Overview
This node performs network scanning using the nmap command-line tool. It supports multiple scan operations such as quick ping scans, discovery scans with device and port detection, fast port scans, and full port scans on specified targets. The node is useful for network administrators and security professionals who want to automate network reconnaissance, identify active hosts, and detect open ports quickly within a given IP range or host.
Practical examples include:
- Quickly identifying live hosts in a subnet.
- Discovering devices and their open ports on a network.
- Performing a fast scan of common ports on a specific host.
- Conducting a comprehensive scan of all ports on a host for vulnerability assessment.
Properties
| Name | Meaning |
|---|---|
| Target Network Range / Host / IP | The target IP address, host, or network range (e.g., 192.168.0.0/24) to scan. |
| Options | Collection of optional parameters: |
| - Aggressive Mode | Numeric value controlling scan speed; higher values (like 5) make the scan faster (-T5). |
| - Check Top Ports | Number of top commonly used ports to check during the scan (e.g., 1000). |
| - Host Discovery | Boolean flag to enable host discovery; if disabled, skips host discovery for speed (-Pn). |
| - Put Result in Field | Name of the output JSON field where port scan results will be stored (default: "ports"). |
| Operation | Type of scan to perform: |
| - Quick Scan Network | Fast ping scan to detect live hosts (-sn). |
| - Discovery Network | Scan network with SYN scan and port detection (-sS). |
| - Ports Fast Scan | Fast scan of common ports on a host (-F). |
| - All Ports Scan | Scan all ports on a host (-p-). |
Output
The node outputs an array of items, each containing a json object with scan results. The structure depends on the selected operation:
- Quick Scan Network: Outputs parsed results listing detected live hosts.
- Discovery Network: Outputs detailed information about discovered devices and their ports, placed under a user-defined field (default
"ports"). - Ports Fast Scan and All Ports Scan: Outputs port scan results for the target host inside the specified output field (default
"ports").
No binary data output is produced by this node.
Dependencies
- Requires the
nmapcommand-line tool installed and accessible on the system where n8n runs. - Optionally uses sudo privileges if a local sudo password credential is provided, to run privileged commands.
- No external API keys or online services are required.
- Uses internal utility classes for shell command execution and parsing nmap output.
Troubleshooting
Common issues:
nmapnot installed or not in PATH: The node will fail to execute the scan command.- Insufficient permissions: Some scans require elevated privileges; provide a sudo password credential or run n8n with appropriate permissions.
- Invalid target input: Ensure the target IP/range is correctly formatted.
- Timeout or slow scans: Adjust aggressive mode or disable host discovery for faster execution.
Error messages:
- Errors from the underlying shell command execution are wrapped and thrown as node operation errors.
- If the sudo password is incorrect or missing when required, the scan will fail.
To resolve errors, verify nmap installation, credentials, and input parameters.