If you want to scan a number of web applications running on a range of IP addresses you can start by downloading nsscanips.ps1 PowerShell script. The script does three things:
- Using Nmap, it scans the configured range of IP addresses for open http(s) services,
- Resolves the IP addresses into hostnames,
- Starts scanning every identified website.
The script uses Nmap, a free network scanner. Therefore before running the script download Nmap from here.
Configure the Options in the Script
Configure the below list of options in the script before executing it. You can edit the script using a text editor:
ipRange: The range of IP addresses that you want to scan. Refer to the Nmap Target Specification help page for more information on how to specify a range of IP addresses.
ports: The ports to scan. Unless you have web applications running on non-default ports, the default ports are 80 for HTTP and 443 for HTTPS. You can enter a list of ports and separate them with a comma, or a range and use the dash (-) character. Refer to the Nmap Port Specification help page for more information and options.
nmapExe: The path to nmap.exe. The default path is C:\Program Files (x86)\Nmap\nmap.exe
netsparkerExe: The path to Netsparker.exe. The default path is C:\Program Files (x86)\Netsparker\Netsparker.exe
reportTemplateName: The name of the Netsparker report template to use for generating reports, by default the Detailed Scan Report template will be used.
reportsFolder: The folder where the Netsparker web security scan reports will be saved. The folder must exist for the scanner to save the reports and the default folder is C:\reports.
Execute the Script to Start the Scan
Once you configure the script, open the command prompt window, navigate to where the script is stored and enter the following command:
powershell -ExecutionPolicy Unrestricted -File nsscanips.ps1
If you use the PowerShell command line window, simply use the below command: