SlideShare a Scribd company logo

NMap 101 offline meetup by CyberForge Academy

C
cyberforgeacademy

NMap 101 meetup by CyberForge Academy

Education
1 of 41
Download to read offline
NMAP 101 Network Scanning and Analysis
● Software Engineer & Researcher at CyberForge Academy ● Final year, B. Tech. CSE @ LPU ● Engaged in Research, Creating course content/setups ● Developing SaaS software and open source tools ● Interned with Web3verse Academy, a Singapore-based startup focused on Web3 education and Namekart, a domain name brokerage firm. ● Interested in Art and craft 🎨 $ whoami
Table of contents 01 04 02 05 03 06 Introduction Why Network Scanning ? Basic Functionalities Nmap Scans Comparison NSE
● Nmap ( Network Mapper) ● Used to discover hosts and services on a target by sending packets and analyzing the responses. ● Released in September 1997 by Gordon Lyon ● Free and Open Source https://github.com/nmap/nmap ● Cross-platform (Windows/Linux/MacOS) What is Nmap ? Image :Nmap: the Network Mapper-Free Security Scanner Image : Gordon Lyon-Wikipedia
Network Scanning
Why Network Scanning? ● Monitoring network health and performance. ● Managing assets effectively. ● Detecting and mitigating security threats efficiently.
Nmap Default Scan Command: nmap <target_ip>
Zenmap - Nmap GUI Zenmap-Zenmap - Official cross-platform Nmap Security Scanner GUI
Scanning Network by Zenmap
Basic Functionalities 1) Host Discovery ● Determines which hosts are available & responsive ● -sn is used for ping scan to only perform host discovery
2) Port Scanning ● Discovers open ports and running services on target devices ● -p-used to scan all 65535 ports on the target device
3) Service Fingerprinting: ● Attempts to determine the version of services running on the open ports ● -sV used for service fingerprinting
4) OS Fingerprinting: ● Attempts to determine the operating system of a target ● -O used for OS detection
Nmap Switches ● -v: Verbose mode for detailed output. ● -T: Timing template for scan speed. ● -T0 (Paranoid): Slow, stealthy scan. ● -T1 (Sneaky): Slightly faster, cautious scan. ● -T2 (Polite): Default balance of speed and stealth. ● -T3 (Normal): Faster scan with more network impact. ● ● -T4 (Aggressive): Rapid scan with higher risk of detection.
Type of Scans 1) Intense Scan ● Packet uses: SYN-ACK,RST (2919 packets) ● Total Ports Scan: 1000 ports ● Command : “nmap -A <target>”
2) Quick Scan ● Total Ports Scan : 100 Ports ● Packet uses: TCP SYN packet ● Command : “nmap -F <target>”
Did You Know This Exist ?
3) Ping Scan ● Focuses exclusively on host discovery ● Packet uses: ICMP Echo Request packet ● Total Ports Scan : 0 ● Command : “nmap -sn <target>”
4)Intense Scan, All TCP Ports ● Total Ports: 65535 ● Packet uses: TCP SYN packet ● Command : “ nmap -p 1-65535 -A <target>”
5) Quick Traceroute ● Combination of a quick ping scan and traceroute ● Total Ports Scan : 0 ● Packet uses: ICMP Echo Request packet ● Command : “ nmap -sn --traceroute <target>”
6) Intense Scan, No Ping ● A thorough scan without relying on ping for host discovery ● Packet uses: TCP SYN packet ● Total Ports Scan: 1000 ● Command : “ nmap -T4 -Pn <target>”
Comparing Common Scans
1) Default Scan ● Packet uses: SYN , RST, ACK Packets (2020 packets ) ● Total Ports Scan: 1,000 most common TCP ports ● Command: nmap <target>
2) Intense Scan ● Packet uses: SYN Packets (SYN-ACK,RST)(2919 packets) ● Total Ports Scan: 1000 ports ● Command : nmap -A <target>
4) Specific Port Scan ● Sends packets to specific ports and analyzes responses ● Determines port status (open, closed, or filtered) based on responses ● Packet uses: TCP packets targeting specified ports (3 packets) ● Command: “nmap -p <port_number> <target>”
Comparison Between all 3 Scans 2020 2919 3
Nmap Scripts ● Nmap scripts are Lua programs ● used to automate tasks like vulnerability detection and service enumeration within Nmap scans. ● Run by NSE (Nmap Scripting Engine)
Nmap Scripts-Discovery ● Used to gather information about hosts within a network Command: nmap--script discovery <target>
● Scripts include : ○ banner:Connects to an open TCP port and prints any response from the service.
● dns-brute: Attempts to enumerate DNS hostnames by brute force guessing of common subdomains
Nmap Scripts-exploit ● To test for and exploit known vulnerabilities in target systems. ● Command: nmap--script exploit <target>
● Scripts include : ○ smtp-vuln-cve2010-4344: Checks SMTP servers for vulnerability CVE-2010-4344
● http-csrf: Tests for CSRF vulnerabilities in HTTP applications ● http-dombased-xss: Detects DOM-based XSS vulnerabilities in HTTP apps ● http-stored-xss: Identifies Stored XSS flaws in HTTP apps
CREDITS: This presentation template was created by Slidesgo, and includes icons by Flaticon, and infographics & images by Freepik Thanks! Do you have any questions? contact@cyberforge.academy +91 8837537763 https://cyberforge.academy https://github.com/CyberForgeAcademy/Workshops

Recommended

Nmap
NmapNmap
NmapMegha Sahu
 
Zen map
Zen mapZen map
Zen mapharisnaved
 
Nmap
NmapNmap
NmapFat-Thing Gabriel-Culley
 
Nmap basics-1198948509608024-3
Nmap basics-1198948509608024-3Nmap basics-1198948509608024-3
Nmap basics-1198948509608024-3Harsh Desai
 
Nmap Basics
Nmap BasicsNmap Basics
Nmap Basicsamiable_indian
 
Nmap basics
Nmap basicsNmap basics
Nmap basicsitmind4u
 
NMap
NMapNMap
NMapPritesh Raka
 
Practical White Hat Hacker Training - Active Information Gathering
Practical White Hat Hacker Training - Active Information GatheringPractical White Hat Hacker Training - Active Information Gathering
Practical White Hat Hacker Training - Active Information GatheringPRISMA CSI
 

Recommended

Nmap
NmapNmap
NmapMegha Sahu
 
Zen map
Zen mapZen map
Zen mapharisnaved
 
Nmap
NmapNmap
NmapFat-Thing Gabriel-Culley
 
Nmap basics-1198948509608024-3
Nmap basics-1198948509608024-3Nmap basics-1198948509608024-3
Nmap basics-1198948509608024-3Harsh Desai
 
Nmap Basics
Nmap BasicsNmap Basics
Nmap Basicsamiable_indian
 
Nmap basics
Nmap basicsNmap basics
Nmap basicsitmind4u
 
NMap
NMapNMap
NMapPritesh Raka
 
Practical White Hat Hacker Training - Active Information Gathering
Practical White Hat Hacker Training - Active Information GatheringPractical White Hat Hacker Training - Active Information Gathering
Practical White Hat Hacker Training - Active Information GatheringPRISMA CSI
 
Nmap and metasploitable
Nmap and metasploitableNmap and metasploitable
Nmap and metasploitableMohammed Akbar Shariff
 
Network Penetration Testing Toolkit - Nmap, Netcat, and Metasploit Basics
Network Penetration Testing Toolkit - Nmap, Netcat, and Metasploit BasicsNetwork Penetration Testing Toolkit - Nmap, Netcat, and Metasploit Basics
Network Penetration Testing Toolkit - Nmap, Netcat, and Metasploit BasicsBishop Fox
 
Network Mapper (NMAP)
Network Mapper (NMAP)Network Mapper (NMAP)
Network Mapper (NMAP)KHNOG
 
Null Delhi chapter - Feb 2019
Null Delhi chapter - Feb 2019Null Delhi chapter - Feb 2019
Null Delhi chapter - Feb 2019Nikhil Raj
 
Recon with Nmap
Recon with Nmap Recon with Nmap
Recon with Nmap OWASP Delhi
 
Contents namp
Contents nampContents namp
Contents nampshwetha mk
 
Contents namp
Contents nampContents namp
Contents nampshwetha mk
 
Nmap commands
Nmap commandsNmap commands
Nmap commandsKailash Kumar
 
Nmap project presentation : Unlocking Network Secrets: Mastering Port Scannin...
Nmap project presentation : Unlocking Network Secrets: Mastering Port Scannin...Nmap project presentation : Unlocking Network Secrets: Mastering Port Scannin...
Nmap project presentation : Unlocking Network Secrets: Mastering Port Scannin...Boston Institute of Analytics
 
Nmap
NmapNmap
NmapNishaYadav177
 
NMAP - The Network Scanner
NMAP - The Network ScannerNMAP - The Network Scanner
NMAP - The Network Scannern|u - The Open Security Community
 
Understanding NMAP
Understanding NMAPUnderstanding NMAP
Understanding NMAPPhannarith Ou, G-CISO
 
Namp
Namp Namp
Namp penetration Tester
 
NMAP1.ppt
NMAP1.pptNMAP1.ppt
NMAP1.pptDakshKhurana15
 
Network for amin
Network for aminNetwork for amin
Network for aminadnan alshulah
 
NMAP
NMAPNMAP
NMAPPrateekAryan1
 
Nmap
NmapNmap
NmapSreekanth Narendran
 
Scanning and Enumeration in Cyber Security.pptx
Scanning and Enumeration in Cyber Security.pptxScanning and Enumeration in Cyber Security.pptx
Scanning and Enumeration in Cyber Security.pptxMahdiHasanSowrav
 
A REVIEW ON NMAP AND ITS FEATURES
A REVIEW ON NMAP AND ITS FEATURESA REVIEW ON NMAP AND ITS FEATURES
A REVIEW ON NMAP AND ITS FEATURESIRJET Journal
 
Nmap Discovery
Nmap DiscoveryNmap Discovery
Nmap DiscoveryTai Pan
 
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...fonyou31
 
Advance Mobile Application Development class 07
Advance Mobile Application Development class 07Advance Mobile Application Development class 07
Advance Mobile Application Development class 07Dr. Mazin Mohamed alkathiri
 

More Related Content

Similar to NMap 101 offline meetup by CyberForge Academy

Network Penetration Testing Toolkit - Nmap, Netcat, and Metasploit Basics
Network Penetration Testing Toolkit - Nmap, Netcat, and Metasploit BasicsNetwork Penetration Testing Toolkit - Nmap, Netcat, and Metasploit Basics
Network Penetration Testing Toolkit - Nmap, Netcat, and Metasploit BasicsBishop Fox
 
Network Mapper (NMAP)
Network Mapper (NMAP)Network Mapper (NMAP)
Network Mapper (NMAP)KHNOG
 
Null Delhi chapter - Feb 2019
Null Delhi chapter - Feb 2019Null Delhi chapter - Feb 2019
Null Delhi chapter - Feb 2019Nikhil Raj
 
Recon with Nmap
Recon with Nmap Recon with Nmap
Recon with Nmap OWASP Delhi
 
Nmap project presentation : Unlocking Network Secrets: Mastering Port Scannin...
Nmap project presentation : Unlocking Network Secrets: Mastering Port Scannin...Nmap project presentation : Unlocking Network Secrets: Mastering Port Scannin...
Nmap project presentation : Unlocking Network Secrets: Mastering Port Scannin...Boston Institute of Analytics
 
Scanning and Enumeration in Cyber Security.pptx
Scanning and Enumeration in Cyber Security.pptxScanning and Enumeration in Cyber Security.pptx
Scanning and Enumeration in Cyber Security.pptxMahdiHasanSowrav
 
A REVIEW ON NMAP AND ITS FEATURES
A REVIEW ON NMAP AND ITS FEATURESA REVIEW ON NMAP AND ITS FEATURES
A REVIEW ON NMAP AND ITS FEATURESIRJET Journal
 
Nmap Discovery
Nmap DiscoveryNmap Discovery
Nmap DiscoveryTai Pan
 

Similar to NMap 101 offline meetup by CyberForge Academy (20)

Nmap and metasploitable
Nmap and metasploitableNmap and metasploitable
Nmap and metasploitable
 
Network Penetration Testing Toolkit - Nmap, Netcat, and Metasploit Basics
Network Penetration Testing Toolkit - Nmap, Netcat, and Metasploit BasicsNetwork Penetration Testing Toolkit - Nmap, Netcat, and Metasploit Basics
Network Penetration Testing Toolkit - Nmap, Netcat, and Metasploit Basics
 
Network Mapper (NMAP)
Network Mapper (NMAP)Network Mapper (NMAP)
Network Mapper (NMAP)
 
Null Delhi chapter - Feb 2019
Null Delhi chapter - Feb 2019Null Delhi chapter - Feb 2019
Null Delhi chapter - Feb 2019
 
Recon with Nmap
Recon with Nmap Recon with Nmap
Recon with Nmap
 
Contents namp
Contents nampContents namp
Contents namp
 
Contents namp
Contents nampContents namp
Contents namp
 
Nmap commands
Nmap commandsNmap commands
Nmap commands
 
Nmap project presentation : Unlocking Network Secrets: Mastering Port Scannin...
Nmap project presentation : Unlocking Network Secrets: Mastering Port Scannin...Nmap project presentation : Unlocking Network Secrets: Mastering Port Scannin...
Nmap project presentation : Unlocking Network Secrets: Mastering Port Scannin...
 
Nmap
NmapNmap
Nmap
 
NMAP - The Network Scanner
NMAP - The Network ScannerNMAP - The Network Scanner
NMAP - The Network Scanner
 
Understanding NMAP
Understanding NMAPUnderstanding NMAP
Understanding NMAP
 
Namp
Namp Namp
Namp
 
NMAP1.ppt
NMAP1.pptNMAP1.ppt
NMAP1.ppt
 
Network for amin
Network for aminNetwork for amin
Network for amin
 
NMAP
NMAPNMAP
NMAP
 
Nmap
NmapNmap
Nmap
 
Scanning and Enumeration in Cyber Security.pptx
Scanning and Enumeration in Cyber Security.pptxScanning and Enumeration in Cyber Security.pptx
Scanning and Enumeration in Cyber Security.pptx
 
A REVIEW ON NMAP AND ITS FEATURES
A REVIEW ON NMAP AND ITS FEATURESA REVIEW ON NMAP AND ITS FEATURES
A REVIEW ON NMAP AND ITS FEATURES
 
Nmap Discovery
Nmap DiscoveryNmap Discovery
Nmap Discovery
 

Recently uploaded

Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...fonyou31
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdfQucHHunhnh
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Sapana Sha
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDThiyagu K
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphThiyagu K
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdfQucHHunhnh
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Krashi Coaching
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfSoniaTolstoy
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docxPoojaSen20
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Celine George
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfciinovamais
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfJayanti Pande
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactPECB
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsTechSoup
 
social pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajansocial pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajanpragatimahajan3
 
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...Sapna Thakur
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxSayali Powar
 

Recently uploaded (20)

Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
 
Advance Mobile Application Development class 07
Advance Mobile Application Development class 07Advance Mobile Application Development class 07
Advance Mobile Application Development class 07
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SD
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot Graph
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docx
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdf
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
social pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajansocial pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajan
 
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
 

NMap 101 offline meetup by CyberForge Academy

  • 2. ● Software Engineer & Researcher at CyberForge Academy ● Final year, B. Tech. CSE @ LPU ● Engaged in Research, Creating course content/setups ● Developing SaaS software and open source tools ● Interned with Web3verse Academy, a Singapore-based startup focused on Web3 education and Namekart, a domain name brokerage firm. ● Interested in Art and craft 🎨 $ whoami
  • 3. Table of contents 01 04 02 05 03 06 Introduction Why Network Scanning ? Basic Functionalities Nmap Scans Comparison NSE
  • 4. ● Nmap ( Network Mapper) ● Used to discover hosts and services on a target by sending packets and analyzing the responses. ● Released in September 1997 by Gordon Lyon ● Free and Open Source https://github.com/nmap/nmap ● Cross-platform (Windows/Linux/MacOS) What is Nmap ? Image :Nmap: the Network Mapper-Free Security Scanner Image : Gordon Lyon-Wikipedia
  • 6. Why Network Scanning? ● Monitoring network health and performance. ● Managing assets effectively. ● Detecting and mitigating security threats efficiently.
  • 7.
  • 8. Nmap Default Scan Command: nmap <target_ip>
  • 9. Zenmap - Nmap GUI Zenmap-Zenmap - Official cross-platform Nmap Security Scanner GUI
  • 11. Basic Functionalities 1) Host Discovery ● Determines which hosts are available & responsive ● -sn is used for ping scan to only perform host discovery
  • 12. 2) Port Scanning ● Discovers open ports and running services on target devices ● -p-used to scan all 65535 ports on the target device
  • 13. 3) Service Fingerprinting: ● Attempts to determine the version of services running on the open ports ● -sV used for service fingerprinting
  • 14. 4) OS Fingerprinting: ● Attempts to determine the operating system of a target ● -O used for OS detection
  • 15. Nmap Switches ● -v: Verbose mode for detailed output. ● -T: Timing template for scan speed. ● -T0 (Paranoid): Slow, stealthy scan. ● -T1 (Sneaky): Slightly faster, cautious scan. ● -T2 (Polite): Default balance of speed and stealth. ● -T3 (Normal): Faster scan with more network impact. ● ● -T4 (Aggressive): Rapid scan with higher risk of detection.
  • 16. Type of Scans 1) Intense Scan ● Packet uses: SYN-ACK,RST (2919 packets) ● Total Ports Scan: 1000 ports ● Command : “nmap -A <target>”
  • 17.
  • 18. 2) Quick Scan ● Total Ports Scan : 100 Ports ● Packet uses: TCP SYN packet ● Command : “nmap -F <target>”
  • 19. Did You Know This Exist ?
  • 20. 3) Ping Scan ● Focuses exclusively on host discovery ● Packet uses: ICMP Echo Request packet ● Total Ports Scan : 0 ● Command : “nmap -sn <target>”
  • 21. 4)Intense Scan, All TCP Ports ● Total Ports: 65535 ● Packet uses: TCP SYN packet ● Command : “ nmap -p 1-65535 -A <target>”
  • 22. 5) Quick Traceroute ● Combination of a quick ping scan and traceroute ● Total Ports Scan : 0 ● Packet uses: ICMP Echo Request packet ● Command : “ nmap -sn --traceroute <target>”
  • 23. 6) Intense Scan, No Ping ● A thorough scan without relying on ping for host discovery ● Packet uses: TCP SYN packet ● Total Ports Scan: 1000 ● Command : “ nmap -T4 -Pn <target>”
  • 25. 1) Default Scan ● Packet uses: SYN , RST, ACK Packets (2020 packets ) ● Total Ports Scan: 1,000 most common TCP ports ● Command: nmap <target>
  • 26.
  • 27.
  • 28. 2) Intense Scan ● Packet uses: SYN Packets (SYN-ACK,RST)(2919 packets) ● Total Ports Scan: 1000 ports ● Command : nmap -A <target>
  • 29.
  • 30.
  • 31. 4) Specific Port Scan ● Sends packets to specific ports and analyzes responses ● Determines port status (open, closed, or filtered) based on responses ● Packet uses: TCP packets targeting specified ports (3 packets) ● Command: “nmap -p <port_number> <target>”
  • 32.
  • 33. Comparison Between all 3 Scans 2020 2919 3
  • 34. Nmap Scripts ● Nmap scripts are Lua programs ● used to automate tasks like vulnerability detection and service enumeration within Nmap scans. ● Run by NSE (Nmap Scripting Engine)
  • 35. Nmap Scripts-Discovery ● Used to gather information about hosts within a network Command: nmap--script discovery <target>
  • 36. ● Scripts include : ○ banner:Connects to an open TCP port and prints any response from the service.
  • 37. ● dns-brute: Attempts to enumerate DNS hostnames by brute force guessing of common subdomains
  • 38. Nmap Scripts-exploit ● To test for and exploit known vulnerabilities in target systems. ● Command: nmap--script exploit <target>
  • 39. ● Scripts include : ○ smtp-vuln-cve2010-4344: Checks SMTP servers for vulnerability CVE-2010-4344
  • 40. ● http-csrf: Tests for CSRF vulnerabilities in HTTP applications ● http-dombased-xss: Detects DOM-based XSS vulnerabilities in HTTP apps ● http-stored-xss: Identifies Stored XSS flaws in HTTP apps
  • 41. CREDITS: This presentation template was created by Slidesgo, and includes icons by Flaticon, and infographics & images by Freepik Thanks! Do you have any questions? contact@cyberforge.academy +91 8837537763 https://cyberforge.academy https://github.com/CyberForgeAcademy/Workshops