Scanning Engine v2 - Module - Service Simple¶
Overview¶
Targeting¶
Configuration¶
Only the publicly-available configuration keys that can be set in a job's module invocations will be described below. Additional configuration keys may exist, but not be shown here because they are restricted to specific users or because they are permanently set as a static value. If no keys have (required) after their names then invocations of this module need not contain a config key.
Named Keys¶
addresses-only¶
Discard hostnames once they are resolved to addresses.
- Type: boolean
alternative-probes¶
Name of custom probes file, previously submitted by customer.
- Type: string
blocklist-files (required)¶
File of addresses, hostnames, and CIDR blocks that are blocked.
- Type: list(string)
buffer-size¶
Maximum size of probe response in bytes.
- Type: integer
- Default:
1024
connect-timeout¶
Timeout for each connection, in seconds.
- Type: float
- Default:
1.5
custom-probes¶
List of user-defined probes.
- Type: list(string)
debug¶
Run module with a debugging configuration.
- Type: boolean
disable-extraction¶
Disable additional extraction of data in case of failure matching.
- Type: boolean
max-v4¶
Maximum number of resolved IPv4 addresses to use.
- Type: integer
max-v6¶
Maximum number of resolved IPv6 addresses to use.
- Type: integer
no-probe-output¶
When printing a response, do not include the probe that generated it.
- Type: boolean
no-probe-stats¶
Disable general and probe-specific statistics.
- Type: boolean
probe-order¶
Probe ID that should be attempted before the default algorithm.
- Type: list(string)
probe-rarity¶
Select rarity level of probes: light, probable, default, or all.
- Type: string
- Default:
default
Values for this configuration key must be one the following:
lightprobabledefaultall
read-timeout¶
Timeout for socket reads, in seconds.
- Type: float
- Default:
1.5
request-timeout¶
Maximum timeout for each DNS request. (e.g., '10m', '1h', '1s', '1h10m')
- Type: string
resolution-timeout¶
Maximum timeout for DNS resolution of each target. (e.g., '10m', '1h', '1s', '1h10m')
- Type: string
resolver-address¶
Custom DNS resolver address to use.
- Type: string
resolver-concurrency¶
Number of concurrent goroutines to use when resolving targets.
- Type: integer
single-address¶
Use a single address from the DNS resolution.
- Type: boolean
ssl¶
Use SSL/TLS-wrapped connections from the start.
- Type: boolean
targeting-timeout¶
Maximum duration allowed for parsing and resolving all targets. (e.g., '10m', '1h', '1s', '1h10m')
- Type: string
unsafe¶
Enable unsafe probes.
- Type: boolean
workers¶
Number of workers (threads) to run.
- Type: integer
- Default:
128
Schemas¶
The schema for the body object of all results generated with .task.module_name equal to service-simple can be found here. The schema for results is available both in standalone and bundled form.
Examples¶
These are examples of the .body object for results with .task.module_name equal to service-simple.
SSH with GitHub¶
This example was generated with the GitHub SSH server.
{
"service": {
"directive": "softmatch",
"name": "ssh",
"extrainfo": "protocol 2.0",
"method": "probe_matching"
},
"probe": {
"info": {
"name": "NULL"
},
"data": {
"sent": "",
"recv": "SSH-2.0-babeld-fdcea1d49\\r\\n"
},
"stats": {
"probing_delta": 1.552104,
"matching_delta": 0.022824
}
},
"state": {
"state": "open"
},
"total_delta": 1.624969
}
SMTP over TLS with GMail¶
This example was generated with the GMail's SMTP server.
{
"service": {
"directive": "match",
"name": "ssl/smtp",
"product": "Google gsmtp",
"hostname": "smtp.gmail.com",
"method": "probe_matching"
},
"probe": {
"info": {
"name": "NULL"
},
"data": {
"sent": "",
"recv": "220 smtp.gmail.com ESMTP ca18e2360f4ac-82a1a2f081csm481931539f.10 - gsmtp\\r\\n"
},
"stats": {
"probing_delta": 1.667336,
"matching_delta": 0.007133
}
},
"state": {
"state": "open"
},
"total_delta": 3.501181
}
DNS with Google¶
This example was generated with the Google's Public DNS server.
{
"service": {
"directive": "match",
"name": "domain",
"product": "ISC BIND",
"extrainfo": "generic dns response: SERVFAIL",
"cpe": [
"cpe:/a:isc:bind"
],
"method": "probe_matching"
},
"probe": {
"info": {
"name": "DNSVersionBindReq"
},
"data": {
"sent": "\\x00\\x06\\x01\\x00\\x00\\x01\\x00\\x00\\x00\\x00\\x00\\x00\\x07version\\x04bind\\x00\\x00\\x10\\x00\\x03",
"recv": "\\x00\\x06\\x81\\x82\\x00\\x01\\x00\\x00\\x00\\x00\\x00\\x00\\x07version\\x04bind\\x00\\x00\\x10\\x00\\x03"
},
"stats": {
"probing_delta": 1.536557,
"matching_delta": 0.002018
}
},
"state": {
"state": "open"
},
"total_delta": 1.538956
}
FTP with FreeBSD¶
This example was generated with the FreeBSD FTP server.
{
"service": {
"directive": "match",
"name": "ftp",
"product": "vsftpd",
"version": "2.0.8 or later",
"cpe": [
"cpe:/a:vsftpd:vsftpd"
],
"method": "probe_matching"
},
"probe": {
"info": {
"name": "Help"
},
"data": {
"sent": "HELP\\r\\n",
"recv": "220 This is ftp0.tuk.freebsd.org - hosted at MetaPeer http://www.metapeer.com\\r\\n530 Please login with USER and PASS.\\r\\n"
},
"stats": {
"probing_delta": 1.577337,
"matching_delta": 0.002341
}
},
"state": {
"state": "open"
},
"total_delta": 4.968575
}
Changelog¶
v1.0.0 (2025-07-08)¶
- Initial release of versioning for each module. All modules are being tagged with version number
1.0.0. Going forward: - Major version should be changed when there are changes that impact consumers or clients of the modules.
- Minor version should be changed when there are additions which enrich or enhance the module but shouldn't affect consumers or clients.
- Patch version should be changed when there are bugfixes.