Port scanning with Metasploit auxiliary

Although nmap is the de-facto port scanner and has become a synonym to port scanning,
Metasploit offers its own port scanners. These port scanners are available in auxiliary modules.
In msfconsole execute

search portscan

to see a list of all available portscanners in MSF.

To select one of the available port scanners, let’s say tcp scanner, execute

use auxiliary/scanner/portscan/tcp

and type

show options

to see a list of available options.

To set the target machine, execute

set RHOSTS ip_address

where ip_address is the IP address of your target machine.

You can also increase threads for a faster port scanning.
Set threads to 50 and run the scanner module by issuing the command

run

 
This post is part of my article about metasploit which was originally published in PenTest Magazine, August issue.

%d bloggers like this: