nmap_scan
Perform comprehensive port scanning to identify open ports and services on target systems for security assessment and network reconnaissance.
Instructions
Perform comprehensive port scan using Nmap
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| scan_type | No | Type of scan to perform | |
| target | Yes | Target IP or domain |
Input Schema (JSON Schema)
{
"properties": {
"scan_type": {
"description": "Type of scan to perform",
"enum": [
"quick",
"full",
"stealth",
"aggressive"
],
"type": "string"
},
"target": {
"description": "Target IP or domain",
"type": "string"
}
},
"required": [
"target"
],
"type": "object"
}
Implementation Reference
- src/tools/recon.ts:171-221 (handler)Core handler function that executes Nmap scans with different scan types (quick, full, stealth, aggressive), parses XML output, and returns structured ScanResult.async nmapScan(target: string, scanType: string = 'quick'): Promise<ScanResult> { try { let nmapArgs = ''; switch (scanType) { case 'quick': nmapArgs = '-F -sV'; break; case 'full': nmapArgs = '-p- -sV -sC'; break; case 'stealth': nmapArgs = '-sS -T2 -f'; break; case 'aggressive': nmapArgs = '-A -T4'; break; default: nmapArgs = '-F -sV'; } const command = `nmap ${nmapArgs} -oX - ${target}`; console.error(`Executing: ${command}`); const { stdout, stderr } = await execAsync(command, { timeout: 300000 }); // 5 min timeout // Parse XML output const ports = this.parseNmapXML(stdout); return { target, timestamp: new Date().toISOString(), tool: 'nmap', results: { scan_type: scanType, open_ports: ports, raw_output: stdout }, status: 'success' }; } catch (error) { return { target, timestamp: new Date().toISOString(), tool: 'nmap', results: {}, status: 'error', error: error instanceof Error ? error.message : String(error) }; } }
- src/index.ts:76-89 (schema)Input schema definition for the nmap_scan tool, including parameters target (required) and scan_type (optional enum). Used for MCP tool registration and validation.name: "nmap_scan", description: "Perform comprehensive port scan using Nmap", inputSchema: { type: "object", properties: { target: { type: "string", description: "Target IP or domain" }, scan_type: { type: "string", enum: ["quick", "full", "stealth", "aggressive"], description: "Type of scan to perform" } }, required: ["target"] }
- src/index.ts:505-507 (registration)Tool dispatch/registration in the MCP CallToolRequestSchema handler switch statement, calling the reconTools.nmapScan method.case "nmap_scan": return respond(await this.reconTools.nmapScan(args.target, args.scan_type || "quick"));
- src/tools/recon.ts:9-16 (schema)Output schema/interface defining the structure of nmap_scan results.export interface ScanResult { target: string; timestamp: string; tool: string; results: any; status: 'success' | 'error'; error?: string; }
- src/tools/recon.ts:440-458 (helper)Helper method to parse Nmap XML output into structured PortScanResult array, used by the nmapScan handler.private parseNmapXML(xmlOutput: string): PortScanResult[] { const ports: PortScanResult[] = []; // Simple XML parsing for ports - in production, use proper XML parser const portRegex = /<port protocol="(tcp|udp)" portid="(\d+)">[\s\S]*?<state state="(open|closed|filtered)"[\s\S]*?<service name="([^"]*)"(?:\s+version="([^"]*)")?/g; let match; while ((match = portRegex.exec(xmlOutput)) !== null) { ports.push({ port: parseInt(match[2]), protocol: match[1], state: match[3], service: match[4], version: match[5] || undefined }); } return ports; }