1. Nmap
Description:
- Nmap (Network Mapper) is an open-source tool used for network discovery and security auditing. It can be used to discover hosts, services, operating systems, and vulnerabilities on a network. It is one of the most popular tools for penetration testers and network administrators.
Examples:
- Basic Host Discovery:
- nmap -sn 192.168.1.0/24
- Basic Host Discovery:
Explanation: Performs a ping scan on the entire network to discover all active hosts without scanning individual ports (-sn stands for “ping scan”).
- Port Scanning:
- nmap -p 1-65535 192.168.1.10
- Port Scanning:
Explanation: Scans all TCP ports (1-65535) on the target machine with IP 192.168.1.10.
- Service Version Detection:
- nmap -sV 192.168.1.10
- Service Version Detection:
Explanation: Attempts to detect the version of services running on the target’s open ports (-sV is used for version detection).
- Operating System Detection:
- nmap -O 192.168.1.10
- Operating System Detection:
Explanation: Attempts to detect the operating system of the target using TCP/IP stack fingerprinting.
- Aggressive Scan:
- nmap -A 192.168.1.10
- Aggressive Scan:
Explanation: Performs OS detection, version detection, script scanning, and traceroute in a single command (-A stands for aggressive).
- Disable Ping:
- nmap -Pn 192.168.1.10
- Disable Ping:
Explanation: Scans the target without pinging it first (-Pn disables host discovery). This is useful when ICMP requests are blocked by the target.