Category: NMAP

All about nmap tool!

NMAP

Common nmap commands during Pentest

1. Discover live hosts nmap -n -sn -PE -oA live_hosts 192.168.1.0/24nmap -n -sn -PE -oA live_hosts 192.168.1.0/24 2. Discover open TCP ports nmap -sS -vv -p- -oA tcp_ports_65535 192.168.1.15nmap -sS -vv -p- -oA tcp_ports_65535 192.168.1.15 nmap -sS -vv -p- -Pn –reason –open -oA tcp_ports_65535 192.168.1.15nmap -sS -vv -p- -Pn –reason –open -oA tcp_ports_65535 192.168.1.15 nmap …

Nessus, NMAP

Import Nmap results into Nessus

Download the Nmap XML Import plugin from http://tenablesecurity.com/documentation/nmapxml.nasl Copy the nmapxml.nasl file into the Nessus plugins directory C:\ProgramData\Tenable\Nessus\nessus\plugins Run a command prompt as Administrator net stop "Tenable Nessus"net stop "Tenable Nessus" Load Nessus new plugins cd C:\Program Files\Tenable\Nessuscd C:\Program Files\Tenable\Nessus nessusd.exe -ynessusd.exe -y Start the Nessus service net start "Tenable Nessus"net start "Tenable Nessus" Under …

Metasploit, NMAP, Port Scanning

Discover open mysql ports

MySQL is running by default on port 3306. To discover MySQL you can do it either with nmap or with Metasploit’s auxiliary modules.   The NMAP way Nmap is a free and open source network discovery and security auditing utility. It can discover open ports, running services, operating system version and much more. To discover …

NMAP, Port Scanning

Ping with Nmap

Local Network   ARP Ping sudo nmap -PR -sn 192.168.1.0/24 -oN nmap_normal_outputsudo nmap -PR -sn 192.168.1.0/24 -oN nmap_normal_output -PR arp request -sn no port scanning -oN normal output to file   Remote Network   ICMP Echo Request Ping (classic ping) sudo nmap -PE -sn 192.168.1.0/24 -oN nmap_normal_outputsudo nmap -PE -sn 192.168.1.0/24 -oN nmap_normal_output -PE ICMP …

Metasploit, NMAP

Port Scanning with Nmap and Metasploit

Port Scanning Nmap is a free and open source tool for network discovery and security auditing. Nmap is able to determine what hosts are available on the network, what operating systems and services are running on target hosts, identify the type of the firewalls that are in use, and dozens of other capabilities. It is …