Running nmap via golang

Hi. Another post about golang 😉

I was developing a small source code in golang to automate the use of nmap , based on these examples:

But it was not succeed until I developed it and it worked :

[root@localhost golang]# vim go-nmap.go

// Mauro Risonho de Paula Assumpção aka firebits
// example os/exec nmap
// 24.07.2015 15:04:23
// fedora 22 x86-64
// go version go1.4.2 linux/amd64
// go build

package main

import “syscall”
import “os”
import “os/exec”

func main() {

// For our example we’ll exec `ls`. Go requires an
// absolute path to the binary we want to execute, so
// we’ll use `exec.LookPath` to find it (probably
// `/bin/nmap`).

binary, lookErr := exec.LookPath(“/usr/bin/nmap”)
if lookErr != nil {

// `Exec` requires arguments in slice form (as
// apposed to one big string). We’ll give `ls` a few
// common arguments. Note that the first argument should
// be the program name.
// args := []string{“nmap”, “-A”, “-O”, “”}
args := []string{“nmap”, “-A”, “”}

// `Exec` also needs a set of [environment variables](environment-variables)
// to use. Here we just provide our current
// environment.
env := os.Environ()

// Here’s the actual `syscall.Exec` call. If this call is
// successful, the execution of our process will end
// here and be replaced by the `/bin/ls -a -l -h`
// process. If there is an error we’ll get a return
// value.
execErr := syscall.Exec(binary, args, env)
if execErr != nil {

I installed a vm with Fedora 22 x86_64 and CUPS server and did a spot scanning in localhost

[root@localhost golang]# go build go-nmap.go
[root@localhost golang]# ./go-nmap

Starting Nmap 6.47 ( ) at 2015-07-24 15:06 BRT
Nmap scan report for localhost.localdomain (
Host is up (0.00015s latency).
Not shown: 999 closed ports
631/tcp open ipp CUPS 2.0
| http-methods: Potentially risky methods: PUT
| http-robots.txt: 1 disallowed entry
|_http-title: Home – CUPS 2.0.3
Device type: general purpose
Running: Linux 3.X
OS CPE: cpe:/o:linux:linux_kernel:3
OS details: Linux 3.7 – 3.15
Network Distance: 0 hops

OS and Service detection performed. Please report any incorrect results at .
Nmap done: 1 IP address (1 host up) scanned in 8.06 seconds

So it works!