Scanscope
=========
Visualize port scan results in a self-contained HTML file.
What is this bubble chart?
--------------------------
In short: We interpret a host as a point in a vector space with 2^17
dimensions over F_2. Each dimension corresponds to a TCP- or UDP-port and has
either value 0 or 1, depending on its state. Then we apply a dimensionality
reduction technique named UMAP to project the data onto two dimensions.
Each circle in the plot corresponds to one group of hosts. The size of the
circle is related to the size of the group. Hosts with the same port
configuration are grouped together. Similar groups should be close by. The
colors mean nothing - except for gray: no open ports. The coordinates are
also not meaningful and can change with a new run.
Installation
------------
If you require instructions on how to install a standard Python package, I
recommend you use [`pipx`](https://pipx.pypa.io/stable/installation/):
```
$ pipx install git+https://github.com/SySS-Research/Scanscope.git
```
Unfortunately, the requirements (in particular the machine learning
dependencies including `numpy` and `pandas`) are quite heavy with almost
600MB, so be prepared.
Usage
-----
```
$ scanscope nmap_output.xml -o scanscope.html
```
Hint: The more ports you scan, the better this should work.
I recommend scanning at least the top 100 ports, so: `nmap -T4 -sS -F -oX
nmap_output.xml -iL input.txt`. Service scans or script scans do not help.
Scanning the top 1000 ports or even all ports however, does.
For more infomation, read the output of `scanscope -h`.
License and copyright
---------------------
MIT licensed, developed by Adrian Vollmer, SySS GmbH.
Raw data
{
"_id": null,
"home_page": null,
"name": "scanscope",
"maintainer": null,
"docs_url": null,
"requires_python": ">=3.7",
"maintainer_email": null,
"keywords": "data-science, nmap, pentest, portscan, visualization",
"author": null,
"author_email": "Adrian Vollmer <adrian.vollmer@syss.de>",
"download_url": "https://files.pythonhosted.org/packages/e2/ad/bc363e5da941658af1a709ffa98e4b353693d1e586a899f6c41a00c0a6b0/scanscope-1.0.0.tar.gz",
"platform": null,
"description": "Scanscope\n=========\n\nVisualize port scan results in a self-contained HTML file.\n\n\n\nWhat is this bubble chart?\n--------------------------\n\nIn short: We interpret a host as a point in a vector space with 2^17\ndimensions over F_2. Each dimension corresponds to a TCP- or UDP-port and has\neither value 0 or 1, depending on its state. Then we apply a dimensionality\nreduction technique named UMAP to project the data onto two dimensions.\n\nEach circle in the plot corresponds to one group of hosts. The size of the\ncircle is related to the size of the group. Hosts with the same port\nconfiguration are grouped together. Similar groups should be close by. The\ncolors mean nothing - except for gray: no open ports. The coordinates are\nalso not meaningful and can change with a new run.\n\nInstallation\n------------\n\nIf you require instructions on how to install a standard Python package, I\nrecommend you use [`pipx`](https://pipx.pypa.io/stable/installation/):\n\n```\n$ pipx install git+https://github.com/SySS-Research/Scanscope.git\n```\n\nUnfortunately, the requirements (in particular the machine learning\ndependencies including `numpy` and `pandas`) are quite heavy with almost\n600MB, so be prepared.\n\nUsage\n-----\n\n```\n$ scanscope nmap_output.xml -o scanscope.html\n```\n\nHint: The more ports you scan, the better this should work.\n\nI recommend scanning at least the top 100 ports, so: `nmap -T4 -sS -F -oX\nnmap_output.xml -iL input.txt`. Service scans or script scans do not help.\nScanning the top 1000 ports or even all ports however, does.\n\nFor more infomation, read the output of `scanscope -h`.\n\nLicense and copyright\n---------------------\n\nMIT licensed, developed by Adrian Vollmer, SySS GmbH.\n",
"bugtrack_url": null,
"license": "MIT License",
"summary": "Visualize portscan results",
"version": "1.0.0",
"project_urls": null,
"split_keywords": [
"data-science",
" nmap",
" pentest",
" portscan",
" visualization"
],
"urls": [
{
"comment_text": null,
"digests": {
"blake2b_256": "3b7b6115cbe8652eedf0ed564bd5891652f0bd6bf59a3237dd5a3c37652d8361",
"md5": "33122cd62289356c61d9c323b31267fd",
"sha256": "cb0be411bf00d2cf1c04b0f236c0fe292dfc84eeb9f86e65804e03d4594430c4"
},
"downloads": -1,
"filename": "scanscope-1.0.0-py3-none-any.whl",
"has_sig": false,
"md5_digest": "33122cd62289356c61d9c323b31267fd",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.7",
"size": 575434,
"upload_time": "2024-12-20T13:01:10",
"upload_time_iso_8601": "2024-12-20T13:01:10.075691Z",
"url": "https://files.pythonhosted.org/packages/3b/7b/6115cbe8652eedf0ed564bd5891652f0bd6bf59a3237dd5a3c37652d8361/scanscope-1.0.0-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": null,
"digests": {
"blake2b_256": "e2adbc363e5da941658af1a709ffa98e4b353693d1e586a899f6c41a00c0a6b0",
"md5": "54c0c1f399fc8b61ccb705a0f9e19412",
"sha256": "3229eb9a7af9f06301b6c97f0b629bbadd79cd23d9126d4eeb2137ccbb6a0816"
},
"downloads": -1,
"filename": "scanscope-1.0.0.tar.gz",
"has_sig": false,
"md5_digest": "54c0c1f399fc8b61ccb705a0f9e19412",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.7",
"size": 617977,
"upload_time": "2024-12-20T13:01:05",
"upload_time_iso_8601": "2024-12-20T13:01:05.842994Z",
"url": "https://files.pythonhosted.org/packages/e2/ad/bc363e5da941658af1a709ffa98e4b353693d1e586a899f6c41a00c0a6b0/scanscope-1.0.0.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-12-20 13:01:05",
"github": false,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"lcname": "scanscope"
}
JSON