Loading…
bsidesaustin2019 has ended
Thursday, March 28 • 3:00pm - 4:00pm
Scantron - A distributed nmap / masscan scanning framework

Sign up or log in to save this to your schedule and see who's attending!

Feedback form is now closed.
This talk is for all the nmap lovers out there! Anyone familiar with nmap knows that it is great for ad-hoc scanning, but doesn't scale when it comes to scheduling, organizing scan results, and automation in general. Scantron solves that and rests on the shoulders of previous frameworks like dnmap, minions, and rainmap.

Scantron is an open-sourced distributed nmap / masscan scanner comprised of two components. The first is a Master node that consists of a web front end used for scheduling scans and storing nmap / masscan scan targets and results. The second component is the scanning agents that pull scan jobs from Master and conduct the actual nmap / masscan scanning.

A majority of the application's logic is purposely placed on Master to make the agent(s) as "dumb" as possible. All nmap target files and nmap results reside on Master and are shared through a network file share (NFS) leveraging SSH tunnels. The agents call back to Master periodically using a REST API to check for scan tasks and provide scan status updates.

Scantron was developed inhouse by the Threat and Vulnerability Analysis team at Rackspace to automate penetration testing scanning and provide network segmentation validation.

Speakers
avatar for Brennon Thomas

Brennon Thomas

Cyber Vulnerability Analyst and Penetration Tester III, Rackspace
Brennon works as a Vulnerability Analyst and Penetration Tester for Rackspace identifying and reducing risks and threats to Rackspace's computer networks. Prior to Rackspace, Brennon worked for the Air Force, in both active duty and civilian roles, and for the private sector. He... Read More →


Thursday March 28, 2019 3:00pm - 4:00pm
Stadium

Attendees (34)