Overview
This node performs network scanning using the nmap command-line tool. It supports multiple scanning operations such as quick network scans, discovery scans with device and port detection, fast port scans, and full port scans on specified targets like IP addresses, hosts, or network ranges.
Common scenarios where this node is beneficial include:
- Quickly identifying active devices in a local network.
- Discovering open ports and services running on hosts.
- Performing security audits by scanning for open ports.
- Network inventory and monitoring tasks.
For example, a user can run a "Quick Scan Network" to ping all devices in a subnet and get a list of responsive hosts, or perform an "All Ports Scan" on a specific host to identify every open port.
Properties
| Name | Meaning |
|---|---|
Target Network Range / Host / IP (network_range) |
The target IP address, host, or network range (e.g., 192.168.0.0/24) to scan. |
Options (options) |
Collection of optional parameters: |
- Aggressive Mode (aggressive_mode) |
Numeric value controlling scan speed; higher values (like 5) make the scan faster (-T5). |
- Check Top Ports (top_ports) |
Number of top ports to check during the scan (e.g., 1000). |
- Host Discovery (host_discovery) |
Boolean flag to enable host discovery; if disabled, skips host discovery for faster scans (-Pn). |
- Put Result in Field (ports_field) |
Name of the output JSON field where port scan results will be stored (default: "ports"). |
Operation (operation) |
Type of scan to perform. Options include: |
| - Quick Scan Network: Fast ping scan (-sn) to detect live hosts. | |
| - Discovery Network: SYN scan (-sS) with port checks and device discovery. | |
| - Ports Fast Scan: Fast port scan (-F) on a host. | |
| - All Ports Scan: Scan all ports (-p-) on a host. |
Output
The node outputs an array of items with JSON data representing the scan results. The structure depends on the selected operation:
- Quick Scan Network: Outputs an array of objects each representing a detected host from the quick ping scan.
- Discovery Network: Outputs an array of objects with detailed information about discovered devices and their ports. The port data is placed under the user-defined field name (default
"ports"). - Ports Fast Scan and All Ports Scan: Outputs the original input item enriched with a new JSON field (default
"ports") containing parsed port scan results.
No binary data output is produced by this node.
Dependencies
- Requires the
nmapcommand-line tool installed and accessible in the system environment where n8n runs. - Optionally uses sudo privileges if a local sudo password credential is provided, allowing execution of privileged commands.
- No external API keys or online services are required.
- Uses internal utility classes for shell command execution and parsing nmap output.
Troubleshooting
Common issues:
nmapnot installed or not in PATH: The node will fail to execute the scan command.- Insufficient permissions: Some scans require elevated privileges; without sudo access, scans may fail or produce incomplete results.
- Invalid target format: Providing an incorrect IP or network range string will cause errors.
- Timeout or slow scans: Large networks or all-port scans can take significant time.
Error messages:
- Errors thrown by the underlying shell command execution are wrapped and reported as node operation errors.
- If sudo password is incorrect or missing when required, the command will fail.
Resolutions:
- Ensure
nmapis installed and accessible. - Provide correct credentials if sudo is needed.
- Validate target inputs before running scans.
- Adjust options like aggressive mode or host discovery to optimize performance.
- Ensure