2 years ago I created this Bash script for my own (professional) needs:
I was looking for a way to quickly and efficiently identify all the ports available on different remote sites connected to the Internet. And I wanted to make sure, at the same time, there was no host that exposed a service with known vulnerabilities (CVE).
Maybe it could help someone on this forum 😉 and it's fully compatible with Pwnbox from HTB.
* Automatic installation of all the prerequisites (Debian OS family)
* 2 modes: automatic and Interactive
* Interactive mode: ports to scan, rate level and nmap script
* Extremely fast identification of open TCP/UDP ports (masscan)
* The output is sorted to gather all ports to be scanned by host
* Identification of services and vulnerabilities (nmap + vulners.nse)
* Multiple sessions in parallel, one session per host
* 2 generated reports: a global HTML and a TXT (vulnerable hosts)