I regularly use tools like NMAP and masscan for scanning prospective customer networks to perform simple audits to get an idea of the things they're running as quickly as I can, but I find doing this a bit clunky and not as quick as I'd like. So I built AngryEther. It can scan a /24 in around 20 seconds and banner grabs important stuff. It can also be set to perform an ARP sweep to pick up devices that otherwise don't response to a typical ICMP/TCP sweep. The tool can also spit out a nice JSON file with all the information in that can be used to push the data back to a server somewhere for later use.
sim7c00•1h ago
this is pretty nice. if u need to scan tons of places for large ranges (discovery all pvt ranges every timeframe) this can be really nice.
the problem i have with such scanners is accuracy though. but i suppose thats hard to tackle from scanner perspective (hard to see routing tricks etc.). for asset/vuln mgmt its good to have full disco scans to compare other sources and see if they cover everything with targeted scans. personally i wouldnt care much about banners in this case as other tools will do more aggressive fingerprinting.
a push back on scanning full 10./8 or such ranges was for me always time needed / bandwidth (idiots running full feature scan instead of pings... -_-)
with that landscape in mind id say maybe position yourself clearly in the discovery bucket, not finger printing, or make it clear different scan profiles.
if u start about banner grabbing ppl might either expect slowdowns or expect full banners for everything.
maybe its nice to make little scripts. your json into ansible inventory. RackTables maybe and NetBox? or in some format those accept. it will help adoption a lot.
pg3uk•2h ago
sim7c00•1h ago
the problem i have with such scanners is accuracy though. but i suppose thats hard to tackle from scanner perspective (hard to see routing tricks etc.). for asset/vuln mgmt its good to have full disco scans to compare other sources and see if they cover everything with targeted scans. personally i wouldnt care much about banners in this case as other tools will do more aggressive fingerprinting.
a push back on scanning full 10./8 or such ranges was for me always time needed / bandwidth (idiots running full feature scan instead of pings... -_-)
with that landscape in mind id say maybe position yourself clearly in the discovery bucket, not finger printing, or make it clear different scan profiles. if u start about banner grabbing ppl might either expect slowdowns or expect full banners for everything.
maybe its nice to make little scripts. your json into ansible inventory. RackTables maybe and NetBox? or in some format those accept. it will help adoption a lot.