Network vulnerability scanning tool Yes I’am talking about Nmap. Nmap means Network Mapper. It is a vulnerability scanning tool used by many hackers and security researchers for testing there network. Nmap is written by Gordon Lyon. Nmap is released on Phrack magazine on Sept. 1,1997.
In the list of vulnerability scanners there are many tools but the best one is nmap. It is the best tool for network mapping. For rapidly scanning large networks, security audits and for network inventory the nmap is designed.
Features Of Nmap
- Host discovery
- Port scanning
- Version detection
- OS detection
- Scriptable interaction with the target
Host discovery means to determine the accessible hosts on a particular network. For host discovery we can use this command :-
nmap –sS –O 172.xxx.xxx.xxx/29
This is used to determine the ports which are open in host. For port scanning we can use this command :-
nmap -p 80 172.xxx.xxx.xxx
For move commands and how to use them this video is helpful for you.
- nmap x.x.x.x or you can give Range like x.x.x.0-255 or x.x.x.0/24
It scans 1000 TCP Ports by Default.
nmap -sP x.x.x.x you can also give Range like x.x.x.0-255 or x.x.x.0/24
for ping scan.
nmap -sS -PO -sV -o x.x.x.x you can also give range.oppsss somthing went wrong. sorry
-sS for TCP syn scan
-pO for Protocol Scan
-sV for Determine the Version If Possible.
-o for discover the Operating System if Possible.
nmap -T5 x.x.x.x
-T5 Regarding Timming (Faster)
-T1 also regarding timming but its slow its too slow.
nmap –top-port 20 x.x.x.0/24
It display top most likely ports
We also use 100 for top 100 most likely ports.
nmap -sT -p80 x.x.x.0/24
For find who is running web services.
-sT for tcp connect scan.
-p80 for display only tcp port 80.
Now run wireshark and select your interface and click start capture
your network trafick.
Now go to your terminal and type
- nmap -sS x.x.x.0/24 -D x.x.x.x x.x.x.x
-sS for tcp syn scan
-D for decoy that means you can hide your identity when you running scan.
You can also use list of IP address for Decoy option.
Now see on the scan in wireshark.
See decoy option is working in Nmap
- nmap -F x.x.x.0/24
-v for verbose mode
nmap -F x.x.x.0/24 –exclude x.x.x.x
-F for top 100 most likely ports.
–exclude for skip ip address.
nmap -Pn x.x.x.x
-Pn for Ping scan.