AutoRecon/port-scan-profiles.toml

[default]

    [default.nmap-quick]

        [default.nmap-quick.service-detection]
        command = 'nmap -vv --reason -Pn -sV -sC --version-all -oN "{scandir}/_quick_tcp_nmap.txt" -oX "{scandir}/_quick_tcp_nmap.xml" {address}'
        pattern = '^(?P<port>\d+)\/(?P<protocol>(tcp|udp))(.*)open(\s*)(?P<service>[\w\-\/]+)(\s*)(.*)$'

    [default.nmap-full-tcp]

        [default.nmap-full-tcp.service-detection]
        command = 'nmap -vv --reason -Pn -A --osscan-guess --version-all -p- -oN "{scandir}/_full_tcp_nmap.txt" -oX "{scandir}/_full_tcp_nmap.xml" {address}'
        pattern = '^(?P<port>\d+)\/(?P<protocol>(tcp|udp))(.*)open(\s*)(?P<service>[\w\-\/]+)(\s*)(.*)$'

    [default.nmap-top-20-udp]

        [default.nmap-top-20-udp.service-detection]
        command = 'nmap -vv --reason -Pn -sU -A --top-ports=20 --version-all -oN "{scandir}/_top_20_udp_nmap.txt" -oX "{scandir}/_top_20_udp_nmap.xml" {address}'
        pattern = '^(?P<port>\d+)\/(?P<protocol>(tcp|udp))(.*)open(\s*)(?P<service>[\w\-\/]+)(\s*)(.*)$'

[quick]

    [quick.nmap-quick]

        [quick.nmap-quick.service-detection]
        command = 'nmap -vv --reason -Pn -sV --version-all -oN "{scandir}/_quick_tcp_nmap.txt" -oX "{scandir}/_quick_tcp_nmap.xml" {address}'
        pattern = '^(?P<port>\d+)\/(?P<protocol>(tcp|udp))(.*)open(\s*)(?P<service>[\w\-\/]+)(\s*)(.*)$'

[udp]

    [udp.udp-top-20]

        [udp.udp-top-20.port-scan]
        command = 'unicornscan -mU -p 631,161,137,123,138,1434,445,135,67,53,139,500,68,520,1900,4500,514,49152,162,69 {address} 2>&1 | tee "{scandir}/_udp_top20_unicornscan.txt"'
        pattern = '^UDP open\s*[\w-]+\[\s*(?P<port>\d+)\].*$'

        [udp.udp-top-20.service-detection]
        command = 'nmap -vv --reason -Pn -sU -A -p {ports} --version-all -oN "{scandir}/_udp_top20_nmap.txt" -oX "{scandir}/_udp_top20_nmap.xml" {address}'
        pattern = '^(?P<port>\d+)\/(?P<protocol>(udp))(.*)open(\s*)(?P<service>[\w\-\/]+)(\s*)(.*)$'