Master Nmap for network reconnaissance
Integrate Shodan API for threat intelligence
Automate vulnerability scanning
Build security orchestration workflows
Parse and analyze security tool outputs
Create automated incident response workflows
Nmap is the industry standard for network discovery and security auditing. It can identify hosts, open ports, running services, and operating systems.
Common Scan Types
TCP Connect (-sT), SYN Stealth (-sS), UDP (-sU), Ping Sweep (-sn), Version Detection (-sV)
Output Formats
Normal (-oN), XML (-oX), Grepable (-oG), All (-oA)
Timing Profiles
Paranoid (-T0), Sneaky (-T1), Polite (-T2), Normal (-T3), Aggressive (-T4), Insane (-T5)
Shodan is a search engine for internet-connected devices. It scans the internet for exposed services, vulnerabilities, and misconfigurations.
Common Queries
port:22 (SSH), port:3389 (RDP), product:Apache, vuln:CVE-2021-44228
Use Cases
Asset discovery, vulnerability research, threat intelligence, competitive analysis
Ethical Considerations
Only scan authorized targets, respect robots.txt, follow responsible disclosure practices
import nmap\nimport shodan\nfrom datetime import datetime\nimport json\n\nclass SecurityOrchestrator:\n def __init__(self, shodan_key):\n self.nm = nmap.PortScanner()\n self.shodan = shodan.Shodan(shodan_key)\n \n def orchestrate_scan(self, target_network):\n workflow = {\n 'timestamp': datetime.now().isoformat(),\n 'target': target_network,\n 'stages': []\n }\n \n workflow['stages'].append(self.stage_network_discovery(target_network))\n return workflow\n \n def stage_network_discovery(self, network):\n self.nm.scan(network, arguments='-sn')\n hosts = [h for h in self.nm.all_hosts()]\n return {\n 'stage': 'network_discovery',\n 'discovered_hosts': hosts,\n 'count': len(hosts)\n }\n\norchestrator = SecurityOrchestrator('shodan_key')\nresults = orchestrator.orchestrate_scan('192.168.1.0/24')\nprint(json.dumps(results, indent=2))Design a platform that combines Nmap and Shodan to perform automated security assessments and generate detailed reports for your company's outsourcing projects.
import nmap\nimport shodan\nimport json\nfrom datetime import datetime\n\nclass SecurityAssessmentPlatform:\n def __init__(self, shodan_key):\n self.nm = nmap.PortScanner()\n self.shodan = shodan.Shodan(shodan_key)\n self.assessments = []\n \n def run_assessment(self, target, assessment_type='full'):\n assessment = {\n 'id': len(self.assessments) + 1,\n 'timestamp': datetime.now().isoformat(),\n 'target': target,\n 'type': assessment_type,\n 'results': {}\n }\n \n if assessment_type in ['full', 'network']:\n assessment['results']['network_scan'] = self.perform_network_scan(target)\n \n assessment['results']['risk_rating'] = self.calculate_risk_rating(assessment)\n self.assessments.append(assessment)\n return assessment\n \n def perform_network_scan(self, target):\n self.nm.scan(target, arguments='-sV')\n return {\n 'hosts_found': len(self.nm.all_hosts()),\n 'open_ports': sum(len(self.nm[h]['tcp'].keys()) for h in self.nm.all_hosts())\n }\n \n def calculate_risk_rating(self, assessment):\n score = assessment['results'].get('network_scan', {}).get('open_ports', 0) * 5\n return 'CRITICAL' if score > 60 else 'HIGH' if score > 30 else 'MEDIUM'\n \n def generate_report(self, assessment_id):\n assessment = next((a for a in self.assessments if a['id'] == assessment_id), None)\n if not assessment:\n return None\n \n return {\n 'assessment_id': assessment['id'],\n 'target': assessment['target'],\n 'risk_rating': assessment['results']['risk_rating'],\n 'recommendations': ['Reduce exposed services', 'Enable firewalls']\n }\n\nplatform = SecurityAssessmentPlatform('shodan_key')\nassessment = platform.run_assessment('192.168.1.1', 'full')\nreport = platform.generate_report(assessment['id'])\nprint(json.dumps(report, indent=2))