How will i pass the nse to the command?
import os domain = "example.com" nse = ["vulscan","vulners","xmpp-brute","xmpp-info","xmlrpc-methods","xdmcp-discover","unusual-port"] os.system("nmap -v --script= nse " + domain)
There are a few choices:
import os
domain = "example.com"
nse = ["vulscan","vulners","xmpp-brute","xmpp-info","xmlrpc-methods","xdmcp-discover","unusual-port"]
for each_script in nse:
os.system("nmap -v --script={} {}".format(each_script, domain)
But using os.system the command isn't cleaned. (Tip: read more on 'os' and 'sys' modules)
An safer alternative would be subprocess:
Sample:
import subprocess
subprocess.call('nmap', '-sS', 'example.com')
However, the best approach I would say, is to use the nmap library from Python. Example:
import nmap #OR nmap3
nm=nmap.PortScanner()
nm.scan('example.com', '445',
arguments='--script=/usr/local/share/nmap/scripts/smb-os-discovery.nse')
Starting point here.