SlideShare a Scribd company logo

NMAP

Download as PPTX, PDF
P
PrateekAryan1

Nmap is a network exploration tool that collects information about target hosts including open ports, services, OS detection, and running scripts. It offers various host discovery techniques like ICMP ping, TCP and UDP ping to find active systems on the network. Once hosts are identified, nmap performs port scanning using TCP SYN, ACK, and UDP scans to determine open and closed ports. It can also detect services, versions, and OS on each host. Nmap scripts provide additional information gathering capabilities for vulnerabilities and exploits.

Internet
1 of 72
Basics of NMAP By : Prateek Aryan
What’s NMAP ? -> NMAP is a mapping or a footprinting tool. -> It is used for network exploration. -> NMAP collects information about target host. -> Target can be specified by IP Adress or Domain Name. -> command : nmap 192.168.10.1 or nmap www.google.com
What’s NMAP ? -> Host / Port / Service Discovery -> OS Version Detection -> Service Version Detection -> Vulnerability and Exploit detection using NSE -> Firewall and spoofing evasions.
Installing NMAP -> NMAP is available fo all cross platforms. -> In Linux distros we can install it by using sudo apt-get nmap.
Target Specification
Target Specification -> Target can be a single host or multiple hosts. nmap 192.168.10.1 nmap 192.168.10.2 192.168.10.3 nmap 192.168.10.1-24 -> any random hosts nmap -iR 5
Target Specification ->CIDR Notation nmap 192.168.10.0/24 - scans 192.168.10.0 -192.168.255 nmap 192.168.10.0/0 - scans whole internet
Target Specification -> input from file name nmap -iL URL
Default Scan -> nmap 192.168.10.0/24 ->ping phase : pings all the listed ip address. -> port scan phase : If ip address responds to ping i.e host is online then ->nmap scans all the ports of the ip address ( by default it scans 1000 ports ).
Host Discovery
Host Discovery -> One of the very first steps in any network expolartion mission is to reduce a (sometimes huge) set of IP ranges into a list of active hosts. -> Scanning every port of every single IP address is slow and usually unnecessary. -> Nmap offers a wide variety of options for customizing the techniques used.
Various Host Discovery Techniques -> List Scan ->no port scan -> No ping scan ->TCP SYN Ping -> TCP ACK Ping -> UDP Ping -> Traceroute
Varios Host Discovery Techniques -> ICMP Ping Types -> no dns resolution -> DNS Resolution for all targets
List Scan -> List Scan nmap -sL 192.168.43.0/24 -> simply lists each host of the network specified. -> it doesnt send any packets to the target hosts. -> does DNS resolution.
No port scan -> Does’t do port scan after host discovery ->only prints out the available hosts nmap -sn 192.168.10.0/24
No Ping This options skips the Nmap Discovery Stage nmap -Pn 192.168.10.0/24
TCP SYN Ping -> This option sends an empty TCP packet with the SYN flag set nmap -PS 192.168.10.0/24
TCP ACK Ping -> This option sends an empty TCP packet with ACK flag set. -> nmap -PA 192.168.10.0/24
UDP Ping -> This option sends an empty UDP packets to hosts. -> Generally ACK and SYN packets are blocked by firewall. -> This option helps in bypassing firewall. nmap -PU 192.168.10.0/24
ICMP echo ping -> This options send ICMP echo request to hosts. nmap -PE 192.168.10.0/24
Other options -> --traceroute Traces path to host. -> -n No DNS resolution
PORT Scanning
Port Scanning -> as we have found online hosts .. our next step will be targeting ports of active hosts. -> there are 65,535 ports -> nmap by default scans 1000 ports -> nmap recognizes ports in 6 states.
Port Scanning Six states rezognized by nmap are : ->open ->closed -> filtered ->unfiltered ->open | filered -> close | filtered
Port Scanning Techniques -> TCP SYN Scan -> TCP ACK Scan -> TCP UDP Scan -> TCP Null Scan
TCP SYN Scan -> by defaut nmap scans ports by sending TCP packets with syn flag set nmap -sS 192.168.10.1
TCP ACK Scan -> sends empty TCP Packets with ACK flag set. nmap -sA 192.168.10.1
TCP UDP Scan -> sends UDP packets to ports nmap -sU 192.168.10.1
Other options -> -p port numbers We can specify which port we want to scan. -> -F Fast mode. It only scans 100 important ports.
Version and OS detection
Service and version detection -> nmap can detect service and version of softwares running at ports of hosts. nmap -sV 192.168.10.1
OS version detection -> nmap can detect OS version of the host. nmap -O 192.168.10.1
NMAP Scripting Engines
NMAP Script Engine ->The Nmap Scripting Engine (NSE) is one of Nmap's most powerful and flexible features. -> It allows users to write (and share) simple scripts (using the Lua programming language) to automate a wide variety of networking tasks. -> NMAP also comes with premade scripts ->NSE can even be used for vulnerability exploitation
What’s a script ? -> a script is basically a predefined code written using Lua Programming Language -> this predefined code helps in gathering more information about services running at the ports.
List of Scripts ->nmap comes with premade scripts and are stored in the /usr/share/nmap/scripts -> we can list all the premade scripts ls /usr/share/nmap/scripts
List of scripts -> for different services we have different list of scripts available. -> we can list scripts available for a particular service using grep command. ls /usr/share/nmap/scripts | grep “service_name” -> for example We can list scripts available for http service ls /usr/share/nmap/scripts | grep http
Script Scanning -> default script scanning : for different services default scripts are set -> when default script is run , nmap scan default scripts of services running at ports. nmap -sC scanme.nmap.org
Script Scannning nmap --script=”script_name” 192.168.10.1 -> example nmap --script=http-brute.nse scanme.nmap.org //multiple scripts nmap -script=http-traceroute.nse,http-brute.nse scanme.nmap.org
Interesting Scripts
OUTPUT
OUTPUT -> we can save our scan results in an output file. -> nmap -oN file_name 192.168.10.1 Outputs to given file name. -> nmap -oX file_name 192.168.10.1 -> XML Output to given file name.
Miscellaneous Options
Miscellaneous Options -> verbose scanning Print more information about the scan in progress nmap -v 192.168.10.1 -> aggressive scanning Enables OS (-O) and service detection(-sV) , traceroute(-- traceroute), scriptscanning (-sC) . nmap -A 192.168.10.1
THANK YOU ! :)

Recommended

N map presentation
N map presentationN map presentation
N map presentation
ulirraptor
 
Nmap basics
Nmap basicsNmap basics
Nmap basics
n|u - The Open Security Community
 
NMap
NMapNMap
NMap
Pritesh Raka
 
Understanding NMAP
Understanding NMAPUnderstanding NMAP
Understanding NMAP
Phannarith Ou, G-CISO
 
NMAP - The Network Scanner
NMAP - The Network ScannerNMAP - The Network Scanner
NMAP - The Network Scanner
n|u - The Open Security Community
 
Nmap basics
Nmap basicsNmap basics
Nmap basics
itmind4u
 
Nmap Basics
Nmap BasicsNmap Basics
Nmap Basicsamiable_indian
 
Nmap commands
Nmap commandsNmap commands
Nmap commands
Kailash Kumar
 

Recommended

N map presentation
N map presentationN map presentation
N map presentation
ulirraptor
 
Nmap basics
Nmap basicsNmap basics
Nmap basics
n|u - The Open Security Community
 
NMap
NMapNMap
NMap
Pritesh Raka
 
Understanding NMAP
Understanding NMAPUnderstanding NMAP
Understanding NMAP
Phannarith Ou, G-CISO
 
NMAP - The Network Scanner
NMAP - The Network ScannerNMAP - The Network Scanner
NMAP - The Network Scanner
n|u - The Open Security Community
 
Nmap basics
Nmap basicsNmap basics
Nmap basics
itmind4u
 
Nmap Basics
Nmap BasicsNmap Basics
Nmap Basicsamiable_indian
 
Nmap commands
Nmap commandsNmap commands
Nmap commands
Kailash Kumar
 
Nmap(network mapping)
Nmap(network mapping)Nmap(network mapping)
Nmap(network mapping)
shwetha mk
 
Nmap
NmapNmap
Nmap
Sreekanth Narendran
 
Recon with Nmap
Recon with Nmap Recon with Nmap
Recon with Nmap
OWASP Delhi
 
Nmap
NmapNmap
NmapFat-Thing Gabriel-Culley
 
Scanning with nmap
Scanning with nmapScanning with nmap
Scanning with nmap
commiebstrd
 
Hacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning TechniquesHacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning Techniquesamiable_indian
 
Nmap
NmapNmap
Nmap
Megha Sahu
 
Network Mapper (NMAP)
Network Mapper (NMAP)Network Mapper (NMAP)
Network Mapper (NMAP)
KHNOG
 
Network Security Nmap N Nessus
Network Security Nmap N NessusNetwork Security Nmap N Nessus
Network Security Nmap N NessusUtkarsh Verma
 
Network scanning
Network scanningNetwork scanning
Network scanning
oceanofwebs
 
Wireshark Basic Presentation
Wireshark Basic PresentationWireshark Basic Presentation
Wireshark Basic Presentation
MD. SHORIFUL ISLAM
 
Nmap Hacking Guide
Nmap Hacking GuideNmap Hacking Guide
Nmap Hacking Guide
Aryan G
 
Basic Dynamic Analysis of Malware
Basic Dynamic Analysis of MalwareBasic Dynamic Analysis of Malware
Basic Dynamic Analysis of Malware
Natraj G
 
Nmap scripting engine
Nmap scripting engineNmap scripting engine
Nmap scripting engine
n|u - The Open Security Community
 
Network Penetration Testing
Network Penetration TestingNetwork Penetration Testing
Network Penetration Testing
Mohammed Adam
 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testing
Amine SAIGHI
 
Port Scanning
Port ScanningPort Scanning
Port Scanning
amiable_indian
 
Metasploit framwork
Metasploit framworkMetasploit framwork
Metasploit framwork
Deepanshu Gajbhiye
 
Port scanning
Port scanningPort scanning
Port scanning
Hemanth Pasumarthi
 
Malware Static Analysis
Malware Static AnalysisMalware Static Analysis
Malware Static Analysis
Hossein Yavari
 
Nmap and metasploitable
Nmap and metasploitableNmap and metasploitable
Nmap and metasploitable
Mohammed Akbar Shariff
 
Zen map
Zen mapZen map
Zen map
harisnaved
 

More Related Content

What's hot

Nmap(network mapping)
Nmap(network mapping)Nmap(network mapping)
Nmap(network mapping)
shwetha mk
 
Nmap
NmapNmap
Nmap
Sreekanth Narendran
 
Recon with Nmap
Recon with Nmap Recon with Nmap
Recon with Nmap
OWASP Delhi
 
Scanning with nmap
Scanning with nmapScanning with nmap
Scanning with nmap
commiebstrd
 
Hacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning TechniquesHacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning Techniquesamiable_indian
 
Nmap
NmapNmap
Nmap
Megha Sahu
 
Network Mapper (NMAP)
Network Mapper (NMAP)Network Mapper (NMAP)
Network Mapper (NMAP)
KHNOG
 
Network Security Nmap N Nessus
Network Security Nmap N NessusNetwork Security Nmap N Nessus
Network Security Nmap N NessusUtkarsh Verma
 
Network scanning
Network scanningNetwork scanning
Network scanning
oceanofwebs
 
Wireshark Basic Presentation
Wireshark Basic PresentationWireshark Basic Presentation
Wireshark Basic Presentation
MD. SHORIFUL ISLAM
 
Nmap Hacking Guide
Nmap Hacking GuideNmap Hacking Guide
Nmap Hacking Guide
Aryan G
 
Basic Dynamic Analysis of Malware
Basic Dynamic Analysis of MalwareBasic Dynamic Analysis of Malware
Basic Dynamic Analysis of Malware
Natraj G
 
Nmap scripting engine
Nmap scripting engineNmap scripting engine
Nmap scripting engine
n|u - The Open Security Community
 
Network Penetration Testing
Network Penetration TestingNetwork Penetration Testing
Network Penetration Testing
Mohammed Adam
 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testing
Amine SAIGHI
 
Port Scanning
Port ScanningPort Scanning
Port Scanning
amiable_indian
 
Metasploit framwork
Metasploit framworkMetasploit framwork
Metasploit framwork
Deepanshu Gajbhiye
 
Port scanning
Port scanningPort scanning
Port scanning
Hemanth Pasumarthi
 
Malware Static Analysis
Malware Static AnalysisMalware Static Analysis
Malware Static Analysis
Hossein Yavari
 

What's hot (20)

Nmap(network mapping)
Nmap(network mapping)Nmap(network mapping)
Nmap(network mapping)
 
Nmap
NmapNmap
Nmap
 
Recon with Nmap
Recon with Nmap Recon with Nmap
Recon with Nmap
 
Nmap
NmapNmap
Nmap
 
Scanning with nmap
Scanning with nmapScanning with nmap
Scanning with nmap
 
Hacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning TechniquesHacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning Techniques
 
Nmap
NmapNmap
Nmap
 
Network Mapper (NMAP)
Network Mapper (NMAP)Network Mapper (NMAP)
Network Mapper (NMAP)
 
Network Security Nmap N Nessus
Network Security Nmap N NessusNetwork Security Nmap N Nessus
Network Security Nmap N Nessus
 
Network scanning
Network scanningNetwork scanning
Network scanning
 
Wireshark Basic Presentation
Wireshark Basic PresentationWireshark Basic Presentation
Wireshark Basic Presentation
 
Nmap Hacking Guide
Nmap Hacking GuideNmap Hacking Guide
Nmap Hacking Guide
 
Basic Dynamic Analysis of Malware
Basic Dynamic Analysis of MalwareBasic Dynamic Analysis of Malware
Basic Dynamic Analysis of Malware
 
Nmap scripting engine
Nmap scripting engineNmap scripting engine
Nmap scripting engine
 
Network Penetration Testing
Network Penetration TestingNetwork Penetration Testing
Network Penetration Testing
 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testing
 
Port Scanning
Port ScanningPort Scanning
Port Scanning
 
Metasploit framwork
Metasploit framworkMetasploit framwork
Metasploit framwork
 
Port scanning
Port scanningPort scanning
Port scanning
 
Malware Static Analysis
Malware Static AnalysisMalware Static Analysis
Malware Static Analysis
 

Similar to NMAP

Nmap and metasploitable
Nmap and metasploitableNmap and metasploitable
Nmap and metasploitable
Mohammed Akbar Shariff
 
Zen map
Zen mapZen map
Zen map
harisnaved
 
Null Delhi chapter - Feb 2019
Null Delhi chapter - Feb 2019Null Delhi chapter - Feb 2019
Null Delhi chapter - Feb 2019
Nikhil Raj
 
Backtrack Manual Part3
Backtrack Manual Part3Backtrack Manual Part3
Backtrack Manual Part3
Nutan Kumar Panda
 
NMAP1.ppt
NMAP1.pptNMAP1.ppt
NMAP1.ppt
DakshKhurana15
 
Christchurch ISIG 27 oct2015
Christchurch ISIG 27 oct2015Christchurch ISIG 27 oct2015
Christchurch ISIG 27 oct2015
Kevin Alcock
 
NMap 101 offline meetup by CyberForge Academy
NMap 101 offline meetup by CyberForge AcademyNMap 101 offline meetup by CyberForge Academy
NMap 101 offline meetup by CyberForge Academy
cyberforgeacademy
 
Network for amin
Network for aminNetwork for amin
Network for amin
adnan alshulah
 
01204427-scanner.ppt
01204427-scanner.ppt01204427-scanner.ppt
01204427-scanner.ppt
VarunBehere1
 
Nmap basics-1198948509608024-3
Nmap basics-1198948509608024-3Nmap basics-1198948509608024-3
Nmap basics-1198948509608024-3
Harsh Desai
 
Namp
Namp Namp
Namp
penetration Tester
 
3 scanning-ger paoctes-pub
3 scanning-ger paoctes-pub3 scanning-ger paoctes-pub
3 scanning-ger paoctes-pubCassio Ramos
 
Network Scanning Phases and Supporting Tools
Network Scanning Phases and Supporting ToolsNetwork Scanning Phases and Supporting Tools
Network Scanning Phases and Supporting Tools
Joseph Bugeja
 
Practical White Hat Hacker Training - Active Information Gathering
Practical White Hat Hacker Training - Active Information GatheringPractical White Hat Hacker Training - Active Information Gathering
Practical White Hat Hacker Training - Active Information Gathering
PRISMA CSI
 
Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...
Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...
Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...
idsecconf
 
Using metasploit
Using metasploitUsing metasploit
Using metasploit
CyberRad
 
Network scanning with nmap
Network scanning with nmapNetwork scanning with nmap
Network scanning with nmap
Ashish Jha
 
Commands.pptx
Commands.pptxCommands.pptx
Commands.pptx
ssuser39789f
 
Tc pdump mod
Tc pdump modTc pdump mod
Tc pdump mod
Sini
 
Dane presentation
Dane presentationDane presentation
Dane presentationAnkit Singh
 

Similar to NMAP (20)

Nmap and metasploitable
Nmap and metasploitableNmap and metasploitable
Nmap and metasploitable
 
Zen map
Zen mapZen map
Zen map
 
Null Delhi chapter - Feb 2019
Null Delhi chapter - Feb 2019Null Delhi chapter - Feb 2019
Null Delhi chapter - Feb 2019
 
Backtrack Manual Part3
Backtrack Manual Part3Backtrack Manual Part3
Backtrack Manual Part3
 
NMAP1.ppt
NMAP1.pptNMAP1.ppt
NMAP1.ppt
 
Christchurch ISIG 27 oct2015
Christchurch ISIG 27 oct2015Christchurch ISIG 27 oct2015
Christchurch ISIG 27 oct2015
 
NMap 101 offline meetup by CyberForge Academy
NMap 101 offline meetup by CyberForge AcademyNMap 101 offline meetup by CyberForge Academy
NMap 101 offline meetup by CyberForge Academy
 
Network for amin
Network for aminNetwork for amin
Network for amin
 
01204427-scanner.ppt
01204427-scanner.ppt01204427-scanner.ppt
01204427-scanner.ppt
 
Nmap basics-1198948509608024-3
Nmap basics-1198948509608024-3Nmap basics-1198948509608024-3
Nmap basics-1198948509608024-3
 
Namp
Namp Namp
Namp
 
3 scanning-ger paoctes-pub
3 scanning-ger paoctes-pub3 scanning-ger paoctes-pub
3 scanning-ger paoctes-pub
 
Network Scanning Phases and Supporting Tools
Network Scanning Phases and Supporting ToolsNetwork Scanning Phases and Supporting Tools
Network Scanning Phases and Supporting Tools
 
Practical White Hat Hacker Training - Active Information Gathering
Practical White Hat Hacker Training - Active Information GatheringPractical White Hat Hacker Training - Active Information Gathering
Practical White Hat Hacker Training - Active Information Gathering
 
Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...
Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...
Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...
 
Using metasploit
Using metasploitUsing metasploit
Using metasploit
 
Network scanning with nmap
Network scanning with nmapNetwork scanning with nmap
Network scanning with nmap
 
Commands.pptx
Commands.pptxCommands.pptx
Commands.pptx
 
Tc pdump mod
Tc pdump modTc pdump mod
Tc pdump mod
 
Dane presentation
Dane presentationDane presentation
Dane presentation
 

Recently uploaded

1.Wireless Communication System_Wireless communication is a broad term that i...
1.Wireless Communication System_Wireless communication is a broad term that i...1.Wireless Communication System_Wireless communication is a broad term that i...
1.Wireless Communication System_Wireless communication is a broad term that i...
JeyaPerumal1
 
guildmasters guide to ravnica Dungeons & Dragons 5...
guildmasters guide to ravnica Dungeons & Dragons 5...guildmasters guide to ravnica Dungeons & Dragons 5...
guildmasters guide to ravnica Dungeons & Dragons 5...
Rogerio Filho
 
Living-in-IT-era-Module-7-Imaging-and-Design-for-Social-Impact.pptx
Living-in-IT-era-Module-7-Imaging-and-Design-for-Social-Impact.pptxLiving-in-IT-era-Module-7-Imaging-and-Design-for-Social-Impact.pptx
Living-in-IT-era-Module-7-Imaging-and-Design-for-Social-Impact.pptx
TristanJasperRamos
 
BASIC C++ lecture NOTE C++ lecture 3.pptx
BASIC C++ lecture NOTE C++ lecture 3.pptxBASIC C++ lecture NOTE C++ lecture 3.pptx
BASIC C++ lecture NOTE C++ lecture 3.pptx
natyesu
 
1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样
1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样
1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样
3ipehhoa
 
How to Use Contact Form 7 Like a Pro.pptx
How to Use Contact Form 7 Like a Pro.pptxHow to Use Contact Form 7 Like a Pro.pptx
How to Use Contact Form 7 Like a Pro.pptx
Gal Baras
 
History+of+E-commerce+Development+in+China-www.cfye-commerce.shop
History+of+E-commerce+Development+in+China-www.cfye-commerce.shopHistory+of+E-commerce+Development+in+China-www.cfye-commerce.shop
History+of+E-commerce+Development+in+China-www.cfye-commerce.shop
laozhuseo02
 
Latest trends in computer networking.pptx
Latest trends in computer networking.pptxLatest trends in computer networking.pptx
Latest trends in computer networking.pptx
JungkooksNonexistent
 
test test test test testtest test testtest test testtest test testtest test ...
test test test test testtest test testtest test testtest test testtest test ...test test test test testtest test testtest test testtest test testtest test ...
test test test test testtest test testtest test testtest test testtest test ...
Arif0071
 
Output determination SAP S4 HANA SAP SD CC
Output determination SAP S4 HANA SAP SD CCOutput determination SAP S4 HANA SAP SD CC
Output determination SAP S4 HANA SAP SD CC
ShahulHameed54211
 
急速办(bedfordhire毕业证书)英国贝德福特大学毕业证成绩单原版一模一样
急速办(bedfordhire毕业证书)英国贝德福特大学毕业证成绩单原版一模一样急速办(bedfordhire毕业证书)英国贝德福特大学毕业证成绩单原版一模一样
急速办(bedfordhire毕业证书)英国贝德福特大学毕业证成绩单原版一模一样
3ipehhoa
 
The+Prospects+of+E-Commerce+in+China.pptx
The+Prospects+of+E-Commerce+in+China.pptxThe+Prospects+of+E-Commerce+in+China.pptx
The+Prospects+of+E-Commerce+in+China.pptx
laozhuseo02
 
ER(Entity Relationship) Diagram for online shopping - TAE
ER(Entity Relationship) Diagram for online shopping - TAEER(Entity Relationship) Diagram for online shopping - TAE
ER(Entity Relationship) Diagram for online shopping - TAE
Himani415946
 
Multi-cluster Kubernetes Networking- Patterns, Projects and Guidelines
Multi-cluster Kubernetes Networking- Patterns, Projects and GuidelinesMulti-cluster Kubernetes Networking- Patterns, Projects and Guidelines
Multi-cluster Kubernetes Networking- Patterns, Projects and Guidelines
Sanjeev Rampal
 
This 7-second Brain Wave Ritual Attracts Money To You.!
This 7-second Brain Wave Ritual Attracts Money To You.!This 7-second Brain Wave Ritual Attracts Money To You.!
This 7-second Brain Wave Ritual Attracts Money To You.!
nirahealhty
 
原版仿制(uob毕业证书)英国伯明翰大学毕业证本科学历证书原版一模一样
原版仿制(uob毕业证书)英国伯明翰大学毕业证本科学历证书原版一模一样原版仿制(uob毕业证书)英国伯明翰大学毕业证本科学历证书原版一模一样
原版仿制(uob毕业证书)英国伯明翰大学毕业证本科学历证书原版一模一样
3ipehhoa
 

Recently uploaded (16)

1.Wireless Communication System_Wireless communication is a broad term that i...
1.Wireless Communication System_Wireless communication is a broad term that i...1.Wireless Communication System_Wireless communication is a broad term that i...
1.Wireless Communication System_Wireless communication is a broad term that i...
 
guildmasters guide to ravnica Dungeons & Dragons 5...
guildmasters guide to ravnica Dungeons & Dragons 5...guildmasters guide to ravnica Dungeons & Dragons 5...
guildmasters guide to ravnica Dungeons & Dragons 5...
 
Living-in-IT-era-Module-7-Imaging-and-Design-for-Social-Impact.pptx
Living-in-IT-era-Module-7-Imaging-and-Design-for-Social-Impact.pptxLiving-in-IT-era-Module-7-Imaging-and-Design-for-Social-Impact.pptx
Living-in-IT-era-Module-7-Imaging-and-Design-for-Social-Impact.pptx
 
BASIC C++ lecture NOTE C++ lecture 3.pptx
BASIC C++ lecture NOTE C++ lecture 3.pptxBASIC C++ lecture NOTE C++ lecture 3.pptx
BASIC C++ lecture NOTE C++ lecture 3.pptx
 
1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样
1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样
1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样
 
How to Use Contact Form 7 Like a Pro.pptx
How to Use Contact Form 7 Like a Pro.pptxHow to Use Contact Form 7 Like a Pro.pptx
How to Use Contact Form 7 Like a Pro.pptx
 
History+of+E-commerce+Development+in+China-www.cfye-commerce.shop
History+of+E-commerce+Development+in+China-www.cfye-commerce.shopHistory+of+E-commerce+Development+in+China-www.cfye-commerce.shop
History+of+E-commerce+Development+in+China-www.cfye-commerce.shop
 
Latest trends in computer networking.pptx
Latest trends in computer networking.pptxLatest trends in computer networking.pptx
Latest trends in computer networking.pptx
 
test test test test testtest test testtest test testtest test testtest test ...
test test test test testtest test testtest test testtest test testtest test ...test test test test testtest test testtest test testtest test testtest test ...
test test test test testtest test testtest test testtest test testtest test ...
 
Output determination SAP S4 HANA SAP SD CC
Output determination SAP S4 HANA SAP SD CCOutput determination SAP S4 HANA SAP SD CC
Output determination SAP S4 HANA SAP SD CC
 
急速办(bedfordhire毕业证书)英国贝德福特大学毕业证成绩单原版一模一样
急速办(bedfordhire毕业证书)英国贝德福特大学毕业证成绩单原版一模一样急速办(bedfordhire毕业证书)英国贝德福特大学毕业证成绩单原版一模一样
急速办(bedfordhire毕业证书)英国贝德福特大学毕业证成绩单原版一模一样
 
The+Prospects+of+E-Commerce+in+China.pptx
The+Prospects+of+E-Commerce+in+China.pptxThe+Prospects+of+E-Commerce+in+China.pptx
The+Prospects+of+E-Commerce+in+China.pptx
 
ER(Entity Relationship) Diagram for online shopping - TAE
ER(Entity Relationship) Diagram for online shopping - TAEER(Entity Relationship) Diagram for online shopping - TAE
ER(Entity Relationship) Diagram for online shopping - TAE
 
Multi-cluster Kubernetes Networking- Patterns, Projects and Guidelines
Multi-cluster Kubernetes Networking- Patterns, Projects and GuidelinesMulti-cluster Kubernetes Networking- Patterns, Projects and Guidelines
Multi-cluster Kubernetes Networking- Patterns, Projects and Guidelines
 
This 7-second Brain Wave Ritual Attracts Money To You.!
This 7-second Brain Wave Ritual Attracts Money To You.!This 7-second Brain Wave Ritual Attracts Money To You.!
This 7-second Brain Wave Ritual Attracts Money To You.!
 
原版仿制(uob毕业证书)英国伯明翰大学毕业证本科学历证书原版一模一样
原版仿制(uob毕业证书)英国伯明翰大学毕业证本科学历证书原版一模一样原版仿制(uob毕业证书)英国伯明翰大学毕业证本科学历证书原版一模一样
原版仿制(uob毕业证书)英国伯明翰大学毕业证本科学历证书原版一模一样
 

NMAP

  • 1. Basics of NMAP By : Prateek Aryan
  • 2. What’s NMAP ? -> NMAP is a mapping or a footprinting tool. -> It is used for network exploration. -> NMAP collects information about target host. -> Target can be specified by IP Adress or Domain Name. -> command : nmap 192.168.10.1 or nmap www.google.com
  • 3. What’s NMAP ? -> Host / Port / Service Discovery -> OS Version Detection -> Service Version Detection -> Vulnerability and Exploit detection using NSE -> Firewall and spoofing evasions.
  • 4. Installing NMAP -> NMAP is available fo all cross platforms. -> In Linux distros we can install it by using sudo apt-get nmap.
  • 6. Target Specification -> Target can be a single host or multiple hosts. nmap 192.168.10.1 nmap 192.168.10.2 192.168.10.3 nmap 192.168.10.1-24 -> any random hosts nmap -iR 5
  • 7. Target Specification ->CIDR Notation nmap 192.168.10.0/24 - scans 192.168.10.0 -192.168.255 nmap 192.168.10.0/0 - scans whole internet
  • 8. Target Specification -> input from file name nmap -iL URL
  • 9. Default Scan -> nmap 192.168.10.0/24 ->ping phase : pings all the listed ip address. -> port scan phase : If ip address responds to ping i.e host is online then ->nmap scans all the ports of the ip address ( by default it scans 1000 ports ).
  • 10.
  • 12. Host Discovery -> One of the very first steps in any network expolartion mission is to reduce a (sometimes huge) set of IP ranges into a list of active hosts. -> Scanning every port of every single IP address is slow and usually unnecessary. -> Nmap offers a wide variety of options for customizing the techniques used.
  • 13. Various Host Discovery Techniques -> List Scan ->no port scan -> No ping scan ->TCP SYN Ping -> TCP ACK Ping -> UDP Ping -> Traceroute
  • 14. Varios Host Discovery Techniques -> ICMP Ping Types -> no dns resolution -> DNS Resolution for all targets
  • 15. List Scan -> List Scan nmap -sL 192.168.43.0/24 -> simply lists each host of the network specified. -> it doesnt send any packets to the target hosts. -> does DNS resolution.
  • 16.
  • 17. No port scan -> Does’t do port scan after host discovery ->only prints out the available hosts nmap -sn 192.168.10.0/24
  • 18.
  • 19. No Ping This options skips the Nmap Discovery Stage nmap -Pn 192.168.10.0/24
  • 20.
  • 21. TCP SYN Ping -> This option sends an empty TCP packet with the SYN flag set nmap -PS 192.168.10.0/24
  • 22.
  • 23. TCP ACK Ping -> This option sends an empty TCP packet with ACK flag set. -> nmap -PA 192.168.10.0/24
  • 24.
  • 25. UDP Ping -> This option sends an empty UDP packets to hosts. -> Generally ACK and SYN packets are blocked by firewall. -> This option helps in bypassing firewall. nmap -PU 192.168.10.0/24
  • 26.
  • 27. ICMP echo ping -> This options send ICMP echo request to hosts. nmap -PE 192.168.10.0/24
  • 28.
  • 29. Other options -> --traceroute Traces path to host. -> -n No DNS resolution
  • 30.
  • 31.
  • 33. Port Scanning -> as we have found online hosts .. our next step will be targeting ports of active hosts. -> there are 65,535 ports -> nmap by default scans 1000 ports -> nmap recognizes ports in 6 states.
  • 34. Port Scanning Six states rezognized by nmap are : ->open ->closed -> filtered ->unfiltered ->open | filered -> close | filtered
  • 35. Port Scanning Techniques -> TCP SYN Scan -> TCP ACK Scan -> TCP UDP Scan -> TCP Null Scan
  • 36. TCP SYN Scan -> by defaut nmap scans ports by sending TCP packets with syn flag set nmap -sS 192.168.10.1
  • 37.
  • 38. TCP ACK Scan -> sends empty TCP Packets with ACK flag set. nmap -sA 192.168.10.1
  • 39.
  • 40. TCP UDP Scan -> sends UDP packets to ports nmap -sU 192.168.10.1
  • 41.
  • 42. Other options -> -p port numbers We can specify which port we want to scan. -> -F Fast mode. It only scans 100 important ports.
  • 43. Version and OS detection
  • 44. Service and version detection -> nmap can detect service and version of softwares running at ports of hosts. nmap -sV 192.168.10.1
  • 45.
  • 46. OS version detection -> nmap can detect OS version of the host. nmap -O 192.168.10.1
  • 47.
  • 49. NMAP Script Engine ->The Nmap Scripting Engine (NSE) is one of Nmap's most powerful and flexible features. -> It allows users to write (and share) simple scripts (using the Lua programming language) to automate a wide variety of networking tasks. -> NMAP also comes with premade scripts ->NSE can even be used for vulnerability exploitation
  • 50. What’s a script ? -> a script is basically a predefined code written using Lua Programming Language -> this predefined code helps in gathering more information about services running at the ports.
  • 51. List of Scripts ->nmap comes with premade scripts and are stored in the /usr/share/nmap/scripts -> we can list all the premade scripts ls /usr/share/nmap/scripts
  • 52.
  • 53. List of scripts -> for different services we have different list of scripts available. -> we can list scripts available for a particular service using grep command. ls /usr/share/nmap/scripts | grep “service_name” -> for example We can list scripts available for http service ls /usr/share/nmap/scripts | grep http
  • 54.
  • 55. Script Scanning -> default script scanning : for different services default scripts are set -> when default script is run , nmap scan default scripts of services running at ports. nmap -sC scanme.nmap.org
  • 56.
  • 57. Script Scannning nmap --script=”script_name” 192.168.10.1 -> example nmap --script=http-brute.nse scanme.nmap.org //multiple scripts nmap -script=http-traceroute.nse,http-brute.nse scanme.nmap.org
  • 58.
  • 59.
  • 61.
  • 62.
  • 63.
  • 64.
  • 65.
  • 66.
  • 67.
  • 69. OUTPUT -> we can save our scan results in an output file. -> nmap -oN file_name 192.168.10.1 Outputs to given file name. -> nmap -oX file_name 192.168.10.1 -> XML Output to given file name.
  • 71. Miscellaneous Options -> verbose scanning Print more information about the scan in progress nmap -v 192.168.10.1 -> aggressive scanning Enables OS (-O) and service detection(-sV) , traceroute(-- traceroute), scriptscanning (-sC) . nmap -A 192.168.10.1