SlideShare a Scribd company logo

Zen map

Download as PPTX, PDF
H
harisnaved

ZENMAP DETAILED EXPLANATION

Education
1 of 33
Zenmap
Group Members: Haider ali: 17114117-002 Haris Naveed: 17114119-029 Almas Ashraf: 17114119-057
Agenda • Hisotry • Introduction • Purpose of a Graphical Frontend for Nmap- Features • Screenshots • Results • Conclusion • References
History: An Nmap GUI created during the Google-sponsored Nmap Summer of Code in 2005 and 2006. The primary author of Umit was Adriano Monteiro Marques. When Umit was modified and integrated into Nmap in 2007, it was renamed Zenmap.
Introduction • Zenmap is the official Nmap Security Scanner GUI. • It is a multi-platform free and open source application which aims to make Nmap easy for beginners to use. • It provides advanced features for experienced Nmap users. • Frequently used scans can be saved as profiles to make them easy to run repeatedly. • Saved scan results can be compared with one another to see how they differ. • The results of recent scans are stored in a searchable database.
The Purpose of a Graphical Frontend for Nmap • The nature of a frontend is that it depends on another tool to do its job. • Therefore the purpose of Zen-map is not to replace Nmap, but to make Nmap more useful
Feature overNmap • Interactive and graphical resultsviewing: • In Addition to showing Nmap's normal output, Zenmap can arrange its display to show all ports on a host or all hosts running a particular service. • Zenmap can draw a topology map of discovered networks. • The results of several scans may be combined together and viewed at once. • Comparison • Zenmap has the ability to show the differences between two scans. • You can see what changed between the same scan run on different days, between scans of two different hosts, between scans of the same hosts with different options, or any othercombination. • This allows administrators to easily track new hosts or services appearing on their networks, or existing ones goingdown.
Features overNmap • Convenience • Zenmap keeps track of scans until deleted.That means you can run a scan, see the results, and then decide whether to save them to a fileor delete. • Repeatability • Zenmap's command profiles make it easy to run the exactsame scan more than once. • There's no need to set up a shell script to do a common scan. • Discoverability • Nmap has literally hundreds of options, which can be confusing for beginners. • Zenmap's interface is designed to always show the command that will be run, whether it comes from a profile or was built up by choosing options from a menu.
SCANNING • Clicking the Zen-map icon in the desktop environment. The main window, as shown in • One of Zen map's goals is to make security scanning easy for beginners and for experts • Scan Aggregation • Zenmap has the ability to combine the results of many Nmap scans into one view, a feature known as scan aggregation
Network Inventory: • When one scan is finished, you may start another in the same window. When the second scan is finished, its results are merged with those from the first. The collection of scans that make up an aggregated view is called a network inventory.
Interpreting Scan Results Scan Results Tabs: Each scan window contains five tabs which each display different aspects of the scan results. They are: “Nmap Output”, “Ports / Hosts”, “Topology”, “Host Details”, and “Scans”. The “Nmap Output” tab The “Nmap Output” tab is displayed by default when a scan is run. It shows the familiar Nmap terminal output .
The “Ports / Hosts” tab The “Ports / Hosts” tab's display a host or a service is currently selected. When a host is selected, it shows all the interesting ports on that host, along with version information when available.
The “Topology” tab The “Topology” tab is an interactive view of the connections between hosts in a network.
The “Host Details” tab The “Host Details” tab breaks all the information about a single host into a hierarchical display. Shown are the host's names and addresses, its state (up or down), and the number and status of scanned ports
The “Scans” tab The “Scans” tab shows all the scans that are aggregated to make up the network inventory. From this tab you can add scans (from a file or directory) and remove scans. While a scan is executing and not yet complete, its status is “Running”. You may cancel a running scan by clicking the “Cancel Scan” button.
Intense scan: Command: nmap -T4 -A -v <target> Should be reasonable quick, scan the most common TCP ports. It will make an effort in determining the OS type and what services and their versions are running. This comes from having a pretty fast timing template (-T4) and for using the -A option which will try determine services, versions and OS. With the verbose output (-v) it will also give us a lot of feedback as Nmap makes progress in the scan. Intense scan plus UDP: Command: nmap -sS -sU -T4 -A -v <target> Same as the regular Intense scan, just that we will also scan UDP ports (-sU). The -sS option is telling Nmap that it should also scan TCP ports using SYN packets. Because this scan includes UDP ports this explicit definition of -sS is necessary.
Intense scan, all TCP ports: Command: nmap -p 1-65535 -T4 -A -v <target> Leave no TCP ports unchecked. Normally Nmap scans a list of 1000 most common protocols, but instead we will in this example scan everything from port 1 to 65535 (max). The 1000 most common protocols listing can be found in the file called nmap-services. Intense scan, no ping Command: nmap -T4 -A -v -Pn <target> Just like the other intense scans, however this will assume the host is up. Usefull if the target is blocking ping request and you already know the target is up. Ping scan; Command: nmap -sn <target> Do only a ping only on the target, no port scan. Quick scan: Command: nmap -T4 -F <target> Scan faster than the intense scan by limiting the number of TCP ports scanned to only the top 100 most common TCP ports
Quick scan plus: Command: nmap -sV -T4 -O -F –version-light <target> Add a little bit of version and OS detection and you got the Quick scan plus. Quick traceroute: Command: nmap -sn –traceroute <target> Use this option when you need to determine hosts and routers in a network scan. It will traceroute and ping all hosts defined in the target. Regular scan: Command: nmap <target> Default everything. This means it will issue a TCP SYN scan for the most common 1000 TCP ports, using ICMP Echo request (ping) for host detection.
The options: -T4 This is an option for timing template. Numbers range from 0-5 where 5 is the fastest and 0 is the slowest. -A This options makes Nmap make an effort in identifying the target OS, services and the versions. It also does traceroute and applies NSE scripts to detect additional information. -v Increased verbosity. This will give your extra information in the data outputted by Nmap. -sS Perform a TCP SYN connect scan. This just means that Nmap will send a TCP SYN packet just like any normal application would do. -sU Perform an UDP scan. Because UDP is unreliable it is not as easy to determine if ports are open as it is with TCP. The UDP scan sends an UDP packet with an empty header to the target port. If the port is closed the OS should reply with an ICMP port unreachable error, however if the port is open it does not necessarily mean that the service will reply with anything. -sN TCP Null scan. This option sends TCP packets with none of the TCP flags set in the packet. If the scan is returned a RST packet it means the port is closed, however if nothing is returned it is either filtered or open -sV Actively probe open ports to try determine what service and version they are running. When running this scan against my webserver it resulted in 14 packets being transmitted between client and server, in contrast to just 2 packets as with a regular SYN scan.
The options: -Pn Assume the host is up thus skipping the host discovery phase. -sn Only send ping packet to the target, no port scanning. This is usefull if you need to determine what hosts are in the vicinity, but do not want to scan them yet. Do not mistake this for the TCP Null scan (-sN); Nmap is case sensitive. -PY Very much like a TCP SYN scan, this just utilizes the SCTP (Stream Control Transmission Protocol) instead. -PS Also used for host discovery. This option simply relies on a port (default 80) to reply to an empty SYN packet, as is with default TCP behaviour. Simple is often good.
1. Basic Nmap Scan against IP or host nmap 1.1.1.1 Now, if you want to scan a hostname, simply replace the IP for the host, as you see below: nmap cloudflare.com These kinds of basic scans are perfect for your first steps when starting with Nmap. 2. Scan specific ports or scan entire port ranges on a local or remote server nmap -p 1-65535 localhost In this example, we scanned all 65535 ports for our localhost computer.
Useful command-line based scans that can be performed using Nmap.
Screenshot Interface
Screenshots Results
Screenshots Results
Screenshots Results
Screenshots Results
Conclusion • Network monitoring is a crucial activity to prevent any network from intrusions. • Scanning of network issues will make us aware of the potential network attacks and helps us to prepare a prevention plan to avoid them. • Zenmap provides a simple and easy interface for novice users. • Zenmap also provides interfaces for viewing multiple scan results at once.
Reference • https://www.softwaretestinghelp.com/network-scanning-tools/ • https://nmap.org/book/zenmap-results.html
Thank you

Recommended

NMap
NMapNMap
NMapPritesh Raka
 
Nmap(network mapping)
Nmap(network mapping)Nmap(network mapping)
Nmap(network mapping)shwetha mk
 
Scanning with nmap
Scanning with nmapScanning with nmap
Scanning with nmapcommiebstrd
 
NMAP
NMAPNMAP
NMAPPrateekAryan1
 
Network Scanning Phases and Supporting Tools
Network Scanning Phases and Supporting ToolsNetwork Scanning Phases and Supporting Tools
Network Scanning Phases and Supporting ToolsJoseph Bugeja
 
Nmap and metasploitable
Nmap and metasploitableNmap and metasploitable
Nmap and metasploitableMohammed Akbar Shariff
 
Nmap basics
Nmap basicsNmap basics
Nmap basicsn|u - The Open Security Community
 
Nmap scripting engine
Nmap scripting engineNmap scripting engine
Nmap scripting enginen|u - The Open Security Community
 

Recommended

NMap
NMapNMap
NMapPritesh Raka
 
Nmap(network mapping)
Nmap(network mapping)Nmap(network mapping)
Nmap(network mapping)shwetha mk
 
Scanning with nmap
Scanning with nmapScanning with nmap
Scanning with nmapcommiebstrd
 
NMAP
NMAPNMAP
NMAPPrateekAryan1
 
Network Scanning Phases and Supporting Tools
Network Scanning Phases and Supporting ToolsNetwork Scanning Phases and Supporting Tools
Network Scanning Phases and Supporting ToolsJoseph Bugeja
 
Nmap and metasploitable
Nmap and metasploitableNmap and metasploitable
Nmap and metasploitableMohammed Akbar Shariff
 
Nmap basics
Nmap basicsNmap basics
Nmap basicsn|u - The Open Security Community
 
Nmap scripting engine
Nmap scripting engineNmap scripting engine
Nmap scripting enginen|u - The Open Security Community
 
Nmap Basics
Nmap BasicsNmap Basics
Nmap Basicsamiable_indian
 
Network Mapper (NMAP)
Network Mapper (NMAP)Network Mapper (NMAP)
Network Mapper (NMAP)KHNOG
 
Recon with Nmap
Recon with Nmap Recon with Nmap
Recon with Nmap OWASP Delhi
 
Nmap
NmapNmap
NmapMegha Sahu
 
Network Penetration Testing
Network Penetration TestingNetwork Penetration Testing
Network Penetration TestingMohammed Adam
 
Understanding NMAP
Understanding NMAPUnderstanding NMAP
Understanding NMAPPhannarith Ou, G-CISO
 
Nmap commands
Nmap commandsNmap commands
Nmap commandsKailash Kumar
 
Nmap
NmapNmap
NmapSreekanth Narendran
 
Packet capture in network security
Packet capture in network securityPacket capture in network security
Packet capture in network securityChippy Thomas
 
Hacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning TechniquesHacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning Techniquesamiable_indian
 
Nmap tutorial
Nmap tutorialNmap tutorial
Nmap tutorialVarun Kakumani
 
Nmap Hacking Guide
Nmap Hacking GuideNmap Hacking Guide
Nmap Hacking GuideAryan G
 
Nmap basics
Nmap basicsNmap basics
Nmap basicsitmind4u
 
NMAP - The Network Scanner
NMAP - The Network ScannerNMAP - The Network Scanner
NMAP - The Network Scannern|u - The Open Security Community
 
N map presentation
N map presentationN map presentation
N map presentationulirraptor
 
Nmap 9 truth "Nothing to say any more"
Nmap 9 truth "Nothing to say any more"Nmap 9 truth "Nothing to say any more"
Nmap 9 truth "Nothing to say any more"abend_cve_9999_0001
 
Port scanning
Port scanningPort scanning
Port scanningHemanth Pasumarthi
 
Module 2 Foot Printing
Module 2 Foot PrintingModule 2 Foot Printing
Module 2 Foot Printingleminhvuong
 
System hacking
System hackingSystem hacking
System hackingCAS
 
Pentest with Metasploit
Pentest with MetasploitPentest with Metasploit
Pentest with MetasploitM.Syarifudin, ST, OSCP, OSWP
 
Nmap
NmapNmap
NmapFat-Thing Gabriel-Culley
 
NMap 101 offline meetup by CyberForge Academy
NMap 101 offline meetup by CyberForge AcademyNMap 101 offline meetup by CyberForge Academy
NMap 101 offline meetup by CyberForge Academycyberforgeacademy
 

More Related Content

What's hot

Network Mapper (NMAP)
Network Mapper (NMAP)Network Mapper (NMAP)
Network Mapper (NMAP)KHNOG
 
Recon with Nmap
Recon with Nmap Recon with Nmap
Recon with Nmap OWASP Delhi
 
Network Penetration Testing
Network Penetration TestingNetwork Penetration Testing
Network Penetration TestingMohammed Adam
 
Packet capture in network security
Packet capture in network securityPacket capture in network security
Packet capture in network securityChippy Thomas
 
Hacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning TechniquesHacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning Techniquesamiable_indian
 
Nmap Hacking Guide
Nmap Hacking GuideNmap Hacking Guide
Nmap Hacking GuideAryan G
 
Nmap basics
Nmap basicsNmap basics
Nmap basicsitmind4u
 
N map presentation
N map presentationN map presentation
N map presentationulirraptor
 
Nmap 9 truth "Nothing to say any more"
Nmap 9 truth "Nothing to say any more"Nmap 9 truth "Nothing to say any more"
Nmap 9 truth "Nothing to say any more"abend_cve_9999_0001
 
Module 2 Foot Printing
Module 2 Foot PrintingModule 2 Foot Printing
Module 2 Foot Printingleminhvuong
 
System hacking
System hackingSystem hacking
System hackingCAS
 

What's hot (20)

Nmap Basics
Nmap BasicsNmap Basics
Nmap Basics
 
Network Mapper (NMAP)
Network Mapper (NMAP)Network Mapper (NMAP)
Network Mapper (NMAP)
 
Recon with Nmap
Recon with Nmap Recon with Nmap
Recon with Nmap
 
Nmap
NmapNmap
Nmap
 
Network Penetration Testing
Network Penetration TestingNetwork Penetration Testing
Network Penetration Testing
 
Understanding NMAP
Understanding NMAPUnderstanding NMAP
Understanding NMAP
 
Nmap commands
Nmap commandsNmap commands
Nmap commands
 
Nmap
NmapNmap
Nmap
 
Packet capture in network security
Packet capture in network securityPacket capture in network security
Packet capture in network security
 
Hacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning TechniquesHacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning Techniques
 
Nmap tutorial
Nmap tutorialNmap tutorial
Nmap tutorial
 
Nmap Hacking Guide
Nmap Hacking GuideNmap Hacking Guide
Nmap Hacking Guide
 
Nmap basics
Nmap basicsNmap basics
Nmap basics
 
NMAP - The Network Scanner
NMAP - The Network ScannerNMAP - The Network Scanner
NMAP - The Network Scanner
 
N map presentation
N map presentationN map presentation
N map presentation
 
Nmap 9 truth "Nothing to say any more"
Nmap 9 truth "Nothing to say any more"Nmap 9 truth "Nothing to say any more"
Nmap 9 truth "Nothing to say any more"
 
Port scanning
Port scanningPort scanning
Port scanning
 
Module 2 Foot Printing
Module 2 Foot PrintingModule 2 Foot Printing
Module 2 Foot Printing
 
System hacking
System hackingSystem hacking
System hacking
 
Pentest with Metasploit
Pentest with MetasploitPentest with Metasploit
Pentest with Metasploit
 

Similar to Zen map

NMap 101 offline meetup by CyberForge Academy
NMap 101 offline meetup by CyberForge AcademyNMap 101 offline meetup by CyberForge Academy
NMap 101 offline meetup by CyberForge Academycyberforgeacademy
 
Nmap basics-1198948509608024-3
Nmap basics-1198948509608024-3Nmap basics-1198948509608024-3
Nmap basics-1198948509608024-3Harsh Desai
 
Practical White Hat Hacker Training - Active Information Gathering
Practical White Hat Hacker Training - Active Information GatheringPractical White Hat Hacker Training - Active Information Gathering
Practical White Hat Hacker Training - Active Information GatheringPRISMA CSI
 
Null Delhi chapter - Feb 2019
Null Delhi chapter - Feb 2019Null Delhi chapter - Feb 2019
Null Delhi chapter - Feb 2019Nikhil Raj
 
Christchurch ISIG 27 oct2015
Christchurch ISIG 27 oct2015Christchurch ISIG 27 oct2015
Christchurch ISIG 27 oct2015Kevin Alcock
 
Pet Pen Testing Tools: Zenmap & Nmap
Pet Pen Testing Tools: Zenmap & NmapPet Pen Testing Tools: Zenmap & Nmap
Pet Pen Testing Tools: Zenmap & NmapMatt Vieyra
 
Analysis of ESET Smart Security 6 personal firewall’s thresholds and detectio...
Analysis of ESET Smart Security 6 personal firewall’s thresholds and detectio...Analysis of ESET Smart Security 6 personal firewall’s thresholds and detectio...
Analysis of ESET Smart Security 6 personal firewall’s thresholds and detectio...Andrej Šimko
 
Nmap Discovery
Nmap DiscoveryNmap Discovery
Nmap DiscoveryTai Pan
 
Network scanning with nmap
Network scanning with nmapNetwork scanning with nmap
Network scanning with nmapAshish Jha
 
Lab-5 Scanning and Enumeration Reconnaissance and inform.docx
Lab-5 Scanning and Enumeration Reconnaissance and inform.docxLab-5 Scanning and Enumeration Reconnaissance and inform.docx
Lab-5 Scanning and Enumeration Reconnaissance and inform.docxLaticiaGrissomzz
 
Using metasploit
Using metasploitUsing metasploit
Using metasploitCyberRad
 
Network Penetration Testing Toolkit - Nmap, Netcat, and Metasploit Basics
Network Penetration Testing Toolkit - Nmap, Netcat, and Metasploit BasicsNetwork Penetration Testing Toolkit - Nmap, Netcat, and Metasploit Basics
Network Penetration Testing Toolkit - Nmap, Netcat, and Metasploit BasicsBishop Fox
 
Dane presentation
Dane presentationDane presentation
Dane presentationAnkit Singh
 

Similar to Zen map (20)

Nmap
NmapNmap
Nmap
 
NMap 101 offline meetup by CyberForge Academy
NMap 101 offline meetup by CyberForge AcademyNMap 101 offline meetup by CyberForge Academy
NMap 101 offline meetup by CyberForge Academy
 
Nmap basics-1198948509608024-3
Nmap basics-1198948509608024-3Nmap basics-1198948509608024-3
Nmap basics-1198948509608024-3
 
Contents namp
Contents nampContents namp
Contents namp
 
Contents namp
Contents nampContents namp
Contents namp
 
Practical White Hat Hacker Training - Active Information Gathering
Practical White Hat Hacker Training - Active Information GatheringPractical White Hat Hacker Training - Active Information Gathering
Practical White Hat Hacker Training - Active Information Gathering
 
Null Delhi chapter - Feb 2019
Null Delhi chapter - Feb 2019Null Delhi chapter - Feb 2019
Null Delhi chapter - Feb 2019
 
NMAP1.ppt
NMAP1.pptNMAP1.ppt
NMAP1.ppt
 
Christchurch ISIG 27 oct2015
Christchurch ISIG 27 oct2015Christchurch ISIG 27 oct2015
Christchurch ISIG 27 oct2015
 
Pet Pen Testing Tools: Zenmap & Nmap
Pet Pen Testing Tools: Zenmap & NmapPet Pen Testing Tools: Zenmap & Nmap
Pet Pen Testing Tools: Zenmap & Nmap
 
Analysis of ESET Smart Security 6 personal firewall’s thresholds and detectio...
Analysis of ESET Smart Security 6 personal firewall’s thresholds and detectio...Analysis of ESET Smart Security 6 personal firewall’s thresholds and detectio...
Analysis of ESET Smart Security 6 personal firewall’s thresholds and detectio...
 
Nmap Discovery
Nmap DiscoveryNmap Discovery
Nmap Discovery
 
Network scanning with nmap
Network scanning with nmapNetwork scanning with nmap
Network scanning with nmap
 
Lab-5 Scanning and Enumeration Reconnaissance and inform.docx
Lab-5 Scanning and Enumeration Reconnaissance and inform.docxLab-5 Scanning and Enumeration Reconnaissance and inform.docx
Lab-5 Scanning and Enumeration Reconnaissance and inform.docx
 
Network for amin
Network for aminNetwork for amin
Network for amin
 
Using metasploit
Using metasploitUsing metasploit
Using metasploit
 
Network Penetration Testing Toolkit - Nmap, Netcat, and Metasploit Basics
Network Penetration Testing Toolkit - Nmap, Netcat, and Metasploit BasicsNetwork Penetration Testing Toolkit - Nmap, Netcat, and Metasploit Basics
Network Penetration Testing Toolkit - Nmap, Netcat, and Metasploit Basics
 
Backtrack Manual Part3
Backtrack Manual Part3Backtrack Manual Part3
Backtrack Manual Part3
 
Nmap
NmapNmap
Nmap
 
Dane presentation
Dane presentationDane presentation
Dane presentation
 

Recently uploaded

DATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersDATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersSabitha Banu
 
Painted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaPainted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaVirag Sontakke
 
How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17Celine George
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxSayali Powar
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Celine George
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon AUnboundStockton
 
भारत-रोम व्यापार.pptx, Indo-Roman Trade,
भारत-रोम व्यापार.pptx, Indo-Roman Trade,भारत-रोम व्यापार.pptx, Indo-Roman Trade,
भारत-रोम व्यापार.pptx, Indo-Roman Trade,Virag Sontakke
 
History Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptxHistory Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptxsocialsciencegdgrohi
 
Types of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxTypes of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxEyham Joco
 
Capitol Tech U Doctoral Presentation - April 2024.pptx
Capitol Tech U Doctoral Presentation - April 2024.pptxCapitol Tech U Doctoral Presentation - April 2024.pptx
Capitol Tech U Doctoral Presentation - April 2024.pptxCapitolTechU
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxmanuelaromero2013
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxpboyjonauth
 
Biting mechanism of poisonous snakes.pdf
Biting mechanism of poisonous snakes.pdfBiting mechanism of poisonous snakes.pdf
Biting mechanism of poisonous snakes.pdfadityarao40181
 
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfFraming an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfUjwalaBharambe
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxVS Mahajan Coaching Centre
 
Full Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersFull Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersSabitha Banu
 

Recently uploaded (20)

DATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersDATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginners
 
Painted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaPainted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of India
 
How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17
 
ESSENTIAL of (CS/IT/IS) class 06 (database)
ESSENTIAL of (CS/IT/IS) class 06 (database)ESSENTIAL of (CS/IT/IS) class 06 (database)
ESSENTIAL of (CS/IT/IS) class 06 (database)
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon A
 
भारत-रोम व्यापार.pptx, Indo-Roman Trade,
भारत-रोम व्यापार.pptx, Indo-Roman Trade,भारत-रोम व्यापार.pptx, Indo-Roman Trade,
भारत-रोम व्यापार.pptx, Indo-Roman Trade,
 
History Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptxHistory Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptx
 
Types of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxTypes of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptx
 
Capitol Tech U Doctoral Presentation - April 2024.pptx
Capitol Tech U Doctoral Presentation - April 2024.pptxCapitol Tech U Doctoral Presentation - April 2024.pptx
Capitol Tech U Doctoral Presentation - April 2024.pptx
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptx
 
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
 
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdfTataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
 
Biting mechanism of poisonous snakes.pdf
Biting mechanism of poisonous snakes.pdfBiting mechanism of poisonous snakes.pdf
Biting mechanism of poisonous snakes.pdf
 
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfFraming an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
 
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
 
Full Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersFull Stack Web Development Course for Beginners
Full Stack Web Development Course for Beginners
 

Zen map

  • 2. Group Members: Haider ali: 17114117-002 Haris Naveed: 17114119-029 Almas Ashraf: 17114119-057
  • 3. Agenda • Hisotry • Introduction • Purpose of a Graphical Frontend for Nmap- Features • Screenshots • Results • Conclusion • References
  • 4. History: An Nmap GUI created during the Google-sponsored Nmap Summer of Code in 2005 and 2006. The primary author of Umit was Adriano Monteiro Marques. When Umit was modified and integrated into Nmap in 2007, it was renamed Zenmap.
  • 5. Introduction • Zenmap is the official Nmap Security Scanner GUI. • It is a multi-platform free and open source application which aims to make Nmap easy for beginners to use. • It provides advanced features for experienced Nmap users. • Frequently used scans can be saved as profiles to make them easy to run repeatedly. • Saved scan results can be compared with one another to see how they differ. • The results of recent scans are stored in a searchable database.
  • 6. The Purpose of a Graphical Frontend for Nmap • The nature of a frontend is that it depends on another tool to do its job. • Therefore the purpose of Zen-map is not to replace Nmap, but to make Nmap more useful
  • 7. Feature overNmap • Interactive and graphical resultsviewing: • In Addition to showing Nmap's normal output, Zenmap can arrange its display to show all ports on a host or all hosts running a particular service. • Zenmap can draw a topology map of discovered networks. • The results of several scans may be combined together and viewed at once. • Comparison • Zenmap has the ability to show the differences between two scans. • You can see what changed between the same scan run on different days, between scans of two different hosts, between scans of the same hosts with different options, or any othercombination. • This allows administrators to easily track new hosts or services appearing on their networks, or existing ones goingdown.
  • 8. Features overNmap • Convenience • Zenmap keeps track of scans until deleted.That means you can run a scan, see the results, and then decide whether to save them to a fileor delete. • Repeatability • Zenmap's command profiles make it easy to run the exactsame scan more than once. • There's no need to set up a shell script to do a common scan. • Discoverability • Nmap has literally hundreds of options, which can be confusing for beginners. • Zenmap's interface is designed to always show the command that will be run, whether it comes from a profile or was built up by choosing options from a menu.
  • 9. SCANNING • Clicking the Zen-map icon in the desktop environment. The main window, as shown in • One of Zen map's goals is to make security scanning easy for beginners and for experts • Scan Aggregation • Zenmap has the ability to combine the results of many Nmap scans into one view, a feature known as scan aggregation
  • 10. Network Inventory: • When one scan is finished, you may start another in the same window. When the second scan is finished, its results are merged with those from the first. The collection of scans that make up an aggregated view is called a network inventory.
  • 11. Interpreting Scan Results Scan Results Tabs: Each scan window contains five tabs which each display different aspects of the scan results. They are: “Nmap Output”, “Ports / Hosts”, “Topology”, “Host Details”, and “Scans”. The “Nmap Output” tab The “Nmap Output” tab is displayed by default when a scan is run. It shows the familiar Nmap terminal output .
  • 12. The “Ports / Hosts” tab The “Ports / Hosts” tab's display a host or a service is currently selected. When a host is selected, it shows all the interesting ports on that host, along with version information when available.
  • 13. The “Topology” tab The “Topology” tab is an interactive view of the connections between hosts in a network.
  • 14. The “Host Details” tab The “Host Details” tab breaks all the information about a single host into a hierarchical display. Shown are the host's names and addresses, its state (up or down), and the number and status of scanned ports
  • 15. The “Scans” tab The “Scans” tab shows all the scans that are aggregated to make up the network inventory. From this tab you can add scans (from a file or directory) and remove scans. While a scan is executing and not yet complete, its status is “Running”. You may cancel a running scan by clicking the “Cancel Scan” button.
  • 16. Intense scan: Command: nmap -T4 -A -v <target> Should be reasonable quick, scan the most common TCP ports. It will make an effort in determining the OS type and what services and their versions are running. This comes from having a pretty fast timing template (-T4) and for using the -A option which will try determine services, versions and OS. With the verbose output (-v) it will also give us a lot of feedback as Nmap makes progress in the scan. Intense scan plus UDP: Command: nmap -sS -sU -T4 -A -v <target> Same as the regular Intense scan, just that we will also scan UDP ports (-sU). The -sS option is telling Nmap that it should also scan TCP ports using SYN packets. Because this scan includes UDP ports this explicit definition of -sS is necessary.
  • 17. Intense scan, all TCP ports: Command: nmap -p 1-65535 -T4 -A -v <target> Leave no TCP ports unchecked. Normally Nmap scans a list of 1000 most common protocols, but instead we will in this example scan everything from port 1 to 65535 (max). The 1000 most common protocols listing can be found in the file called nmap-services. Intense scan, no ping Command: nmap -T4 -A -v -Pn <target> Just like the other intense scans, however this will assume the host is up. Usefull if the target is blocking ping request and you already know the target is up. Ping scan; Command: nmap -sn <target> Do only a ping only on the target, no port scan. Quick scan: Command: nmap -T4 -F <target> Scan faster than the intense scan by limiting the number of TCP ports scanned to only the top 100 most common TCP ports
  • 18. Quick scan plus: Command: nmap -sV -T4 -O -F –version-light <target> Add a little bit of version and OS detection and you got the Quick scan plus. Quick traceroute: Command: nmap -sn –traceroute <target> Use this option when you need to determine hosts and routers in a network scan. It will traceroute and ping all hosts defined in the target. Regular scan: Command: nmap <target> Default everything. This means it will issue a TCP SYN scan for the most common 1000 TCP ports, using ICMP Echo request (ping) for host detection.
  • 19. The options: -T4 This is an option for timing template. Numbers range from 0-5 where 5 is the fastest and 0 is the slowest. -A This options makes Nmap make an effort in identifying the target OS, services and the versions. It also does traceroute and applies NSE scripts to detect additional information. -v Increased verbosity. This will give your extra information in the data outputted by Nmap. -sS Perform a TCP SYN connect scan. This just means that Nmap will send a TCP SYN packet just like any normal application would do. -sU Perform an UDP scan. Because UDP is unreliable it is not as easy to determine if ports are open as it is with TCP. The UDP scan sends an UDP packet with an empty header to the target port. If the port is closed the OS should reply with an ICMP port unreachable error, however if the port is open it does not necessarily mean that the service will reply with anything. -sN TCP Null scan. This option sends TCP packets with none of the TCP flags set in the packet. If the scan is returned a RST packet it means the port is closed, however if nothing is returned it is either filtered or open -sV Actively probe open ports to try determine what service and version they are running. When running this scan against my webserver it resulted in 14 packets being transmitted between client and server, in contrast to just 2 packets as with a regular SYN scan.
  • 20. The options: -Pn Assume the host is up thus skipping the host discovery phase. -sn Only send ping packet to the target, no port scanning. This is usefull if you need to determine what hosts are in the vicinity, but do not want to scan them yet. Do not mistake this for the TCP Null scan (-sN); Nmap is case sensitive. -PY Very much like a TCP SYN scan, this just utilizes the SCTP (Stream Control Transmission Protocol) instead. -PS Also used for host discovery. This option simply relies on a port (default 80) to reply to an empty SYN packet, as is with default TCP behaviour. Simple is often good.
  • 21. 1. Basic Nmap Scan against IP or host nmap 1.1.1.1 Now, if you want to scan a hostname, simply replace the IP for the host, as you see below: nmap cloudflare.com These kinds of basic scans are perfect for your first steps when starting with Nmap. 2. Scan specific ports or scan entire port ranges on a local or remote server nmap -p 1-65535 localhost In this example, we scanned all 65535 ports for our localhost computer.
  • 22. Useful command-line based scans that can be performed using Nmap.
  • 23.
  • 24.
  • 25.
  • 31. Conclusion • Network monitoring is a crucial activity to prevent any network from intrusions. • Scanning of network issues will make us aware of the potential network attacks and helps us to prepare a prevention plan to avoid them. • Zenmap provides a simple and easy interface for novice users. • Zenmap also provides interfaces for viewing multiple scan results at once.