Sandmap - Network and system reconnaissance

MasterSandmap is a tool supporting network and system reconnaissance using the massive Nmap engine. It provides a user-friendly interface, automates and speeds up scanning and allows you to easily use many advanced scanning techniques.

Key Features

  • simple CLI with the ability to run pure Nmap engine
  • predefined scans included in the modules
  • support Nmap Scripting Engine (NSE) with scripts arguments
  • TOR support (with proxychains)
  • multiple scans at one time
  • at this point: 31 modules with 459 scan profiles

How To Use

It's simple:
# Clone this repository
git clone --recursive

# Go into the repository
cd sandmap

# Install
./ install

# Run the app
  • symlink to bin/sandmap is placed in /usr/local/bin
  • man page is placed in /usr/local/man/man8

Command Line

Before using the Sandmap read the Command Line introduction.


The etc/main.cfg configuration file has the following structure:
# shellcheck shell=bash

# Specifies the default destination.
# Examples:
#   - dest=","

# Specifies the extended Nmap parameters.
# Examples:
#   - params="--script ssl-ccs-injection -p 443"

# Specifies the default output type and path.
# Examples:
#   - report="xml"

# Specifies the TOR connection.
# Examples:
#   - tor="true"

# Specifies the terminal type.
# Examples:
#   - terminal="internal"


Sandmap uses external utilities to be installed before running:
This tool working with:
  • GNU/Linux (testing on Debian and CentOS)
  • Bash (testing on 4.4.19)
  • Nmap (testing on 7.70)
Also you will need root access.

No comments

Note: Only a member of this blog may post a comment.

Powered by Blogger.