examples/nmap/nmap.attack
@slow
Feature: nmap attacks for scanme.nmap.org and to use this for your tests, change the value in the profile
Background:
Given "nmap" is installed
And the following profile:
| name | value |
| hostname | scanme.nmap.org |
| host | scanme.nmap.org |
| tcp_ping_ports | 22,25,80,443 |
Scenario: Verify server is open on expected set of ports using the nmap-fast attack step
When I launch a "nmap-fast" attack
Then the output should match /80.tcp\s+open/
Scenario: Verify server is open on expected set of ports using the nmap fast flag
When I launch an "nmap" attack with:
"""
nmap -F <hostname>
"""
Then the output should match:
"""
80/tcp\s+open
"""
Scenario: Verify that there are no unexpected ports open
When I launch an "nmap" attack with:
"""
nmap -F <hostname>
"""
Then the output should not contain:
"""
22/tcp
25/tcp
"""
Scenario: Output to XML
When I launch an "nmap" attack with:
"""
nmap -p 80,443 -oX foo.xml <hostname>
"""
And the file "foo.xml" should contain XML:
| css |
| ports port[protocol="tcp"][portid="80"] state[state="open"] |
And the file "foo.xml" should not contain XML:
| css |
| ports port[protocol="tcp"][portid="123"] state[state="open"] |
| ports port[protocol="tcp"][portid="443"] state[state="open"] |