top of page
This site was designed with the
.com
website builder. Create your website today.Start Now
Search
  • Writer's pictureHox Framework
    • Sep 19, 2019
    • 2 min read

NMAP (+Zenmap) For Beginners | LBOET | HOXFRAMEWORK

NMAP (+Zenmap) For Beginners | LBOET | HOXFRAMEWORK



Welcome ! In this tutorial we will learn about NMAP , a network mapping tool

that is absolutely genius.

Lets jump into it.


Im using Kali Linux and in it i opened a terminal , right here you can see all your

NMAP options and parameters by just writing " nmap " in the terminal. Also, or even

better and more in depth you can use " man nmap ". "man" Command is a command that

opens tool's manual.


Then you can read about all sorts of scans.

-sS - Stealthscan - it pretty much tricks the recieving server by going "i want this" and

server goes "okay here you go" and then your machine (nmap) goes "Actually no" and

resets itself. Its stealthy but not perfect, a lot of new IDSes can find you.

(IDS = intrusion detection system)

-sT - TCP connect() scan

-----These 3 scans i will seperate in order to explain them easily

-sF -FIN scan

-sN -Null scan

-sX -XMAS scan

> These 3 scan types are better at dealing with IDS. (Keep in mind you have to match the

parameters , scan type with the server and keep the IDS and firewalls in mind in order

to perfectly execute the scan).

>How do they work?

-They expect a CLOSED port to return RST (Reset) when recieving packets while OPENED

ports just DROP the packets.

-Using these you will never send the SYN. BUT that doesnt go for ALL systems.

What im trying to say is, they dont work on Windows. Pretty much.

-sP for a pingscan (mostly for detecting which PCs are online and not the ports)

KEEP IN MIND -sP changed the name to -sn

-sU - UDP scan

-sI - Idle scan

-sO - IP protocol scans

-O - IMPORTANT - fingerprint OS


You can also specify parameters like:

-v for verbose

-F fast scan

-ttl -time to live

And you can use GREP (but dont use it for multiple hosts

because this command just shows open ports- you can use other

GREP commands):

> nmap 192.168.1.102 | grep open


-And you can decoy-scan:

>nmap -sS 192.168.1.1 -D 192.168.1.102

meaning you will scan AS the other host ( in this case thats .102) and our victim is

our gateway (.1)


-Thank you so much for visiting. Have a nice day :)


0 views0 comments

Recent Posts

See All
bottom of page