NakulaScan is a lightweight, modular, and stealth-optimized reconnaissance tool built for red team operators, bug bounty hunters, and cybersecurity learners.
Perform active stealth scans, gather passive OSINT, and receive CVE suggestions — all in one clean command-line tool.
- ✅ Stealth TCP Scan Modes (FIN, NULL, XMAS)
- ✅ Passive Recon: WHOIS, DNS, ASN, GeoIP
- ✅ CVE Matching from Service Banners (Offline)
- ✅ Protocol-aware Banner Grabbing (HTTP/HTTPS, FTP, SSH, etc.)
- ✅ Save & Resume Mid-Scan
- ✅ Codename Generator for Operator Identity
- ✅ Clean HTML + Markdown Report Generation
- ✅ Subdomain Resolution Support (Passive Mode)
- ✅ CIDR Range Scanning
- ✅ CSV Report Generation
- ✅ UDP Scanning with DNS/SNMP/NTP payloads and full port range
- ✅ Plugin Architecture for Custom Checks
- ✅ Asynchronous Thread Pool Scanning
- ✅ Interactive mode when launched with no arguments
- ✅ Quick-scan profiles for common scenarios
- ✅ Automatic crash resume via
--auto-resume - ✅ Debug logging to
debug.log
sudo python3 nakula.py -t 192.168.1.5 -S xmaspython3 nakula.py -t example.com --passivesudo python3 nakula.py -T targets.txt -S finsudo python3 nakula.py -c 192.168.1.0/24 -S finsudo python3 nakula.py -c 192.168.1.0/24 -S fin --per-hostsudo python3 nakula.py -t scanme.nmap.org -S null --save session.json
sudo python3 nakula.py --resume session.jsonsudo python3 nakula.py -t 192.168.1.5 -Usudo python3 nakula.py -c 192.168.1.0/24 -F webscanpython3 nakula.pyreports/active_results.jsonreports/passive_results.jsonreports/NakulaScan_<target>_<timestamp>.htmlreports/NakulaScan_<target>_<timestamp>.csvreports/NakulaScan_<target>_<timestamp>.mdreports/NakulaScan_summary_<timestamp>.*for multi-target scansreports/NakulaScan_<ip>_<timestamp>.*when using--per-host
Matches banners to known CVE patterns locally, with no internet required. Add new entries in cve_suggester.py to expand the database.
MIT License. For educational and ethical red team use only.
“He who moves without being seen is the truest warrior.” — Nakula
ॐ