From 82b75e07e473ca2cd770abc708e1c86bd0da57ab Mon Sep 17 00:00:00 2001
From: ryananicholson <ryananicholson@gmail.com>
Date: Mon, 10 Mar 2025 17:58:19 -0400
Subject: [PATCH] feat: Add T1046-12 (#3074)

Co-authored-by: Bhavin Patel <bhavin.j.patel91@gmail.com>
Co-authored-by: Hare Sudhan <code@0x6c.dev>
---
 atomics/T1046/T1046.yaml | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)

diff --git a/atomics/T1046/T1046.yaml b/atomics/T1046/T1046.yaml
index b8201893..deb12dde 100644
--- a/atomics/T1046/T1046.yaml
+++ b/atomics/T1046/T1046.yaml
@@ -277,3 +277,31 @@ atomic_tests:
        Get-Service -Name "Remote Desktop Services", "Remote Desktop Configuration"
     name: powershell
     elevation_required: true
+- name: Port Scan using nmap (Port range)
+  description: |
+    Scan multiple ports to check for listening ports with nmap
+  supported_platforms:
+  - linux
+  - macos
+  input_arguments:
+    host:
+      description: Host(s) to scan.
+      type: string
+      default: "127.0.0.1"
+    port_range:
+      description: Port range(s) to scan.
+      type: string
+      default: "0-65535"
+  dependency_executor_name: sh
+  dependencies:
+  - description: |
+      Check if nmap command exists on the machine
+    prereq_command: |
+      if [ -x "$(command -v nmap)" ]; then exit 0; else exit 1; fi;
+    get_prereq_command: |
+      (which yum && yum -y install epel-release nmap)||(which apt-get && DEBIAN_FRONTEND=noninteractive apt-get install -y nmap)||(which pkg && pkg install -y nmap)||(which brew && brew install nmap)
+  executor:
+    command: |
+      nmap -Pn -sV -p #{port_range} #{host}
+    elevation_required: true
+    name: sh
\ No newline at end of file