⭐️ nmap provider

Makefile

@@ -204,7 +204,8 @@ providers/build: \
 	providers/build/ms365 \
 	providers/build/aws \
 	providers/build/atlassian \
-	providers/build/cloudformation
+	providers/build/cloudformation \
+	providers/build/nmap
 
 .PHONY: providers/install
 # Note we need \ to escape the target line into multiple lines
@@ -230,7 +231,8 @@ providers/install: \
 	providers/install/ms365 \
 	providers/install/atlassian \
 	providers/install/aws \
-	providers/install/cloudformation
+	providers/install/cloudformation \
+	providers/build/nmap
 
 providers/build/mock: providers/lr
 	./lr go providers-sdk/v1/testutils/mockprovider/resources/mockprovider.lr
@@ -348,6 +350,11 @@ providers/build/cloudformation: providers/lr
 providers/install/cloudformation:
 	@$(call installProvider, providers/cloudformation)
 
+providers/build/nmap: providers/lr
+	@$(call buildProvider, providers/nmap)
+providers/install/nmap:
+	@$(call installProvider, providers/nmap)
+
 providers/dist:
 	@$(call buildProviderDist, providers/network)
 	@$(call buildProviderDist, providers/os)
@@ -371,6 +378,7 @@ providers/dist:
 	@$(call buildProviderDist, providers/aws)
 	@$(call buildProviderDist, providers/atlassian)
 	@$(call buildProviderDist, providers/cloudformation)
+	@$(call buildProviderDist, providers/nmap)
 
 providers/bundle:
 	@$(call bundleProvider, providers/network)
@@ -395,6 +403,7 @@ providers/bundle:
 	@$(call bundleProvider, providers/aws)
 	@$(call bundleProvider, providers/atlassian)
 	@$(call bundleProvider, providers/cloudformation)
+	@$(call bundleProvider, providers/nmap)
 
 providers/test:
 	@$(call testProvider, providers/core)
@@ -420,6 +429,7 @@ providers/test:
 	@$(call testGoModProvider, providers/aws)
 	@$(call testGoModProvider, providers/atlassian)
 	@$(call testGoModProvider, providers/cloudformation)
+	@$(call testGoModProvider, providers/nmap)
 
 lr/test:
 	go test ./resources/lr/...
@@ -508,6 +518,11 @@ lr/docs/markdown: providers/lr
 		--description "The Network resource pack lets you use MQL to query and assess the security of domains and network services." \
 		--docs-file providers/network/resources/network.lr.manifest.yaml \
 		--output ../docs/docs/mql/resources/network-pack
+	./lr markdown providers/network/resources/nmap.lr \
+		--pack-name "nmap" \
+		--description "The nmap resource pack lets you use MQL to query and assess nmap data." \
+		--docs-file providers/network/resources/nmap.lr.manifest.yaml \
+		--output ../docs/docs/mql/resources/nmap-pack
 	./lr markdown providers/oci/resources/oci.lr \
 		--pack-name "Oracle Cloud Infrastructure (OCI)" \
 		--description "The Oracle Cloud Infrastructure (OCI) resource pack lets you use MQL to query and assess the security of your OCI services." \

providers/defaults.go

@@ -230,6 +230,21 @@ var DefaultProviders Providers = map[string]*Provider{
 		},
 	},
 
+	"nmap": {
+		Provider: &plugin.Provider{
+			Name:            "nmap",
+			ID:              "go.mondoo.com/cnquery/v9/providers/nmap",
+			ConnectionTypes: []string{"nmap"},
+			Connectors: []plugin.Connector{
+				{
+					Name:  "nmap",
+					Use:   "nmap",
+					Short: "a nmap network scanner",
+				},
+			},
+		},
+	},
+
 	"oci": {
 		Provider: &plugin.Provider{
 			Name:            "oci",

providers/nmap/README.md

@@ -0,0 +1,99 @@
+# nmap provider
+
+Nmap, short for Network Mapper, is a powerful and versatile open-source tool used for network discovery and security auditing. This tool is widely utilized by network administrators, security professionals, and penetration testers to map out network structures, discover hosts, identify services, and detect vulnerabilities.
+
+The nmap provider maps primary objects and attributes that nmap uses to store and manage information about scanned targets, discovered hosts, and their associated ports and services.
+
+## Pre-requisites
+
+This provider requires the nmap tool to be installed on your system. You can download and install nmap from the official [website](https://nmap.org/download.html).
+
+## Get Started
+
+```shell
+cnquery shell nmap
+```
+
+## Example
+
+*Scan active IP address in network*
+
+```shell
+nmap.target("192.168.178.0/24").hosts { name ports { * }  }
+nmap.target.hosts: [
+  0: {
+    ports: [
+      0: {
+        service: "http"
+        version: ""
+        method: "probed"
+        state: "open"
+        protocol: "tcp"
+        port: 443
+        product: "FRITZ!Box http config"
+      }
+      1: {
+        service: "sip"
+        version: ""
+        method: "probed"
+        state: "open"
+        protocol: "tcp"
+        port: 5060
+        product: "AVM FRITZ!OS SIP"
+      }
+    ]
+    name: "192.168.178.1"
+  }
+  1: {
+    ports: [
+      0: {
+        service: "rtsp"
+        version: "770.8.1"
+        method: "probed"
+        state: "open"
+        protocol: "tcp"
+        port: 5000
+        product: "AirTunes rtspd"
+      }
+      1: {
+        service: "rtsp"
+        version: "770.8.1"
+        method: "probed"
+        state: "open"
+        protocol: "tcp"
+        port: 7000
+        product: "AirTunes rtspd"
+      }
+    ]
+    name: "192.168.178.25"
+  }
+]
+```
+
+*Host scan with specific ip*
+
+```shell
+nmap.target(target: "192.168.178.25").hosts { ports }
+nmap.target.hosts: [
+  0: {
+    ports: [
+      0: nmap.port port=5000 service="rtsp"
+      1: nmap.port port=7000 service="rtsp"
+    ]
+  }
+]
+```
+
+# Advanced Usage
+
+Discover all exposed hosts on a network.
+
+```shell
+cnquery shell nmap --networks "192.168.0.0/20" --discover hosts
+```
+
+Connect to a specific IP address and display all open ports.
+
+```shell
+cnquery shell nmap host 8.8.8.8
+```

providers/nmap/config/config.go

@@ -0,0 +1,25 @@
+// Copyright (c) Mondoo, Inc.
+// SPDX-License-Identifier: BUSL-1.1
+
+package config
+
+import (
+	"go.mondoo.com/cnquery/v11/providers-sdk/v1/plugin"
+	"go.mondoo.com/cnquery/v11/providers/nmap/provider"
+)
+
+var Config = plugin.Provider{
+	Name:            "nmap",
+	ID:              "go.mondoo.com/cnquery/v11/providers/nmap",
+	Version:         "11.0.0",
+	ConnectionTypes: []string{provider.DefaultConnectionType},
+	Connectors: []plugin.Connector{
+		{
+			Name:      "nmap",
+			Use:       "nmap",
+			Short:     "a nmap network scanner",
+			Discovery: []string{},
+			Flags:     []plugin.Flag{},
+		},
+	},
+}

providers/nmap/connection/connection.go

@@ -0,0 +1,37 @@
+// Copyright (c) Mondoo, Inc.
+// SPDX-License-Identifier: BUSL-1.1
+
+package connection
+
+import (
+	"go.mondoo.com/cnquery/v11/providers-sdk/v1/inventory"
+	"go.mondoo.com/cnquery/v11/providers-sdk/v1/plugin"
+)
+
+type NmapConnection struct {
+	plugin.Connection
+	Conf     *inventory.Config
+	asset    *inventory.Asset
+	// Add custom connection fields here
+}
+
+func NewNmapConnection(id uint32, asset *inventory.Asset, conf *inventory.Config) (*NmapConnection, error) {
+	conn := &NmapConnection{
+		Connection: plugin.NewConnection(id, asset),
+		Conf:  conf,
+		asset: asset,
+	}
+
+	// initialize your connection here
+
+	return conn, nil
+}
+
+func (c *NmapConnection) Name() string {
+	return "nmap"
+}
+
+func (c *NmapConnection) Asset() *inventory.Asset {
+	return c.asset
+}
+

providers/nmap/gen/main.go

@@ -0,0 +1,13 @@
+// Copyright (c) Mondoo, Inc.
+// SPDX-License-Identifier: BUSL-1.1
+
+package main
+
+import (
+	"go.mondoo.com/cnquery/v11/providers-sdk/v1/plugin/gen"
+	"go.mondoo.com/cnquery/v11/providers/nmap/config"
+)
+
+func main() {
+	gen.CLI(&config.Config)
+}