Big News: Socket raises $60M Series C at a $1B valuation to secure software supply chains for AI-driven development.Announcement
Sign In

grab.js

Package Overview
Dependencies
Maintainers
1
Versions
21
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

grab.js

zgrab in node.js

latest
Source
npmnpm
Version
2.1.0
Version published
Maintainers
1
Created
Source

grab.js Coverage Status Build Status

Usage

Quick Example

const grabber = require('grab.js');
grabber.grab(ip, port)
  .run()
  .then(result => { /* process the result */ })
  .catch(err => { /* error handling */ })

Api

grabber.grab(ip, port, options}

Returns a Grab object. You need to call run method to execute it.

  • ip: target ip
  • port port number
  • options (optional): An object contains initial settings for the Grab, supports tls and payload and both of them are optional.

Grab#run()

Exeute the task, returns a Promise which yields a record. The record can have following fields:

  • record.banner: the banner Buffer
  • record.certificate: certificate information (only avaliable when TLS is enabled)

Grab.tls

Enable TLS.

Grab.payload

The Buffer to send when connection established. Payload file can be found under nmap/paylaods.

grabber.escape(buffer)

Escape buffer to printable chars.

grabber.parser(service)

Returns a promise that loads a parser function with given parser rule name. Rule names can be found under nmap/parsers.

Parser.parse(buffer)

Parse buffer to fingerprints. Fingerprint could have following fields:

  • cpes: common platform enumeration
  • os: operating system
  • product: product name
  • device: device type
  • service: service name, same as the only arguments for grabber.parser
  • version: software version

Notice that a Parser object instance is not exported. This is by design.

Command util

This project provides a cli tool for quick banner grab like zgrab

For example, scanning ftp banner on given CIDR:

sudo zmap -p 80 [cidr] | node cli.js -p 80 --payload=tcp/GetRequest --parse http > http.json

Leave cidr blank to scan 0.0.0.0/20

find nmap to checkout all avaliable parsers and payloads.

Options

  • -p, --port the port
  • -s, --tls use tls (https, imaps, etc)
  • --payload send a payload upon connection. ls -R nmap/payloads to see all supported parsers.
  • --parser parse banner with nmap's rule. ls nmap/parsers to see all supported parsers.

Special thanks

Thanks to the marvellous nmap project who has collected so many rules for fingerprinting.

License

GPLv2

Keywords

banner
fingerprinting
scan
security

FAQs

Package last updated on 15 Jun 2017

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

npm Invalidates Granular Access Tokens as Mini Shai-Hulud Sweeps the Registry

Security News

npm Invalidates Granular Access Tokens as Mini Shai-Hulud Sweeps the Registry

npm invalidated all granular access tokens that bypass 2FA after a fresh Mini Shai-Hulud wave compromised 323 npm packages. Staged publishing also entered public preview.

By Sarah Gooding  -  May 21, 2026