Flan – Pretty Sweet Vulnerability Scanner

Flan Scan is a lightweight network vulnerability scanner. With this scanning tool you can easily find open ports on your network, identify services and their version, and get a list of relevant CVEs affecting your network.

Flan Scan is a wrapper over Nmap and the vulners script which turns Nmap into a full-fledged network vulnerability scanner. The tool makes it easy to deploy Nmap locally within a container, push results to the cloud, and deploy the scanner on Kubernetes.

Flan - A pretty sweet Vulnerability Scanner
Flan – A pretty sweet Vulnerability Scanner

By default Flan Scan runs the following Nmap command:

$ nmap -sV -oX /shared/xml_files -oN - -v1 $@ --script=vulners/vulners.nse <ip-address>

The -oX flag adds an XML version of the scan results to the /shared/xml_files directory and the -oN - flag outputs “normal” Nmap results to the console. The -v1 flag increases the verbosity to 1 and the -sV flag runs a service detection scan (aside from Nmap’s default port and SYN scans). The --script=vulners/vulners.nse is the script that matches the services detected with relevant CVEs.

Nmap also allows you to run UDP scans and to scan IPv6 addresses. To add these and other flags to Scan Flan’s Nmap command after running make build run the container and pass in your Nmap flags like so:

$ docker run -v $(CURDIR)/shared:/shared flan_scan <Nmap-flags>

You can read more and download this tool over here: https://github.com/cloudflare/flan

Notify of
Inline Feedbacks
View all comments