Overview
Twigs supports discovering assets from your environment using nmap.
Pre-requisites
You need to have nmap installed on your host (where you will be running twigs).
Steps
The steps involved to discover assets using nmap in your environment are as below:
Open a new shell / terminal.
Check that twigs is installed and running properly by running below command:
twigs nmap -h
You can run the command below:
twigs nmap [-h] [--hosts HOSTS] [--timing {0,1,2,3,4,5}] [--discovery_scan_type {N,S,A,U,Y,O,E,P,M}] [--discovery_port_list DISCOVERY_PORT_LIST] [--no_ssh_audit]
where
HOSTS can be hostname, IP address or CIDR
TIMING allows fine grained control on performance. For details refer link.
DISCOVERY_SCAN_TYPE allows user to customize the host discovery scan. For details refer link.
DISCOVERY_PORT_LIST can be used to specify port(s) to be used in the host discovery scan.
After discovery is complete, you can login into ThreatWorx Console to view the newly discovery assets.