0P3N Blog Blog Post

Ethical Hacking with Kali Linux – Part 6: Nmap (Network Mapper)

By: bjacharya
July 1, 2016
Ethical Hacking with Kali Linux – Part 6: Nmap (Network Mapper) - Cybrary

Ethical Hacking with Kali Linux – Part 6: Nmap (Network Mapper)

> > ‘Nmap’, basically Network Mapper, is a port scanning utility/tool. It helps determine whether ports are open or closed. It also helps find out the operating system running on the host or target machine (along with services of ports).> > We can run Nmap Scripts via CLI and also we can use GUI (Zenmap). Let's Start...(assign the IP of target OS, domain or system along with Nmap)~ nmap 192.168.1.24 The above command gives: Port, State and Services and the MAC of particular 1 IP address.Similarly, for the entire range:~ nmap 192.168.1.0 - 255And for the entire subnet:~ nmap 192.168.1.0/24Now, for only PING scan:~ nmap -sP 192.168.1.* '*' indicates entire subnet or range, and gives the result as 'host is up' and also their MAC address.~ nmap -sS -P0 -sV -o 192.168.1.0-50-sS indicates TCP SYN request, -P0 asks for protocols, -sV indicates version of OS if possible, -o refers for OS if available. 0-50 is for range of IP addresses that Nmap tries to get information from.~ nmap -T5 192.168.1.0/24 -T5 refers to a Timewise scan and makes for a  faster scan.~ nmap --top-ports 15 192.168.1.0/24Scans for the random top 15 ports, which are likely to be open/up often. (Don't perform this scan on network that you don't own.)~ nmap -sT -p80 192.168.1.1-50-sT represents TCP connect scan type probe. -p80 is for port 80. By this Nmap command, we're trying to discover the web services along with their port.~ nmap -v 192.168.1.4-v is for depth scan (takes a little more time)~ nmap 192.168.0.* --exclude 192.168.0.2Scans the network, excluding 1 host, i.e. 192.168.0.2 Let's see NSE (Nmap Script Engine): Built in scripts of Nmap~ nmap --script=default 192.168.1.24 Uses default group of scripts, and gives an in-depth analysis about Nmap scan report. There are lots of other NSE scripts. Run them at your own risks (first read them well, analyze them and only run on the network/system you own or have permission to test.)We can see help for script by executing following Nmap command:~ nmap --script-help discovery Well, well, well. This is all about Nmap. Remember, Nmap is the King of Scanners. There are lots of commands apart from the ones mentioned here. Do research, search them and practice on your own system or network.A quick note: This series is only for educational purpose. Practice this series in a lab, in a virtual/separate network and always avoid illegal activities. If you can, then support us in fighting the bad guys. See the other posts in this series:Ethical Hacking with Kali Linux – Part 1: ObjectiveEthical Hacking with Kali Linux – Part 2: Finding Hidden SSIDSEthical Hacking with Kali Linux – Part 3: Bypassing Mac Address FilterEthical Hacking with Kali Linux – Part 4: Breaking WPA2 WirelessEthical Hacking with Kali Linux – Part 5: Rogue Wireless Access Points
By : Bijay AcharyaFollow me : twitter.com/acharya_bijaySubscribe my Tutorial Channel : youtube.com/studentvideotutorial

Build your Cybersecurity or IT Career

Accelerate in your role, earn new certifications, and develop cutting-edge skills using the fastest growing catalog in the industry