nmap-pentest-scans
Plan and orchestrate authorized Nmap host discovery, port and service enumeration, NSE profiling, and reporting artifacts for in-scope targets.
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/0x-professor/nmap-pentest-scansWhat This Skill Does
The nmap-pentest-scans skill is a robust orchestration framework designed to automate the process of network reconnaissance, host discovery, and service enumeration within authorized pentesting environments. Acting as an interface for the powerful Nmap utility, this agentic skill allows security professionals to design, validate, and execute complex scanning workflows. It emphasizes reproducibility by generating deterministic scan-plan artifacts and ensuring that every action is mapped against a pre-validated scope schema. By automating the transition from target definition to actionable findings, it streamlines the Discovery phase of the PTES (Penetration Testing Execution Standard) and aligns with MITRE ATT&CK TA0007.
Installation
To integrate this capability into your OpenClaw environment, execute the following command in your terminal:
clawhub install openclaw/skills/skills/0x-professor/nmap-pentest-scans
Ensure that the local environment has Nmap installed and that your OpenClaw user permissions allow for network-level interactions.
Use Cases
This skill is intended for authorized security assessments where mapping network architecture and identifying exposed attack surfaces is required. Use cases include:
- Infrastructure discovery for large-scale internal or external penetration tests.
- Auditing segment security through stealth-based service profiling.
- Automated reporting of service versions and open ports for vulnerability assessment workflows.
Example Prompts
- "Perform a dry-run nmap scan on the target 192.168.1.0/24 using the balanced profile, and save the scan-plan to my workspace."
- "Execute an authorized stealth scan on target-alpha.corp using the fast profile, then generate the nmap-pentest-scans-report.json in my outputs directory."
- "Verify the scope defined in scope.json and perform full port enumeration on the target host 10.0.0.5 with NSE scripts enabled."
Tips & Limitations
Always conduct a dry-run first to validate your target scope against the scope_schema.json. This avoids accidental scanning of out-of-scope assets which could lead to service disruption. Ensure you have explicit written authorization before removing the --dry-run flag. While this skill provides excellent automation, it is limited by network connectivity, firewall egress/ingress restrictions, and the rate-limiting capabilities of the target environment. Always review the recommended-commands.txt generated before committing to a full-scale scan, as high-intensity scans can potentially cause instability on legacy hardware or sensitive industrial control systems.
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-0x-professor-nmap-pentest-scans": {
"enabled": true,
"auto_update": true
}
}
}Tags(AI)
Flags: network-access, file-write, file-read, code-execution
Related Skills
agentic-workflow-automation
Generate reusable multi-step agent workflow blueprints. Use for trigger/action orchestration, deterministic workflow definitions, and automation handoff artifacts.
cyber-kev-triage
Prioritize vulnerability remediation using KEV-style exploitation context plus asset criticality. Use for CVE triage, patch order decisions, and remediation reporting.
agentic-mcp-server-builder
Scaffold MCP server projects and baseline tool contract checks. Use for defining tool schemas, generating starter server layouts, and validating MCP-ready structure.
cyber-ir-playbook
Build incident response timelines and report packs from event logs. Use for detection-to-recovery reporting, phase tracking, and stakeholder-ready incident summaries.
ml-model-eval-benchmark
Compare model candidates using weighted metrics and deterministic ranking outputs. Use for benchmark leaderboards and model promotion decisions.