Home 0P3N Blog Nmap Ndiff and Telegram for red teaming
Ready to Start Your Career?
Create Free Account
TYEB s profile image
By: TYEB
June 13, 2019

Nmap Ndiff and Telegram for red teaming

By: TYEB
June 13, 2019
TYEB s profile image
By: TYEB
June 13, 2019

What is Phactive

Phactive is a little script written in bash, it’s to aid in a red team workflow, Since red team is mostly about continuous monitoring and simulation of a real life attack. unlike in Penetration testing where you just have to run a scan and submit a report the explain your findings, which can be accomplished with a short time missing out new risks and vulnerabilities. For example: During a penetration testing you can run an Nmap scan on port “22” during your scan and its closed. Which might then be opened tomorrow for maybe technical support. So this is where red team idea comes in handing.

So Phactive runs an Nmap scan every morning at 10am with the use of cron job, it then compares the result of Yesterday’s scan result with Todays result using Ndiff. If they are any new open ports or changes in the scan it’s send a report of the new findings to your specified Telegram bot.

This is a very basic red teaming script that runs nmap every day at 10AM using cron job that Scans 0-65535 with"-A -Pn -v -T4 -F -sV" Flags then uses ndiff to compare the result. If there's any difference it send's a notification to your specified Telegram bot aboutnew ports discovered.
License: MIT
Twitter Follow

Download, setup, and usage

You must have Nmap and Ndiff Installed

git clone https://github.com/Phexcom/phactive.git /opt/phactive

sudo nano /opt/phactive/main.sh

  • Add the host you want to scan and monitor
TARGETS="127.0.0.1"                  # Target eg: (Ex: scanme.nmap.org, microsoft.com/24, 192.168.0.1; 10.0.0-255.1-254)
  • Add your telegram chat id and Token
chat_id="<Telegram chat id>" # Telegram Chat idtg_token="<Telegram Bot Token"# Telegram bot Token

To setup a telegram token and chat id Check out this Post

Setup a cron job

  • Once you done with the setup. You can run a cron job that runs every morning at 10am or your desirable time. Here is an Example:

sudo nano /etc/crontab

Then copy and paste then save

00 10 * * * root bash /opt/phactive/main.sh

If you have any contribution to make the script better, Please leave it in the Comment below.

Schedule Demo

Build your Cybersecurity or IT Career

Accelerate in your role, earn new certifications, and develop cutting-edge skills using the fastest growing catalog in the industry