{% extends "base.html" %} {% block title %}Help - SneakyScanner{% endblock %} {% block content %}

Help & Documentation

Learn how to use SneakyScanner to manage your network scanning operations.

Quick Navigation
Getting Started
Sites
Scan Configs
Running Scans
Scheduling
Comparisons
Alerts
Webhooks
Getting Started

SneakyScanner helps you perform network vulnerability scans and track changes over time. Here's the typical workflow:

Basic Workflow:
  1. Create a Site - Define a logical grouping for your targets
  2. Add IPs - Add IP addresses or ranges to your site
  3. Create a Scan Config - Configure how scans should run using your site
  4. Run a Scan - Execute scans manually or on a schedule
  5. Review Results - Analyze findings and compare scans over time
Creating Sites & Adding IPs
What is a Site?

A Site is a logical grouping of IP addresses that you want to scan together. For example, you might create separate sites for "Production Servers", "Development Environment", or "Office Network".

Creating a Site
  1. Navigate to Configs → Sites in the navigation menu
  2. Click the Create Site button
  3. Enter a descriptive name for your site
  4. Optionally add a description to help identify the site's purpose
  5. Click Create to save the site
Adding IP Addresses

After creating a site, you need to add the IP addresses you want to scan:

  1. Find your site in the Sites list
  2. Click the Manage IPs button (or the site name)
  3. Click Add IP
  4. Enter the IP address or CIDR range (e.g., 192.168.1.1 or 192.168.1.0/24)
  5. Click Add to save
Note: You can add individual IPs or CIDR notation ranges. Large ranges will result in longer scan times.
Creating Scan Configurations
What is a Scan Config?

A Scan Configuration defines how a scan should be performed. It links to a Site and specifies scanning parameters like ports to scan, timing options, and other settings.

Creating a Scan Config
  1. Navigate to Configs → Scan Configs in the navigation menu
  2. Click the Create Config button
  3. Enter a name for the configuration
  4. Select the Site to associate with this config
  5. Configure scan parameters:
    • Ports - Specify ports to scan (e.g., 22,80,443 or 1-1000)
    • Timing - Set scan speed/aggressiveness
    • Additional Options - Configure other nmap parameters as needed
  6. Click Create to save the configuration
Tip: Create different configs for different purposes - a quick config for daily checks and a thorough config for weekly deep scans.
Running Scans
Starting a Manual Scan
  1. Navigate to Scans in the navigation menu
  2. Click the New Scan button
  3. Select the Scan Config you want to use
  4. Click Start Scan
Monitoring Scan Progress

While a scan is running:

  • The scan will appear in the Scans list with a Running status
  • You can view live progress by clicking on the scan
  • The Dashboard also shows active scans
Viewing Scan Results
  1. Once complete, click on a scan in the Scans list
  2. View discovered hosts, open ports, and services
  3. Export results or compare with previous scans
Scheduling Scans
Why Schedule Scans?

Scheduled scans allow you to automatically run scans at regular intervals, ensuring continuous monitoring of your network without manual intervention.

Creating a Schedule
  1. Navigate to Schedules in the navigation menu
  2. Click the Create Schedule button
  3. Enter a name for the schedule
  4. Select the Scan Config to use
  5. Configure the schedule:
    • Frequency - How often to run (daily, weekly, monthly, custom cron)
    • Time - When to start the scan
    • Days - Which days to run (for weekly schedules)
  6. Enable/disable the schedule as needed
  7. Click Create to save
Managing Schedules
  • Enable/Disable - Toggle schedules on or off without deleting them
  • Edit - Modify the schedule timing or associated config
  • Delete - Remove schedules you no longer need
  • View History - See past runs triggered by the schedule
Tip: Schedule comprehensive scans during off-peak hours to minimize network impact.
Scan Comparisons
Why Compare Scans?

Comparing scans helps you identify changes in your network over time - new hosts, closed ports, new services, or potential security issues.

Comparing Two Scans
  1. Navigate to Scans in the navigation menu
  2. Find the scan you want to use as the baseline
  3. Click on the scan to view its details
  4. Click the Compare button
  5. Select another scan to compare against
  6. Review the comparison results
Understanding Comparison Results

The comparison view shows:

  • New - Hosts or ports that appear in the newer scan but not the older one
  • Removed - Hosts or ports that were in the older scan but not the newer one
  • Changed - Services or states that differ between scans
  • Unchanged - Items that remain the same
Security Note: Pay close attention to unexpected new open ports or services - these could indicate unauthorized changes or potential compromises.
Alerts & Alert Rules
Understanding Alerts

Alerts notify you when scan results match certain conditions you define. This helps you stay informed about important changes without manually reviewing every scan.

Viewing Alert History
  1. Navigate to Alerts → Alert History
  2. View all triggered alerts with timestamps and details
  3. Filter alerts by severity, date, or type
  4. Click on an alert to see full details and the associated scan
Creating Alert Rules
  1. Navigate to Alerts → Alert Rules
  2. Click Create Rule
  3. Configure the rule:
    • Name - A descriptive name for the rule
    • Condition - What triggers the alert (e.g., new open port, new host, specific service detected)
    • Severity - How critical is this alert (Info, Warning, Critical)
    • Scope - Which sites or configs this rule applies to
  4. Enable the rule
  5. Click Create to save
Common Alert Rule Examples
  • New Host Detected - Alert when a previously unknown host appears
  • New Open Port - Alert when a new port opens on any host
  • Critical Port Open - Alert for specific high-risk ports (e.g., 23/Telnet, 3389/RDP)
  • Service Change - Alert when a service version changes
  • Host Offline - Alert when an expected host stops responding
Tip: Start with a few important rules and refine them over time to avoid alert fatigue.
Webhooks
What are Webhooks?

Webhooks allow SneakyScanner to send notifications to external services when events occur, such as scan completion or alert triggers. This enables integration with tools like Slack, Discord, Microsoft Teams, or custom systems.

Creating a Webhook
  1. Navigate to Alerts → Webhooks
  2. Click Create Webhook
  3. Configure the webhook:
    • Name - A descriptive name
    • URL - The endpoint to send notifications to
    • Events - Which events trigger this webhook
    • Secret - Optional secret for request signing
  4. Test the webhook to verify it works
  5. Click Create to save
Webhook Events
  • Scan Started - When a scan begins
  • Scan Completed - When a scan finishes
  • Scan Failed - When a scan encounters an error
  • Alert Triggered - When an alert rule matches
Integration Examples
  • Slack - Use a Slack Incoming Webhook URL
  • Discord - Use a Discord Webhook URL
  • Microsoft Teams - Use a Teams Incoming Webhook
  • Custom API - Send to your own endpoint for custom processing
Back to Top
{% endblock %}