Supported Cortex XSOAR versions: 6.5.0 and later.
Sub-playbook that performs an Nmap scan and compares the results against a regular expression for a match. This could be used to look for OpenSSH versions or other OS information found in the banner.
This playbook uses the following sub-playbooks, integrations, and scripts.
This playbook does not use any sub-playbooks.
|Remote IP address in an incident/alert.
|Remote port number in incident/alert
|Regular expression to compare against the banner for a match.
|Options to be used for the Nmap scan. (We do "--script=banner -p\<RemotePort>" by default and recommend using "-Pn" to skip the ping check.)
|The results of the scan (if done)
|Whether a scan was actually performed (based on subtypes).
|Nmap scan data.