nmap
This page will have all the pentesting techniques related to nmap.
Network Mapping
After gathering information passively about a target organization, a penetration tester moves to the active information gathering phase. This phase involves identifying which hosts are online, what ports are open, and what operating systems are running on those hosts. The process used for this is Network Mapping.
Network Mapping refers to the identification of devices, hosts, and network elements within a target network. It is an essential part of pentesting, helping the tester understand the network's layout, architecture, and identify potential vulnerabilities.
Why Map a Network?
Discovery of Live Hosts: Identify which devices or hosts are currently active.
Identification of Open Ports: Determine which services are accessible via specific ports.
Network Topology Mapping: Understand how the network is structured, including its layout.
Operating System Fingerprinting: Identify the operating systems running on each active host.
Service Version Detection: Discover which versions of services are running, potentially exposing outdated or vulnerable software.
Identifying Filtering and Security Measures: Uncover firewall rules, intrusion prevention systems (IPS), and other security mechanisms.
Nmap (Network Mapper) is a free, open-source tool used for network discovery and security auditing. It helps identify devices on a network, discover open ports, services, operating systems, and potential vulnerabilities by scanning IP addresses. Nmap is commonly used by cybersecurity professionals for network exploration, troubleshooting, and security assessments.
nmap Basic Scan
Service & Version Detection
๐ฃ I USE THIS ALL THE TIME ๐ฃ
General Flag
Port Scanning Options
Output
Target
Output Formats
Output to a File
-oN sth.txt
: Saves results in a normal text format.
-oX test.xml
: Saves results in XML format. - useful for metasploit.
-oG sth.txt
: Saves results in a greapable forma, which can be later used with egrep
Last updated