SUPPORT

24/5 Hotline Support Service

+44 (0)20 3588 3841

Open a Support Ticket

support@netsparker.com

Scanning Applications in an IP Range

If you want to scan a number of web applications running on a range of IP addresses, you can use a PowerShell script. 

The script does three things:

  • Using Nmap, it scans the configured range of IP addresses for open HTTP(s) services,
  • Combines the protocol, the domain name and the port number to identify a URL,
  • Starts scanning every identified URL.

There are four parts to this process:

  • Download the PowerShell script
  • Download a network scanner
  • Configure the options in the PowerShell script
  • Execute the PowerShell script to start the scanning process
How to Download the PowerShell Script

Download the PowerShell script from the link.

How to Download a Network Scanner

The script uses Nmap, a free network scanner. Therefore, before running the script, download Nmap from Microsoft Windows Binaries.

How to Configure the Options in the Script

Using a text editor, edit the script as described in the table.

This table lists and explains the options that must be configured before executing the script. 

Options

How to Configure Them

ipRange: 

The range of IP addresses that you want to scan. Refer to the Nmap Target Specification help page for more information on how to specify a range of IP addresses. (Example: “192.168.234.128-135”)

ports: 

The ports to scan. Unless you have web applications running on non-default ports, the default ports are 80 for HTTP and 443 for HTTPS. You can enter a list of ports and separate them with a comma, or a range and use the dash (-) character. Refer to the Nmap Port Specification help page for more information and options.

nmapExe: 

The path to nmap.exe. The default path is C:\Program Files (x86)\Nmap\nmap.exe

netsparkerExe: 

The path to Netsparker.exe. The default path is C:\Program Files (x86)\Netsparker\Netsparker.exe

reportTemplateName: 

The name of the Netsparker report template to use for generating reports, by default the Detailed Scan Report template will be used.

reportsFolder: 

The folder where the Netsparker web security scan reports will be saved. The folder must exist for the scanner to save the reports and the default folder is C:\reports.

How to Execute the Script to Start the Scanning Process
  1. Once you configure the script, open the command prompt window and run “cmd.exe”.
  2. Navigate to where the script is stored and enter the following command as illustratedin the screenshot:

powershell -ExecutionPolicy Unrestricted -File nsscanips.ps1

If you use the PowerShell command line window, simply use this command:

.\nsscanips.ps1

Netsparker

Dead accurate, fast & easy-to-use Web Application Security Scanner

GET A DEMO