Editing Nmap Test Parameters

To edit the basic parameters for a test, tap the test in the list on the main Nmap Tests screen. This displays the Nmap Test screen.

Name: The name of the test. Use the text editor to edit the name if desired.

Options: Nmap options for the test. (For example, the default Top 100 Ports test lists -sT --top-ports 100.) Use the text editor to edit the options if desired.

Script: Tap this field to display the Script screen.

NOTE: NetAlly recommends that you create and test your Nmap scripts in whatever development environment you prefer, upload the scripts to Link-Live, and then use Link-Live's Nmap features to push the scripts to your organization's CyberScope Air units. For more information, see:
https://nmap.org/nsedoc/scripts/ and Introduction to NMAP Scripting Engine on CyberScope

Use Script - Tap to enable or disable the script options.

Name - Tap the Name field to enter the script name:

  1. Use the text editor to type the beginning of the script name. The Nmap app presents matching scripts as you type.

  2. Tap OK when the Name is complete.

Arguments: Tap to open a text editor to type the arguments for the script.

Timeout: Tap to disable or to choose a preset value. You can also enter a custom value.

Result Grading

Tap Result Grading: to enter text or regex strings for the Result Must Contain or Result Must Not Contain parameters. You can enter a string for one warning and one error for each parameter.

Result Must Contain: Specifies a value that the result must contain. Tap the field to open a text editor to enter a string or regex value. For example, the Graded Ports sample test uses this value:
regex:\n25/tcp +filtered +SMTP

Result Must Not Contain: Specifies a value that the result must not contain. Tap the field to open a text editor to enter a string or regex value. For example, the Graded Ports sample test uses this value:
regex:\d+tcp +open

Advanced

Tap the field to open the Advanced option screen.

Output Limit - Tap to open a selection window for output limit values or to select no limit.

NOTE: some Nmap tests can generate significant output, so setting a reasonable output limit can help clarify test results.

Include Unrecognized Fingerprints - Tap to enable/disable inclusion of unrecognized operating system "fingerprints" in output results.

Changing the Test Type

If you need to change the test's type between a Standard Nmap Test and a Custom Discovery Test, tap the action overflow menu icon to open the Test Type option, and then tap Test Type. Choose the test type from the dialog.

About Custom Discovery Tests: CyberScope Air allows these tests for enhancing discovered devices with additional custom scripting. A typical application would be integration into enterprise IT systems. You can retrieve additional information via API (GET) and display results with the other device details to embellish the results on CyberScope Air. Alternatively, a custom script can push information to an API (PUT) to augment existing IT software and applications. Custom Discovery script development goes beyond the scope of this guide, but the Custom Discovery Example provides a sample test that you can use to become familiar with how such tests are used with CyberScope Air.

Regex Resources

For more information about the form of regex used with CyberScope Air, see Regular expression syntax cheat sheet.