SlideShare a Scribd company logo

NMap 101 offline meetup by CyberForge Academy

C
cyberforgeacademy

NMap 101 meetup by CyberForge Academy

Education
1 of 41
Download to read offline
NMAP 101 Network Scanning and Analysis
● Software Engineer & Researcher at CyberForge Academy ● Final year, B. Tech. CSE @ LPU ● Engaged in Research, Creating course content/setups ● Developing SaaS software and open source tools ● Interned with Web3verse Academy, a Singapore-based startup focused on Web3 education and Namekart, a domain name brokerage firm. ● Interested in Art and craft 🎨 $ whoami
Table of contents 01 04 02 05 03 06 Introduction Why Network Scanning ? Basic Functionalities Nmap Scans Comparison NSE
● Nmap ( Network Mapper) ● Used to discover hosts and services on a target by sending packets and analyzing the responses. ● Released in September 1997 by Gordon Lyon ● Free and Open Source https://github.com/nmap/nmap ● Cross-platform (Windows/Linux/MacOS) What is Nmap ? Image :Nmap: the Network Mapper-Free Security Scanner Image : Gordon Lyon-Wikipedia
Network Scanning
Why Network Scanning? ● Monitoring network health and performance. ● Managing assets effectively. ● Detecting and mitigating security threats efficiently.
Nmap Default Scan Command: nmap <target_ip>
Zenmap - Nmap GUI Zenmap-Zenmap - Official cross-platform Nmap Security Scanner GUI
Scanning Network by Zenmap
Basic Functionalities 1) Host Discovery ● Determines which hosts are available & responsive ● -sn is used for ping scan to only perform host discovery
2) Port Scanning ● Discovers open ports and running services on target devices ● -p-used to scan all 65535 ports on the target device
3) Service Fingerprinting: ● Attempts to determine the version of services running on the open ports ● -sV used for service fingerprinting
4) OS Fingerprinting: ● Attempts to determine the operating system of a target ● -O used for OS detection
Nmap Switches ● -v: Verbose mode for detailed output. ● -T: Timing template for scan speed. ● -T0 (Paranoid): Slow, stealthy scan. ● -T1 (Sneaky): Slightly faster, cautious scan. ● -T2 (Polite): Default balance of speed and stealth. ● -T3 (Normal): Faster scan with more network impact. ● ● -T4 (Aggressive): Rapid scan with higher risk of detection.
Type of Scans 1) Intense Scan ● Packet uses: SYN-ACK,RST (2919 packets) ● Total Ports Scan: 1000 ports ● Command : “nmap -A <target>”
2) Quick Scan ● Total Ports Scan : 100 Ports ● Packet uses: TCP SYN packet ● Command : “nmap -F <target>”
Did You Know This Exist ?
3) Ping Scan ● Focuses exclusively on host discovery ● Packet uses: ICMP Echo Request packet ● Total Ports Scan : 0 ● Command : “nmap -sn <target>”
4)Intense Scan, All TCP Ports ● Total Ports: 65535 ● Packet uses: TCP SYN packet ● Command : “ nmap -p 1-65535 -A <target>”
5) Quick Traceroute ● Combination of a quick ping scan and traceroute ● Total Ports Scan : 0 ● Packet uses: ICMP Echo Request packet ● Command : “ nmap -sn --traceroute <target>”
6) Intense Scan, No Ping ● A thorough scan without relying on ping for host discovery ● Packet uses: TCP SYN packet ● Total Ports Scan: 1000 ● Command : “ nmap -T4 -Pn <target>”
Comparing Common Scans
1) Default Scan ● Packet uses: SYN , RST, ACK Packets (2020 packets ) ● Total Ports Scan: 1,000 most common TCP ports ● Command: nmap <target>
2) Intense Scan ● Packet uses: SYN Packets (SYN-ACK,RST)(2919 packets) ● Total Ports Scan: 1000 ports ● Command : nmap -A <target>
4) Specific Port Scan ● Sends packets to specific ports and analyzes responses ● Determines port status (open, closed, or filtered) based on responses ● Packet uses: TCP packets targeting specified ports (3 packets) ● Command: “nmap -p <port_number> <target>”
Comparison Between all 3 Scans 2020 2919 3
Nmap Scripts ● Nmap scripts are Lua programs ● used to automate tasks like vulnerability detection and service enumeration within Nmap scans. ● Run by NSE (Nmap Scripting Engine)
Nmap Scripts-Discovery ● Used to gather information about hosts within a network Command: nmap--script discovery <target>
● Scripts include : ○ banner:Connects to an open TCP port and prints any response from the service.
● dns-brute: Attempts to enumerate DNS hostnames by brute force guessing of common subdomains
Nmap Scripts-exploit ● To test for and exploit known vulnerabilities in target systems. ● Command: nmap--script exploit <target>
● Scripts include : ○ smtp-vuln-cve2010-4344: Checks SMTP servers for vulnerability CVE-2010-4344
● http-csrf: Tests for CSRF vulnerabilities in HTTP applications ● http-dombased-xss: Detects DOM-based XSS vulnerabilities in HTTP apps ● http-stored-xss: Identifies Stored XSS flaws in HTTP apps
CREDITS: This presentation template was created by Slidesgo, and includes icons by Flaticon, and infographics & images by Freepik Thanks! Do you have any questions? contact@cyberforge.academy +91 8837537763 https://cyberforge.academy https://github.com/CyberForgeAcademy/Workshops

Recommended

Nmap
NmapNmap
NmapMegha Sahu
 
Zen map
Zen mapZen map
Zen mapharisnaved
 
Nmap
NmapNmap
NmapFat-Thing Gabriel-Culley
 
Nmap basics-1198948509608024-3
Nmap basics-1198948509608024-3Nmap basics-1198948509608024-3
Nmap basics-1198948509608024-3Harsh Desai
 
Nmap Basics
Nmap BasicsNmap Basics
Nmap Basicsamiable_indian
 
Nmap basics
Nmap basicsNmap basics
Nmap basicsitmind4u
 
NMap
NMapNMap
NMapPritesh Raka
 
Practical White Hat Hacker Training - Active Information Gathering
Practical White Hat Hacker Training - Active Information GatheringPractical White Hat Hacker Training - Active Information Gathering
Practical White Hat Hacker Training - Active Information GatheringPRISMA CSI
 

Recommended

Nmap
NmapNmap
NmapMegha Sahu
 
Zen map
Zen mapZen map
Zen mapharisnaved
 
Nmap
NmapNmap
NmapFat-Thing Gabriel-Culley
 
Nmap basics-1198948509608024-3
Nmap basics-1198948509608024-3Nmap basics-1198948509608024-3
Nmap basics-1198948509608024-3Harsh Desai
 
Nmap Basics
Nmap BasicsNmap Basics
Nmap Basicsamiable_indian
 
Nmap basics
Nmap basicsNmap basics
Nmap basicsitmind4u
 
NMap
NMapNMap
NMapPritesh Raka
 
Practical White Hat Hacker Training - Active Information Gathering
Practical White Hat Hacker Training - Active Information GatheringPractical White Hat Hacker Training - Active Information Gathering
Practical White Hat Hacker Training - Active Information GatheringPRISMA CSI
 
Nmap and metasploitable
Nmap and metasploitableNmap and metasploitable
Nmap and metasploitableMohammed Akbar Shariff
 
Network Penetration Testing Toolkit - Nmap, Netcat, and Metasploit Basics
Network Penetration Testing Toolkit - Nmap, Netcat, and Metasploit BasicsNetwork Penetration Testing Toolkit - Nmap, Netcat, and Metasploit Basics
Network Penetration Testing Toolkit - Nmap, Netcat, and Metasploit BasicsBishop Fox
 
Network Mapper (NMAP)
Network Mapper (NMAP)Network Mapper (NMAP)
Network Mapper (NMAP)KHNOG
 
Null Delhi chapter - Feb 2019
Null Delhi chapter - Feb 2019Null Delhi chapter - Feb 2019
Null Delhi chapter - Feb 2019Nikhil Raj
 
Recon with Nmap
Recon with Nmap Recon with Nmap
Recon with Nmap OWASP Delhi
 
Contents namp
Contents nampContents namp
Contents nampshwetha mk
 
Contents namp
Contents nampContents namp
Contents nampshwetha mk
 
Nmap commands
Nmap commandsNmap commands
Nmap commandsKailash Kumar
 
Nmap project presentation : Unlocking Network Secrets: Mastering Port Scannin...
Nmap project presentation : Unlocking Network Secrets: Mastering Port Scannin...Nmap project presentation : Unlocking Network Secrets: Mastering Port Scannin...
Nmap project presentation : Unlocking Network Secrets: Mastering Port Scannin...Boston Institute of Analytics
 
Nmap
NmapNmap
NmapNishaYadav177
 
NMAP - The Network Scanner
NMAP - The Network ScannerNMAP - The Network Scanner
NMAP - The Network Scannern|u - The Open Security Community
 
Understanding NMAP
Understanding NMAPUnderstanding NMAP
Understanding NMAPPhannarith Ou, G-CISO
 
Namp
Namp Namp
Namp penetration Tester
 
NMAP1.ppt
NMAP1.pptNMAP1.ppt
NMAP1.pptDakshKhurana15
 
Network for amin
Network for aminNetwork for amin
Network for aminadnan alshulah
 
NMAP
NMAPNMAP
NMAPPrateekAryan1
 
Nmap
NmapNmap
NmapSreekanth Narendran
 
Scanning and Enumeration in Cyber Security.pptx
Scanning and Enumeration in Cyber Security.pptxScanning and Enumeration in Cyber Security.pptx
Scanning and Enumeration in Cyber Security.pptxMahdiHasanSowrav
 
A REVIEW ON NMAP AND ITS FEATURES
A REVIEW ON NMAP AND ITS FEATURESA REVIEW ON NMAP AND ITS FEATURES
A REVIEW ON NMAP AND ITS FEATURESIRJET Journal
 
Nmap Discovery
Nmap DiscoveryNmap Discovery
Nmap DiscoveryTai Pan
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxRoyAbrique
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 

More Related Content

Similar to NMap 101 offline meetup by CyberForge Academy

Network Penetration Testing Toolkit - Nmap, Netcat, and Metasploit Basics
Network Penetration Testing Toolkit - Nmap, Netcat, and Metasploit BasicsNetwork Penetration Testing Toolkit - Nmap, Netcat, and Metasploit Basics
Network Penetration Testing Toolkit - Nmap, Netcat, and Metasploit BasicsBishop Fox
 
Network Mapper (NMAP)
Network Mapper (NMAP)Network Mapper (NMAP)
Network Mapper (NMAP)KHNOG
 
Null Delhi chapter - Feb 2019
Null Delhi chapter - Feb 2019Null Delhi chapter - Feb 2019
Null Delhi chapter - Feb 2019Nikhil Raj
 
Recon with Nmap
Recon with Nmap Recon with Nmap
Recon with Nmap OWASP Delhi
 
Nmap project presentation : Unlocking Network Secrets: Mastering Port Scannin...
Nmap project presentation : Unlocking Network Secrets: Mastering Port Scannin...Nmap project presentation : Unlocking Network Secrets: Mastering Port Scannin...
Nmap project presentation : Unlocking Network Secrets: Mastering Port Scannin...Boston Institute of Analytics
 
Scanning and Enumeration in Cyber Security.pptx
Scanning and Enumeration in Cyber Security.pptxScanning and Enumeration in Cyber Security.pptx
Scanning and Enumeration in Cyber Security.pptxMahdiHasanSowrav
 
A REVIEW ON NMAP AND ITS FEATURES
A REVIEW ON NMAP AND ITS FEATURESA REVIEW ON NMAP AND ITS FEATURES
A REVIEW ON NMAP AND ITS FEATURESIRJET Journal
 
Nmap Discovery
Nmap DiscoveryNmap Discovery
Nmap DiscoveryTai Pan
 

Similar to NMap 101 offline meetup by CyberForge Academy (20)

Nmap and metasploitable
Nmap and metasploitableNmap and metasploitable
Nmap and metasploitable
 
Network Penetration Testing Toolkit - Nmap, Netcat, and Metasploit Basics
Network Penetration Testing Toolkit - Nmap, Netcat, and Metasploit BasicsNetwork Penetration Testing Toolkit - Nmap, Netcat, and Metasploit Basics
Network Penetration Testing Toolkit - Nmap, Netcat, and Metasploit Basics
 
Network Mapper (NMAP)
Network Mapper (NMAP)Network Mapper (NMAP)
Network Mapper (NMAP)
 
Null Delhi chapter - Feb 2019
Null Delhi chapter - Feb 2019Null Delhi chapter - Feb 2019
Null Delhi chapter - Feb 2019
 
Recon with Nmap
Recon with Nmap Recon with Nmap
Recon with Nmap
 
Contents namp
Contents nampContents namp
Contents namp
 
Contents namp
Contents nampContents namp
Contents namp
 
Nmap commands
Nmap commandsNmap commands
Nmap commands
 
Nmap project presentation : Unlocking Network Secrets: Mastering Port Scannin...
Nmap project presentation : Unlocking Network Secrets: Mastering Port Scannin...Nmap project presentation : Unlocking Network Secrets: Mastering Port Scannin...
Nmap project presentation : Unlocking Network Secrets: Mastering Port Scannin...
 
Nmap
NmapNmap
Nmap
 
NMAP - The Network Scanner
NMAP - The Network ScannerNMAP - The Network Scanner
NMAP - The Network Scanner
 
Understanding NMAP
Understanding NMAPUnderstanding NMAP
Understanding NMAP
 
Namp
Namp Namp
Namp
 
NMAP1.ppt
NMAP1.pptNMAP1.ppt
NMAP1.ppt
 
Network for amin
Network for aminNetwork for amin
Network for amin
 
NMAP
NMAPNMAP
NMAP
 
Nmap
NmapNmap
Nmap
 
Scanning and Enumeration in Cyber Security.pptx
Scanning and Enumeration in Cyber Security.pptxScanning and Enumeration in Cyber Security.pptx
Scanning and Enumeration in Cyber Security.pptx
 
A REVIEW ON NMAP AND ITS FEATURES
A REVIEW ON NMAP AND ITS FEATURESA REVIEW ON NMAP AND ITS FEATURES
A REVIEW ON NMAP AND ITS FEATURES
 
Nmap Discovery
Nmap DiscoveryNmap Discovery
Nmap Discovery
 

Recently uploaded

Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxRoyAbrique
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactdawncurless
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxpboyjonauth
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Sapana Sha
 
Science 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsScience 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsKarinaGenton
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdfssuser54595a
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxOH TEIK BIN
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docxPoojaSen20
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3JemimahLaneBuaron
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon AUnboundStockton
 
MENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxMENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxPoojaSen20
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsanshu789521
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13Steve Thomason
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAssociation for Project Management
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesFatimaKhan178732
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxVS Mahajan Coaching Centre
 

Recently uploaded (20)

Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
 
Science 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsScience 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its Characteristics
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptx
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docx
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon A
 
MENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxMENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docx
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha elections
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across Sectors
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and Actinides
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
 

NMap 101 offline meetup by CyberForge Academy

  • 2. ● Software Engineer & Researcher at CyberForge Academy ● Final year, B. Tech. CSE @ LPU ● Engaged in Research, Creating course content/setups ● Developing SaaS software and open source tools ● Interned with Web3verse Academy, a Singapore-based startup focused on Web3 education and Namekart, a domain name brokerage firm. ● Interested in Art and craft 🎨 $ whoami
  • 3. Table of contents 01 04 02 05 03 06 Introduction Why Network Scanning ? Basic Functionalities Nmap Scans Comparison NSE
  • 4. ● Nmap ( Network Mapper) ● Used to discover hosts and services on a target by sending packets and analyzing the responses. ● Released in September 1997 by Gordon Lyon ● Free and Open Source https://github.com/nmap/nmap ● Cross-platform (Windows/Linux/MacOS) What is Nmap ? Image :Nmap: the Network Mapper-Free Security Scanner Image : Gordon Lyon-Wikipedia
  • 6. Why Network Scanning? ● Monitoring network health and performance. ● Managing assets effectively. ● Detecting and mitigating security threats efficiently.
  • 7.
  • 8. Nmap Default Scan Command: nmap <target_ip>
  • 9. Zenmap - Nmap GUI Zenmap-Zenmap - Official cross-platform Nmap Security Scanner GUI
  • 11. Basic Functionalities 1) Host Discovery ● Determines which hosts are available & responsive ● -sn is used for ping scan to only perform host discovery
  • 12. 2) Port Scanning ● Discovers open ports and running services on target devices ● -p-used to scan all 65535 ports on the target device
  • 13. 3) Service Fingerprinting: ● Attempts to determine the version of services running on the open ports ● -sV used for service fingerprinting
  • 14. 4) OS Fingerprinting: ● Attempts to determine the operating system of a target ● -O used for OS detection
  • 15. Nmap Switches ● -v: Verbose mode for detailed output. ● -T: Timing template for scan speed. ● -T0 (Paranoid): Slow, stealthy scan. ● -T1 (Sneaky): Slightly faster, cautious scan. ● -T2 (Polite): Default balance of speed and stealth. ● -T3 (Normal): Faster scan with more network impact. ● ● -T4 (Aggressive): Rapid scan with higher risk of detection.
  • 16. Type of Scans 1) Intense Scan ● Packet uses: SYN-ACK,RST (2919 packets) ● Total Ports Scan: 1000 ports ● Command : “nmap -A <target>”
  • 17.
  • 18. 2) Quick Scan ● Total Ports Scan : 100 Ports ● Packet uses: TCP SYN packet ● Command : “nmap -F <target>”
  • 19. Did You Know This Exist ?
  • 20. 3) Ping Scan ● Focuses exclusively on host discovery ● Packet uses: ICMP Echo Request packet ● Total Ports Scan : 0 ● Command : “nmap -sn <target>”
  • 21. 4)Intense Scan, All TCP Ports ● Total Ports: 65535 ● Packet uses: TCP SYN packet ● Command : “ nmap -p 1-65535 -A <target>”
  • 22. 5) Quick Traceroute ● Combination of a quick ping scan and traceroute ● Total Ports Scan : 0 ● Packet uses: ICMP Echo Request packet ● Command : “ nmap -sn --traceroute <target>”
  • 23. 6) Intense Scan, No Ping ● A thorough scan without relying on ping for host discovery ● Packet uses: TCP SYN packet ● Total Ports Scan: 1000 ● Command : “ nmap -T4 -Pn <target>”
  • 25. 1) Default Scan ● Packet uses: SYN , RST, ACK Packets (2020 packets ) ● Total Ports Scan: 1,000 most common TCP ports ● Command: nmap <target>
  • 26.
  • 27.
  • 28. 2) Intense Scan ● Packet uses: SYN Packets (SYN-ACK,RST)(2919 packets) ● Total Ports Scan: 1000 ports ● Command : nmap -A <target>
  • 29.
  • 30.
  • 31. 4) Specific Port Scan ● Sends packets to specific ports and analyzes responses ● Determines port status (open, closed, or filtered) based on responses ● Packet uses: TCP packets targeting specified ports (3 packets) ● Command: “nmap -p <port_number> <target>”
  • 32.
  • 33. Comparison Between all 3 Scans 2020 2919 3
  • 34. Nmap Scripts ● Nmap scripts are Lua programs ● used to automate tasks like vulnerability detection and service enumeration within Nmap scans. ● Run by NSE (Nmap Scripting Engine)
  • 35. Nmap Scripts-Discovery ● Used to gather information about hosts within a network Command: nmap--script discovery <target>
  • 36. ● Scripts include : ○ banner:Connects to an open TCP port and prints any response from the service.
  • 37. ● dns-brute: Attempts to enumerate DNS hostnames by brute force guessing of common subdomains
  • 38. Nmap Scripts-exploit ● To test for and exploit known vulnerabilities in target systems. ● Command: nmap--script exploit <target>
  • 39. ● Scripts include : ○ smtp-vuln-cve2010-4344: Checks SMTP servers for vulnerability CVE-2010-4344
  • 40. ● http-csrf: Tests for CSRF vulnerabilities in HTTP applications ● http-dombased-xss: Detects DOM-based XSS vulnerabilities in HTTP apps ● http-stored-xss: Identifies Stored XSS flaws in HTTP apps
  • 41. CREDITS: This presentation template was created by Slidesgo, and includes icons by Flaticon, and infographics & images by Freepik Thanks! Do you have any questions? contact@cyberforge.academy +91 8837537763 https://cyberforge.academy https://github.com/CyberForgeAcademy/Workshops