NetMap is a comprehensive network discovery and intelligence platform that automatically scans the global internet, similar to Shodan. It provides real-time detection of hosts, services, and DNS records across IP ranges with a modern dark-themed web interface.
- Continuous Internet Scanning: Automatically scans internet ranges with configurable frequency
- Multi-type Scanning: Port scanning (1-65535), service detection, and passive data collection
- Real-time Processing: Distributed scanning with Celery workers
- Auto-startup: Begins scanning immediately when deployed
- Port Scanning: Masscan integration for high-speed full port discovery
- Service Detection: Nmap-powered service and version identification
- DNS Intelligence: Comprehensive DNS record collection and analysis
- Passive Reconnaissance: WHOIS and geolocation data gathering
- Dark Theme UI: Clean, minimal dark interface
- Interactive Dashboard: Live statistics and host discovery tables
- Advanced Search: Dedicated search page with tabbed results
- API Documentation: Built-in interactive API documentation
- Responsive Design: Mobile-friendly layout
- Docker Compose: Single production-ready containerization
- PostgreSQL: Robust data storage
- Elasticsearch: Fast search and analytics
- Redis: Message brokering and caching
- Distributed Workers: Horizontal scaling support
NetMap
βββ Web Application (Django)
βββ API Layer (Django REST Framework)
βββ Scanner Engine (Masscan + Nmap)
βββ Passive Collection (DNS/WHOIS)
βββ Celery Workers (Distributed Tasks)
βββ PostgreSQL (Data Storage)
βββ Elasticsearch (Search & Analytics)
βββ Redis (Message Broker)
- Docker & Docker Compose
- 8GB+ RAM recommended
- Privileged container access (for raw sockets)
- Clone the repository:
git clone https://github.com/burakozcn01/netmap.git
cd netmap- Start the platform:
docker-compose up -d- Access the platform:
- Dashboard: http://localhost:8000
- Search: http://localhost:8000/search/
- API Docs: http://localhost:8000/docs/
- Admin Panel: http://localhost:8000/admin/
- API: http://localhost:8000/api/
The system automatically:
- Initializes the database with critical internet ranges
- Starts background scan processes for major cloud providers
- Begins collecting internet intelligence immediately
- Processes scan queues continuously
GET /api/hosts/- List discovered hostsGET /api/services/- List discovered servicesGET /api/dns-records/- List DNS recordsGET /api/scan-results/- List scan results
GET /api/search/?q={query}- Search across all data typesGET /stats/- Live statistics and metrics
GET /api/scan-jobs/- List scan jobsPOST /api/scan-jobs/- Create new scanGET /api/ip-ranges/- List target IP ranges
NetMap includes pre-configured high-value internet ranges:
- Google Public DNS (8.8.8.0/24)
- Cloudflare DNS (1.1.1.0/24)
- OpenDNS (208.67.222.0/24)
- Quad9 DNS (9.9.9.0/24)
- Amazon CloudFront (13.32.0.0/15)
- Cloudflare CDN (104.16.0.0/12)
- Google Cloud Platform (34.64.0.0/10)
- Microsoft Azure (13.64.0.0/11)
- AT&T Services, Comcast Cable, Verizon FiOS
- RIPE European, APNIC Asia Pacific ranges
# Database
POSTGRES_DB=netmap
POSTGRES_USER=netmap
POSTGRES_PASSWORD=netmap123
# Scanning - Full Port Range
SCAN_RATE_LIMIT=10000
SCAN_THREADS=100
SCAN_TIMEOUT=60
# Services
DEBUG=0
ELASTICSEARCH_URL=http://elasticsearch:9200
REDIS_URL=redis://redis:6379/0- Web: Django application (2 replicas)
- Worker: Celery workers (5 replicas)
- Scanner: Privileged scanning containers (3 replicas)
- Beat: Task scheduler
- Database: PostgreSQL with 4GB memory
- Search: Elasticsearch with 6GB memory
- Full Range: Scans all ports 1-65535
- Fast SYN scanning with Masscan
- TCP/UDP protocol support
- Rate-limited for responsible discovery
- Nmap service identification
- Version detection and banner grabbing
- Confidence scoring
- Product and version enumeration
- DNS record harvesting
- WHOIS data collection
- Hostname resolution
- Geolocation and organization data
- PostgreSQL: 4GB memory limit, 2GB reservation
- Elasticsearch: 6GB memory limit, 4GB reservation
- Redis: 2GB memory with LRU eviction
- Web Workers: 4 Gunicorn workers per container
- Scan Workers: 8 concurrent Celery workers
- Multiple web replicas with load balancing
- Distributed Celery workers for parallel scanning
- Elasticsearch clustering support
- Redis clustering for high availability
- Rate limiting to avoid service disruption
- Respectful scanning practices
- No exploitation attempts
- Passive data collection focus
- Use only for authorized networks or public information
- Respect robots.txt and rate limits
- Follow local and international laws
- Educational and research purposes
- Live Statistics: Hosts, services, DNS records, scan jobs
- Recent Discoveries: Latest hosts and services found
- Quick Actions: Create new scans directly from UI
- Unified Search: Search across hosts, services, and DNS records
- Tabbed Results: Organized display of search results
- Real-time Search: Instant results with loading states
- Interactive Testing: Built-in API testing tool
- Complete Examples: Request/response samples
- Endpoint Documentation: Detailed parameter descriptions
- Fork the repository
- Create a feature branch
- Commit your changes
- Push to the branch
- Create a Pull Request
This project is licensed under the MIT License - see the LICENSE file for details.
NetMap is designed for security research, network administration, and educational purposes. Users are responsible for ensuring compliance with applicable laws and regulations. Unauthorized scanning of networks you do not own may be illegal in your jurisdiction.
Report issues at: https://github.com/burakozcn01/netmap/issues
NetMap - Mapping the Internet, One Scan at a Time π