How to write a Script to Perform a Vulnerability Scan of the Listed Services

How to write a Script to Perform a Vulnerability Scan of the Listed Services
Written by Abhishek JalanApril 25, 2020
3 min read
Ethical-Hacking
14 VIEWS 1 LIKES 0 DISLIKES SHARE
1 LIKES 0 DISLIKES 14 VIEWS SHARE
Abhishek Jalan

DevSecOps Engineer

Let's quickly write an automated vulnerability scan of the server using Python. This Python script will make use of Nmap

Automated Vulnerability Scan using NMAP tool

How to automated vulnerability scan of the server using Python. This Python script will make use of Nmap and do the following:

  • Perform a broad full vulnerability sweep.
  • In this script we are scanning only port 22,80 & 3306
  • Generate a report and send them to the admin by email.
  • Be scheduled to run every week.

Install EPEL repos, Nmap, sendemail, python36, python36-devel, and git

sudo yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
sudo yum install nmap python36 python36-devel
sudo yum install git
sudo yum install sendemail

Get vulnersCom and Perform a Vulnerability Scan of httpd, mariadb, and sshd

git clone https://github.com/vulnersCom/nmap-vulners.git
sudo mv /home/cloud_user/nmap-vulners/ /usr/share/nmap/scripts/
nmap -sV --script nmap-vulners <IP> -p22,80,3306

Write a Python Script to Incorporate the Scans and Send Results via Email

vim /home/cloud_user/scan.py

Copy the below contents in scan.py file

#!/bin/python3.6
import subprocess
p = subprocess.Popen(["nmap", "-sV", "--script", "nmap-vulners", "[IP_ADDRESS]", "-p22,80,3306"], stdout=subprocess.PIPE)
(output, err) = p.communicate()
msg = output.decode('utf-8').strip()
subprocess.check_output(['sendemail', '-f', '[FROM_EMAIL]', '-u', 'AUTH_NOTIFICATION', '-t', '[TO_EMAIL]', '-s', 'smtp.gmail.com:587', '-o', 
'tls=yes', '-xu', '[USER_NAME]', '-xp', '[PASSWORD]', '-m', msg], stdin=None, stderr=None, shell=False, universal_newlines=False)

later, save and exit

ESC
:wq
ENTER

chmod +x /home/cloud_user/scan.py

Configure the Script to Run Once a Week

sudo crontab -e

enter the below lines:

@weekly /home/cloud_user/scan.py

later same and exit

ESC 
:wq
ENTER

If there is any doubt, please leave your comments or suggestion.

script
vulnerability
scan
linux
nmap
14 VIEWS 1 LIKES 0 DISLIKES SHARE
1 LIKES 0 DISLIKES 14 VIEWS SHARE
Was this blog helpful?
You must be Logged in to comment
Code Block
Abhishek Jalan
DevSecOps Engineer
+21 more
17 Blog Posts
4 Discussion Threads
Trending Categories
93
Software12
DevOps34
Frontend Development13
Backend Development13
Server Administration13
Linux Administration12
Data Center14
Sentry11
Terraform15
Ansible9
Docker13
Penetration Testing12
Kubernetes12
NGINX8
JenkinsX10
Jenkins18
SSL6
Ethical-Hacking10
Python8
NodeJs9
RedHat8
Github11
AngularJs15
Google Cloud Platform (GCP)6
SonarQube9
Amazon Web Service (AWS)2
VMware17
Blockchain6
Snipe-IT7