Professional Documents
Culture Documents
Nmap Ci Userguide
Nmap Ci Userguide
Nmap Ci Userguide
IN T ER NA L
Contents
1. Introduction ..................................................................................................................................................... 3
1. Introduction
NMAP is an open-source Network Mapper tool that can be used for vulnerability scanning and network
discovery. In this context, NMAP is used to identify open ports and services on the product under test.
DSAC has come up with framework which is used in the integration of Nmap in the CI pipeline. The
Framework is written with python.
Expectation: The NMAP should be used to check whether the ports and services that are opened are by
design. If not, the product unit is expected to correct the findings and re-run the test accordingly.
Installing nmap:
• wget https://nmap.org/dist/nmap-7.92.tar.bz2
• bzip2 -cd nmap-7.92.tar.bz2 | tar xvf -
• cd nmap-7.92
• ./configure
• make
• sudo -su
• make install
3. Pipeline Setup
3.1. Repo and the Branch for automation code
Repo : https://dev.azure.com/ABB-BEA-DSAC/DSAC_Testing/_git/nmap_automation_cicd
Branch : Develop
“nmapTest.py” is the script needs to be run on the command line for triggering the scan, below section
explains how to trigger the script in the pipeline
Note: Please Raise for access in case if you are not able to reach to above repo
After run completed Scan log will be available inside the current script folder as “nmap_scan_log”
• -portrange: port range for which the scan has to be triggered. (Optional Parameter )
• -logdir : Absolute path for the scan log to be saved. This will override the default scan log folder
(Optional Parameter )
Step 3: In the command line Script task add the following lines
o changing the files to be executable
o chmod -R 777 *
o running the zap scan
o python3 -u nmapTest.py -ip "13.79.192.161" -portrange "1-100"
step 4: Publish Pipeline Artifact: “nmap_scan_log” is the result directory created after the scan is
completed. Here we publish the folder as an artifact using “publish pipeline artifact” task.
The Scan Report will be available inside the published artifact and appears as below