How to write a Script to Perform a Vulnerability Scan of the Listed Services

How to write a Script to Perform a Vulnerability Scan of the Listed Services
Written by Abhishek JalanApril 25, 2020
3 min read
Ethical-Hacking
14 VIEWS 1 LIKES 0 DISLIKES SHARE
1 LIKES 0 DISLIKES 14 VIEWS SHARE
Abhishek Jalan

Founder of Wikiance, DevOps Engineer

Let's quickly write an automated vulnerability scan of the server using Python. This Python script will make use of Nmap

Automated Vulnerability Scan using NMAP tool

How to automated vulnerability scan of the server using Python. This Python script will make use of Nmap and do the following:

  • Perform a broad full vulnerability sweep.
  • In this script we are scanning only port 22,80 & 3306
  • Generate a report and send them to the admin by email.
  • Be scheduled to run every week.

Install EPEL repos, Nmap, sendemail, python36, python36-devel, and git

sudo yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
sudo yum install nmap python36 python36-devel
sudo yum install git
sudo yum install sendemail

Get vulnersCom and Perform a Vulnerability Scan of httpd, mariadb, and sshd

git clone https://github.com/vulnersCom/nmap-vulners.git
sudo mv /home/cloud_user/nmap-vulners/ /usr/share/nmap/scripts/
nmap -sV --script nmap-vulners <IP> -p22,80,3306

Write a Python Script to Incorporate the Scans and Send Results via Email

vim /home/cloud_user/scan.py

Copy the below contents in scan.py file

#!/bin/python3.6
import subprocess
p = subprocess.Popen(["nmap", "-sV", "--script", "nmap-vulners", "[IP_ADDRESS]", "-p22,80,3306"], stdout=subprocess.PIPE)
(output, err) = p.communicate()
msg = output.decode('utf-8').strip()
subprocess.check_output(['sendemail', '-f', '[FROM_EMAIL]', '-u', 'AUTH_NOTIFICATION', '-t', '[TO_EMAIL]', '-s', 'smtp.gmail.com:587', '-o', 
'tls=yes', '-xu', '[USER_NAME]', '-xp', '[PASSWORD]', '-m', msg], stdin=None, stderr=None, shell=False, universal_newlines=False)

later, save and exit

ESC
:wq
ENTER

chmod +x /home/cloud_user/scan.py

Configure the Script to Run Once a Week

sudo crontab -e

enter the below lines:

@weekly /home/cloud_user/scan.py

later same and exit

ESC 
:wq
ENTER

If there is any doubt, please leave your comments or suggestion.

script
vulnerability
scan
linux
nmap
14 VIEWS 1 LIKES 0 DISLIKES SHARE
1 LIKES 0 DISLIKES 14 VIEWS SHARE
Was this blog helpful?
You must be Logged in to comment
Code Block
Abhishek Jalan
Founder of Wikiance, DevOps Engineer
14 Blog Posts
4 Discussion Threads
Trending Categories
37
Software1
DevOps15
Frontend Development4
Backend Development2
Server Administration1
Linux Administration5
Data Center0
Sentry0
Terraform2
Ansible0
Docker3
Penetration Testing0
Kubernetes0
NGINX0
JenkinsX0
Jenkins2
SSL0
Ethical-Hacking1
Python0
NodeJs1
RedHat0
Github0
AngularJs0
Google Cloud Platform (GCP)0
SonarQube0
Amazon Web Service (AWS)0
VMware0
Blockchain0
Snipe-IT1
MongoDB0