/192.168.1.50/scans/192.168.1.50_dirb.txt -r -S -x ./dirb-extensions/php.ext [=] java -jar /usr/share/dirbuster/DirBuster-1.0-RC1.jar -H -l /usr/share/dirbuster/wordlists/directory-list-2.3-medium.txt -r /root/Documents/labs/192.168.1.50/scans/192.168.1.50_dirbuster.txt -u http://192.168.1.50:80/ [=] gobuster -w /usr/share/seclists/Discovery/Web_Content/common.txt -u http://192.168.1.50:80/ -s ‘200,204,301,302,307,403,500’ -e > /root/Documents/labs/192.168.1.50/scans/192.168.1.50_gobuster_common.txt -t 50 [=] gobuster -w /usr/share/seclists/Discovery/Web_Content/cgis.txt -u http://192.168.1.50:80/ -s ‘200,204,301,307,403,500’ -e > /root/Documents/labs/192.168.1.50/scans/192.168.1.50_gobuster_cgis.txt -t 50 [>] Use curl to retreive web headers and find host information, e.g [=] curl -i 192.168.1.50 [=] curl -i 192.168.1.50/robots.txt -s | html2text[*] Found MS SMB service on 192.168.1.5:445 [>] Use nmap scripts or enum4linux for further enumeration, e.g [=] nmap -sV -Pn -vv -p445 –script="smb-* -oN ‘/root/Documents/labs/192.168.1.5/nmap/192.168.1.5_smb.nmap’ -oX ‘/root/Documents/labs/192.168.1.5/scans/192.168.1.5_smb_nmap_scan_import.xml’ 192.168.1.5 [=] enum4linux 192.168.1.5[*] Found RDP service on 192.168.1.5:3389 [>] Use ncrackpassword cracking, e.g [=] ncrack -vv –user administrator -P /root/rockyou.txt rdp://192.168.1.5Discover live hosts and hostnames within a rangepython ./reconnoitre.py -t 192.168.1.1-252 -o /root/Documents/testing/ –pingsweep –hostnamesDiscover live hosts within a range and then do a quick probe for servicespython ./reconnoitre.py -t 192.168.1.1-252 -o /root/Documents/testing/ –pingsweep –services –quickThis will scan all services within a target range to create a file structure of live hosts as well as write recommendations for other commands to be executed based on the services discovered on these machines. Removing –quick will do a further probe but will greatly lengthen execution times.Discover live hosts within a range and then do probe all ports (UDP and TCP) for servicespython ./reconnoitre.py -t 192.168.1.1-252 -o /root/Documents/testing/ –pingsweep –servicesDownload Reconnoitre

Link: http://feedproxy.google.com/~r/PentestTools/~3/ONsJfHKo8uU/reconnoitre-security-tool-for.html

Major Update of Acunetix Online

Acunetix Online has undergone a mammoth update, now enjoying all the features and benefits found in Acunetix On Premise, including: Integrated vulnerability management, greater manageability of threats and targets and the integration of popular WAFs and Issue Tracking systems. Acunetix Online also features a brand new UI for greater ease-of-use and manageability.New web-based user interfaceThe user interface has been re-designed with a fresh new look, bringing it inline with Acunetix On Premise. The Acunetix Online UI is designed to make it easier for customers to use, by focusing on the core functionality of the product, introducing filtering options, and improving manageability of Targets.All lists can be filtered (Targets, Scans, Vulnerabilities and Reports).Increased configuration options (Excluded Hours, Excluded Paths, custom User Agent strings, client certificates and more).Pre-seed crawls using a list of URLs, Acunetix Sniffer Log, Fiddler SAZ files, Burp Suite saved and state files, and HTTP Archive (HAR) files.Targets and Vulnerabilities configured by business criticalityBusiness Criticality can now be assigned to Targets, enabling customers to immediately identify and address vulnerabilities on critical servers.Vulnerabilities identified on all Targets are shown in one listVulnerability list can be filtered by Target, Business Criticality, Vulnerability, Vulnerability Status and CVSS.Vulnerability can be grouped by Target Business Criticality and Vulnerability Severity.Integration with popular WAFs and Issue Tracking SystemsVulnerabilities can now be exported to one of the supported WAFs (F5 Big-IP ASM, Fortinet FortiWeb and Imperva SecureSphere). This allows the user to implement a virtual patch in the WAF, until a fix addressing the vulnerability is installed. Scan results can also be exported to the Acunetix generic XML for integration with other WAFs or 3rd party systems.Acunetix Online also supports exporting vulnerabilities to either Atlassian JIRA, GitHub or Microsoft Team Foundation Server (TFS), allowing development teams to better keep track of vulnerabilities in their issue tracking systems.Mark Vulnerabilities as Fixed or False PositivesWith the ability to mark vulnerabilities as False Positive, Fixed or Ignored, users can now get rid of false positives from upcoming scans and reports. While any fixed vulnerabilities that are identified by Acunetix will be shown as Rediscovered. The user is given the option of accepting the risk of a vulnerability by marking the vulnerability as Ignored.Custom Scan TypesApart from using the default Scan Types included in Acunetix, Acunetix Online users are now able to choose which specific vulnerabilities to scan for. This is made possible through the creation of Custom Scan Types. For example, a Custom Scan Type can be created to scan Targets for a recently discovered vulnerability.Enhanced ReportingAcunetix Online now allows reports to be generated on:Individual or multiple Scans,Individual or multiple Targets,Individual, multiple or all the Vulnerabilities identified by Acunetix.There is also the introduction of a Scan Comparison report which highlights the differences between 2 scans, allowing the user to easily identify the new vulnerabilities in the latest scans, or the vulnerabilities that have not been detected, which could mean that they are fixed. Reports are now available in both PDF and HTML.Network Security ScanningAcunetix Online provides a comprehensive perimeter network security scanning service by integrating with the latest OpenVAS network vulnerability scanning engine (v9). Acunetix Online can now detect in excess of 50,000 network vulnerabilities.Added functionality for Acunetix IntegratorsAcunetix have added a new API that may be used by system integrators, exposing all the functionality available in Acunetix. The API is able to provide up-to-the-minute status of on-going scans together with information on vulnerabilities identified for these scans.Try Acunetix Online

Link: http://feedproxy.google.com/~r/PentestTools/~3/R63vEa6ZyFI/major-update-of-acunetix-online.html

Pybelt – The Hackers Tool Belt

Pybelt is an open source hackers tool belt complete with:A port scannerSQL injection scannerDork checkerHash crackerHash type verification toolProxy finding toolXSS scannerIt is capable of cracking hashes without prior knowledge of the algorithm, scanning ports on a given host, searching for SQLi vulnerabilities in a given URL, verifying that your Google dorks work like they should, verifying the algorithm of a given hash, scanning a URL for XSS vulnerability, and finding usable HTTP proxies.ScreenshotsSQL Injection scanning made easy, just provide a URL and watch it workDork checker, have some Dorks you’re not sure of? Go ahead and run the Dork check with the Dork as an argument, it will pull 100 URLs and give you success rate for the DorkHash cracking made simple, provide the hash type at the end “:md5, :sha256, etc" for a specific hash, or ":all" for all algorithms available on your machineAnd many more!UsageInstallationYou can either clone the repository git clone https://github.com/ekultek/pybelt.gitor download the latest release as a zip/tar ball hereOnce you have the program installed cd into the directory and run the following command: pip install -r requirements.txtThis will install all of the programs needed libraries and should be able to be run from there.###Functionality python pybelt.py -p 127.0.0.1Will run a port scan on your local hostpython pybelt.py -s http://example.com/php?id=2Will run a SQLi scan on the given URLpython pybelt.py -d idea?id=55Will run a Dork check on the given Google Dorkpython pybelt.py -c 9a8b1b7eee229046fc2701b228fc2aff:allWill attempt to crack the hash using all algorithms available on the computerpython pybelt.py -v 098f6bcd4621d373cade4e832627b4f6Will try to verify the hash typepython pybelt.py -fWill find usable proxiespython pybelt.py -x http://127.0.0.1/php?id=1Will search the URL for XSS vulnerabilityDownload Pybelt

Link: http://feedproxy.google.com/~r/PentestTools/~3/eM2WCiJ55qw/pybelt-hackers-tool-belt.html

BruteSpray – Brute-Forcing from Nmap output (Automatically attempts default creds on found services)

BruteSpray takes nmap GNMAP output and automatically brute-forces services with default credentials using Medusa. BruteSpray can even find non-standard ports by using the -sV inside Nmap.UsageFirst do an nmap scan with ‘-oA nmap.gnmap’.Command: python brutespray.py -hExample: python brutespray.py –file nmap.gnmap –services all –threads 3 –hosts 5Supported Servicessshftptelnetvncmssqlmysqlpostgresqlrshimapnntppcanywherepop3rexecrloginsmbntsmtpsnmpsvnvmauthdDownload BruteSpray

Link: http://feedproxy.google.com/~r/PentestTools/~3/qz1PiR4KUGU/brutespray-brute-forcing-from-nmap.html

NETATTACK 2 – An Advanced Wireless Network Scan and Attack Script Based on GUI

NETATTACK 2 is a python script that scans and attacks local and wireless networks. Everything is super easy because of the GUI that makes it unnecessary to remember commands and parameters.FUNCTIONSSCAN-FUNCTIONSScan for Wi-Fi networksScan for local hosts in your networkATTACK-FUNCTIONS Deauthing ONE / MULTIPLE targets Deauthing every AP in your area Kicking (ALL) user/s off your internet ( ARP-Poisoning ) REQUIREMENTSLINUX!nmapargparse (Python)scapy (Python)iwDownload NETATTACK 2

Link: http://feedproxy.google.com/~r/PentestTools/~3/Huj927a_Sr8/netattack-2-advanced-wireless-network.html

Mimir – OSINT Threat Intel Interface

OSINT Threat Intel Interface – Named after the old Norse God of knowledge.Mimir functions as a CLI to HoneyDB which in short is an OSINT aggragative threat intel pool. Starting the program brings you to a menu the options for which are as follows.1. Fetch Threat Feed 5. Visualize Top Malicious Hosts in Browser2. Fetch Bad Host List 6. Visualize Top Targeted Services in Browser3. Perform WHOIS Lookup 7. Visualize Results for Single Host in Browser4. Invoke Nmap Scan 8. QuitThe purpose of this tool is to make intelligence gathering easier by including functionality to save the Threat Feed and Bad Host lists, and invoke either an in-script WHOIS lookup or Nmap scan to learn more about the target hosts. Logs are saved in the current working directory for future reference and further processing.HoneyDB provides a data visualization service, this can be accessed via Mimir by selecting their respective options. Selenium will then employ the Geckodriver to open the pages.Dependenciespycurlselenium blessingsipwhoispprintAnd the Mozilla GeckodriverUpdateSome versions of PyCurl work better with some versions of SSL than others. This is important because HoneyDB makes use of OpenSSL and having a version that does not support it makes Mimir incompatible with honeyDB. To that end I have added some logic that lets Mimir detect your version of PyCurl and automatically rebuild it from source to a version that does support OpenSSL. It does so by invoking the rebuild.sh shell script that is included in this repo.Download Mimir

Link: http://feedproxy.google.com/~r/PentestTools/~3/1ftWnPMUMLI/mimir-osint-threat-intel-interface.html

scanless – Public Port Scan Scrapper

Command-line utility for using websites that can perform port scans on your behalf. Useful for early stages of a penetration test or if you’d like to run a port scan on a host and have it not come from your IP address.scanless (adj): lacking respectable morals. That girl is scanless!Public Port ScannersyougetsignalviewdnshackertargetipfingerprintspingeuUsageRequires the requests and bs4 libraries to run, install with pip.$ python scanless.py –helpusage: scanless.py [-h] [-t TARGET] [-s SCANNER] [-l] [-a]scanless, public port scan scrapperoptional arguments: -h, –help show this help message and exit -t TARGET, –target TARGET ip or domain to scan -s SCANNER, –scanner SCANNER scanner to use (default: yougetsignal) -l, –list list scanners -a, –all use all the scanners$ python scanless.py –listScanner Name | Website—————|——————————yougetsignal | http://www.yougetsignal.comviewdns | http://viewdns.infohackertarget | https://hackertarget.comipfingerprints | http://www.ipfingerprints.compingeu | http://ping.eu$ python scanless.py -s viewdns -t scanme.nmap.orgRunning scanless…——- viewdns ——-PORT STATE SERVICE21/tcp closed ftp22/tcp open ssh23/tcp closed telnet25/tcp closed smtp53/tcp closed dns80/tcp open http110/tcp closed pop3139/tcp closed netbios143/tcp closed imap443/tcp closed https445/tcp closed smb1433/tcp closed mssql1521/tcp closed oracle3306/tcp closed mysql3389/tcp closed rdp———————–$ python scanless.py -a -t scanme.nmap.orgRunning scanless…——- yougetsignal ——-PORT STATE SERVICE21/tcp closed ftp22/tcp open ssh23/tcp closed telnet25/tcp closed smtp53/tcp closed dns80/tcp open http110/tcp closed pop3115/tcp closed sftp135/tcp closed msrpc139/tcp closed netbios143/tcp closed imap194/tcp closed irc443/tcp closed https445/tcp closed smb1433/tcp closed mssql3306/tcp closed mysql3389/tcp closed rdp5632/tcp closed pcanywhere5900/tcp closed vnc6112/tcp closed wc3———————————– viewdns ——-PORT STATE SERVICE21/tcp closed ftp22/tcp open ssh23/tcp closed telnet25/tcp closed smtp53/tcp closed dns80/tcp open http110/tcp closed pop3139/tcp closed netbios143/tcp closed imap443/tcp closed https445/tcp closed smb1433/tcp closed mssql1521/tcp closed oracle3306/tcp closed mysql3389/tcp closed rdp—————————— hackertarget ——-tarting Nmap 7.01 ( https://nmap.org ) at 2017-05-06 02:31 UTCNmap scan report for scanme.nmap.org (45.33.32.156)Host is up (0.065s latency).Other addresses for scanme.nmap.org (not scanned): 2600:3c01::f03c:91ff:fe18:bb2fPORT STATE SERVICE VERSION21/tcp closed ftp22/tcp open ssh OpenSSH 6.6.1p1 Ubuntu 2ubuntu2.8 (Ubuntu Linux; protocol 2.0)23/tcp closed telnet25/tcp closed smtp80/tcp open http Apache httpd 2.4.7 ((Ubuntu))110/tcp closed pop3143/tcp closed imap443/tcp closed https445/tcp closed microsoft-ds3389/tcp closed ms-wbt-serverService Info: OS: Linux; CPE: cpe:/o:linux:linux_kernelService detection performed. Please report any incorrect results at https://nmap.org/submit/ .Nmap done: 1 IP address (1 host up) scanned in 7.05 second———————————– ipfingerprints ——-Host is up (0.16s latency).Not shown: 484 closed portsPORT STATE SERVICE22/tcp open ssh80/tcp open http111/tcp filtered rpcbind135/tcp filtered msrpc136/tcp filtered profile137/tcp filtered netbios-ns138/tcp filtered netbios-dgm139/tcp filtered netbios-ssn445/tcp filtered microsoft-dsDevice type: general purposeRunning: Linux 3.XOS CPE: cpe:/o:linux:linux_kernel:3OS details: Linux 3.11 – 3.14Network Distance: 10 hops————————————- pingeu ——-PORT STATE SERVICE21/tcp closed ftp22/tcp open ssh23/tcp closed telnet25/tcp closed smtp53/tcp closed dns80/tcp open http139/tcp closed netbios443/tcp closed https445/tcp closed smb3389/tcp closed rdp———————-Download scanless

Link: http://feedproxy.google.com/~r/PentestTools/~3/mIcdQgcyx08/scanless-public-port-scan-scrapper.html