Nmap
Purpose
Nmap discovers open services and service banners using TCP connect scanning and version detection.
Plugin Information
Plugin ID: nmap
Category: Port Discovery
Plugin Type: port_scan
Execution: active CLI port scan
Default State: enabled
Default Profiles:
deeprecon_nmapport_discovery
Input Scope
Accepted asset types:
ipcidrdomainsubdomain
Required metadata:
- None
Produces targets:
- Scope values appended directly to the Nmap command.
Output
Creates assets:
ipservice
Creates vulnerabilities:
- None
May enrich:
- IP assets with host status and OS guess.
- Service assets with protocol, service name, product, version, extra info, tunnel, scripts, and detected technologies.
Metadata:
- IP asset:
status,os. - Service asset:
ip,port,protocol,service,product,version,extra_info,tunnel,scripts,technologies.
Graph Relations
The worker derives service exposure edges from emitted service metadata:
ip -> exposes -> service
Files / Artifacts
Produces:
- None
Dependencies
Required binary: nmap
Required installer entry: tools.nmap
Command model:
nmap -sT -sV --open -Pn -T4 --max-retries 1 -oX - <targets...>
Example Flow
ip
-> nmap
ip + service
Notes
The wrapper parses XML from stdout. If Nmap exits non-zero but still produces XML, the wrapper parses the partial output.