Flan Scan – Cloudflare Released New Network Vulnerability Scanner Tool Based on Nmap

Cloudflare released a new open-source network vulnerability scanner Flan Scan based on the popular network scanning tool Nmap. The Flan Scan converts the Nmap to a full-fledged vulnerability scanner by adding additional components.

The tool was designed to scan for the network and to detect services on the network and then to lookup for those services with the CVEs database for finding vulnerabilities relevant to it.

Flan Scan and Nmap

Nmap is known for its accuracy, which lets the Cloudflare team to Choose Nmap as a base scanner,” we also liked Nmap because of the Nmap Scripting Engine (NSE), which allows scripts to be run against the scan results.”

Also, the NSE includes the vulnerability database “vulners” script that is mapped to use to map the detected services with the relevant CVEs from the database.

Cloudflare added three features to make the scanner easy to deploy and more user-friendly.

  • Can be built inside Kubernetes and Docker
  • Ability to push results inside Google Cloud Storage Bucket or an S3 bucket.
  • Actionable reports from Nmap’s output to detect vulnerable services.

Flan Scan capable of establishing an organization vulnerability management program, the scan starts with service detection followed by fetching results from that shows know vulnerabilities associated with the service.

Flan Scan default’s Nmap to run these three scans

Flan scan work method
  • ICMP ping scan – To determine a service status
  • SYN scan – To find open, closed, or filtered ports.
  • Service detection scan – To detect the services running on the port.

The tool also allows users to run any features of the Nmap by just passing the Nmap flags at runtime. The tool includes uses a Python script that converts structured XML of Nmap’s output to an actionable report.

Flan Scan available in GitHub, also Cloudflare provides configuration sample configurations.


Gurubaran is a Security Consultant, Security Editor & Co-Founder of Cyber Security News & GBHackers On Security.

Recent Posts

Defend Ransomware Attacks With Top Effective Proactive Measures in 2024

We're currently living in an age where digital threats loom large. Among these, ransomware has…

20 mins ago

GoTitan Botnet Actively Exploiting Apache ActiveMQ Vulnerability

Attackers are exploiting the recently discovered critical security vulnerability tracked as (CVE-2023-46604) affecting Apache ActiveMQ…

17 hours ago

Cybercriminals are Showing Hesitation to Utilize AI When Executing Cyber Attacks

Media reports highlight the sale of LLMs like WormGPT and FraudGPT on underground forums. Fears…

17 hours ago

Vigil: Open-source Security Scanner for LLM Models Like ChatGPT

An open-source security scanner, developed by Git Hub user Adam Swanda, was released to explore…

18 hours ago

Slovenia’s Biggest Power Provider has Suffered a Cyberattack

One of Slovenia's major power providers, HSE, has recently fallen victim to a significant cyberattack.…

18 hours ago

Genesis Market Technique: Hackers Exploited Node.js and EV Certificates

In the labyrinthine landscape of cyber threats, the Trend Micro Managed XDR team has uncovered…

21 hours ago