Uploaded byPrateekAryan1
PPTX, PDF1,650 views

NMAP

Nmap is a network exploration tool that collects information about target hosts including open ports, services, OS detection, and running scripts. It offers various host discovery techniques like ICMP ping, TCP and UDP ping to find active systems on the network. Once hosts are identified, nmap performs port scanning using TCP SYN, ACK, and UDP scans to determine open and closed ports. It can also detect services, versions, and OS on each host. Nmap scripts provide additional information gathering capabilities for vulnerabilities and exploits.

Internet
In this document
Powered by AI

Basics of NMAP: a network exploration tool for host/service discovery and vulnerability detection.

NMAP installation instructions and methods for specifying targets using IP addresses and CIDR notation.

Initial steps in network exploration to identify active hosts using various discovery techniques.

Techniques like List Scan, No Ping, and various ping types for effective host discovery.

Introduction to port scanning, recognizing 65,535 ports and identifying their states.Methods for scanning ports including TCP SYN, ACK, and UDP scans with specific commands.

NMAP's capabilities for detecting services and operating systems running on network hosts.

Overview of NSE features, using Lua scripts for automation, and listing available scripts.

Methods for saving scan results in different formats including standard and XML output.

Additional NMAP scanning options for verbosity, aggression, and advanced features.

Embed presentation

Downloaded 92 times
Basics of NMAP By : Prateek Aryan
What’s NMAP ? -> NMAP is a mapping or a footprinting tool. -> It is used for network exploration. -> NMAP collects information about target host. -> Target can be specified by IP Adress or Domain Name. -> command : nmap 192.168.10.1 or nmap www.google.com
What’s NMAP ? -> Host / Port / Service Discovery -> OS Version Detection -> Service Version Detection -> Vulnerability and Exploit detection using NSE -> Firewall and spoofing evasions.
Installing NMAP -> NMAP is available fo all cross platforms. -> In Linux distros we can install it by using sudo apt-get nmap.
Target Specification
Target Specification -> Target can be a single host or multiple hosts. nmap 192.168.10.1 nmap 192.168.10.2 192.168.10.3 nmap 192.168.10.1-24 -> any random hosts nmap -iR 5
Target Specification ->CIDR Notation nmap 192.168.10.0/24 - scans 192.168.10.0 -192.168.255 nmap 192.168.10.0/0 - scans whole internet
Target Specification -> input from file name nmap -iL URL
Default Scan -> nmap 192.168.10.0/24 ->ping phase : pings all the listed ip address. -> port scan phase : If ip address responds to ping i.e host is online then ->nmap scans all the ports of the ip address ( by default it scans 1000 ports ).
Host Discovery
Host Discovery -> One of the very first steps in any network expolartion mission is to reduce a (sometimes huge) set of IP ranges into a list of active hosts. -> Scanning every port of every single IP address is slow and usually unnecessary. -> Nmap offers a wide variety of options for customizing the techniques used.
Various Host Discovery Techniques -> List Scan ->no port scan -> No ping scan ->TCP SYN Ping -> TCP ACK Ping -> UDP Ping -> Traceroute
Varios Host Discovery Techniques -> ICMP Ping Types -> no dns resolution -> DNS Resolution for all targets
List Scan -> List Scan nmap -sL 192.168.43.0/24 -> simply lists each host of the network specified. -> it doesnt send any packets to the target hosts. -> does DNS resolution.
No port scan -> Does’t do port scan after host discovery ->only prints out the available hosts nmap -sn 192.168.10.0/24
No Ping This options skips the Nmap Discovery Stage nmap -Pn 192.168.10.0/24
TCP SYN Ping -> This option sends an empty TCP packet with the SYN flag set nmap -PS 192.168.10.0/24
TCP ACK Ping -> This option sends an empty TCP packet with ACK flag set. -> nmap -PA 192.168.10.0/24
UDP Ping -> This option sends an empty UDP packets to hosts. -> Generally ACK and SYN packets are blocked by firewall. -> This option helps in bypassing firewall. nmap -PU 192.168.10.0/24
ICMP echo ping -> This options send ICMP echo request to hosts. nmap -PE 192.168.10.0/24
Other options -> --traceroute Traces path to host. -> -n No DNS resolution
PORT Scanning
Port Scanning -> as we have found online hosts .. our next step will be targeting ports of active hosts. -> there are 65,535 ports -> nmap by default scans 1000 ports -> nmap recognizes ports in 6 states.
Port Scanning Six states rezognized by nmap are : ->open ->closed -> filtered ->unfiltered ->open | filered -> close | filtered
Port Scanning Techniques -> TCP SYN Scan -> TCP ACK Scan -> TCP UDP Scan -> TCP Null Scan
TCP SYN Scan -> by defaut nmap scans ports by sending TCP packets with syn flag set nmap -sS 192.168.10.1
TCP ACK Scan -> sends empty TCP Packets with ACK flag set. nmap -sA 192.168.10.1
TCP UDP Scan -> sends UDP packets to ports nmap -sU 192.168.10.1
Other options -> -p port numbers We can specify which port we want to scan. -> -F Fast mode. It only scans 100 important ports.
Version and OS detection
Service and version detection -> nmap can detect service and version of softwares running at ports of hosts. nmap -sV 192.168.10.1
OS version detection -> nmap can detect OS version of the host. nmap -O 192.168.10.1
NMAP Scripting Engines
NMAP Script Engine ->The Nmap Scripting Engine (NSE) is one of Nmap's most powerful and flexible features. -> It allows users to write (and share) simple scripts (using the Lua programming language) to automate a wide variety of networking tasks. -> NMAP also comes with premade scripts ->NSE can even be used for vulnerability exploitation
What’s a script ? -> a script is basically a predefined code written using Lua Programming Language -> this predefined code helps in gathering more information about services running at the ports.
List of Scripts ->nmap comes with premade scripts and are stored in the /usr/share/nmap/scripts -> we can list all the premade scripts ls /usr/share/nmap/scripts
List of scripts -> for different services we have different list of scripts available. -> we can list scripts available for a particular service using grep command. ls /usr/share/nmap/scripts | grep “service_name” -> for example We can list scripts available for http service ls /usr/share/nmap/scripts | grep http
Script Scanning -> default script scanning : for different services default scripts are set -> when default script is run , nmap scan default scripts of services running at ports. nmap -sC scanme.nmap.org
Script Scannning nmap --script=”script_name” 192.168.10.1 -> example nmap --script=http-brute.nse scanme.nmap.org //multiple scripts nmap -script=http-traceroute.nse,http-brute.nse scanme.nmap.org
Interesting Scripts
OUTPUT
OUTPUT -> we can save our scan results in an output file. -> nmap -oN file_name 192.168.10.1 Outputs to given file name. -> nmap -oX file_name 192.168.10.1 -> XML Output to given file name.
Miscellaneous Options
Miscellaneous Options -> verbose scanning Print more information about the scan in progress nmap -v 192.168.10.1 -> aggressive scanning Enables OS (-O) and service detection(-sV) , traceroute(-- traceroute), scriptscanning (-sC) . nmap -A 192.168.10.1
THANK YOU ! :)

More Related Content

PPTX
NMap
byPritesh Raka
 
PPTX
Understanding NMAP
byPhannarith Ou, G-CISO
 
PPTX
Nmap basics
byn|u - The Open Security Community
 
PDF
Nmap commands
byKailash Kumar
 
PDF
Nmap basics
byitmind4u
 
PPTX
Nmap
bySreekanth Narendran
 
PPTX
Ettercap
byPrem Thakkar
 
PDF
Kali linux tutorial
byHarikaReddy115
 
NMap
byPritesh Raka
 
Understanding NMAP
byPhannarith Ou, G-CISO
 
Nmap basics
byn|u - The Open Security Community
 
Nmap commands
byKailash Kumar
 
Nmap basics
byitmind4u
 
Nmap
bySreekanth Narendran
 
Ettercap
byPrem Thakkar
 
Kali linux tutorial
byHarikaReddy115
 

What's hot

PPTX
NMAP - The Network Scanner
byn|u - The Open Security Community
 
PPTX
Nmap
byMegha Sahu
 
PDF
Hacking With Nmap - Scanning Techniques
byamiable_indian
 
PPTX
Recon with Nmap
byOWASP Delhi
 
PPTX
Nmap(network mapping)
byshwetha mk
 
PDF
Nmap Hacking Guide
byAryan G
 
PDF
Nmap Basics
byamiable_indian
 
PDF
Nmap
byFat-Thing Gabriel-Culley
 
PDF
Nmap tutorial
byVarun Kakumani
 
PPTX
N map presentation
byulirraptor
 
PPTX
Nmap and metasploitable
byMohammed Akbar Shariff
 
ODP
Scanning with nmap
bycommiebstrd
 
PPTX
Packet sniffing
byShyama Bhuvanendran
 
PPTX
Wireshark Basic Presentation
byMD. SHORIFUL ISLAM
 
PPTX
Network scanning
byoceanofwebs
 
PDF
Network Mapper (NMAP)
byKHNOG
 
PPTX
Wireshark
bySourav Roy
 
PPTX
Burp suite
bySOURABH DESHMUKH
 
PDF
penetration test using Kali linux ppt
byAbhayNaik8
 
PPTX
Metasploit
byLalith Sai
 
NMAP - The Network Scanner
byn|u - The Open Security Community
 
Nmap
byMegha Sahu
 
Hacking With Nmap - Scanning Techniques
byamiable_indian
 
Recon with Nmap
byOWASP Delhi
 
Nmap(network mapping)
byshwetha mk
 
Nmap Hacking Guide
byAryan G
 
Nmap Basics
byamiable_indian
 
Nmap
byFat-Thing Gabriel-Culley
 
Nmap tutorial
byVarun Kakumani
 
N map presentation
byulirraptor
 
Nmap and metasploitable
byMohammed Akbar Shariff
 
Scanning with nmap
bycommiebstrd
 
Packet sniffing
byShyama Bhuvanendran
 
Wireshark Basic Presentation
byMD. SHORIFUL ISLAM
 
Network scanning
byoceanofwebs
 
Network Mapper (NMAP)
byKHNOG
 
Wireshark
bySourav Roy
 
Burp suite
bySOURABH DESHMUKH
 
penetration test using Kali linux ppt
byAbhayNaik8
 
Metasploit
byLalith Sai
 

Similar to NMAP

PDF
NMap 101 offline meetup by CyberForge Academy
bycyberforgeacademy
 
DOCX
Contents namp
byshwetha mk
 
DOCX
Contents namp
byshwetha mk
 
PDF
O PODER DO NMAP ATRAVÉS DE SEUS COMANDOS.pdf
byMaicon Wendhausen
 
PDF
Nmap is a network scanner created by Gordon Lyon
bymedoelkang600
 
PDF
Complete Nmap Scanning Commands CheatSheet by Hackopedia Utkarsh Thakur
byHackopedia Utkarsh Thakur
 
PPT
Namp
bypenetration Tester
 
PDF
Practical White Hat Hacker Training - Active Information Gathering
byPRISMA CSI
 
PPTX
Zen map
byharisnaved
 
PDF
nmap-150817055204-lva1-app6891_٠٩٥٩٣٥ (1).pdf
bymah902110
 
PDF
Nmap basics-1198948509608024-3
byHarsh Desai
 
PPTX
Cyber security-Active Scanning Networks-Nmap
byAdelSayed9
 
PDF
A COMPREHENSIVE ANALYSIS OF NETWORK SCANNING AND SECURITY ASSESSMENT TOOL
byIJNSA Journal
 
PPTX
Nmap
byNishaYadav177
 
PPTX
Null Delhi chapter - Feb 2019
byNikhil Raj
 
DOCX
This Assignment consists of Amazon Web services
byMahesh688216
 
PPT
NMAP1.ppt
byDakshKhurana15
 
DOCX
Network scanning with nmap
byAshish Jha
 
PDF
Nmap | Network Mapping | Null Bhopal Chapter
byYugansh Holani
 
DOCX
Backtrack Manual Part3
byNutan Kumar Panda
 
NMap 101 offline meetup by CyberForge Academy
bycyberforgeacademy
 
Contents namp
byshwetha mk
 
Contents namp
byshwetha mk
 
O PODER DO NMAP ATRAVÉS DE SEUS COMANDOS.pdf
byMaicon Wendhausen
 
Nmap is a network scanner created by Gordon Lyon
bymedoelkang600
 
Complete Nmap Scanning Commands CheatSheet by Hackopedia Utkarsh Thakur
byHackopedia Utkarsh Thakur
 
Namp
bypenetration Tester
 
Practical White Hat Hacker Training - Active Information Gathering
byPRISMA CSI
 
Zen map
byharisnaved
 
nmap-150817055204-lva1-app6891_٠٩٥٩٣٥ (1).pdf
bymah902110
 
Nmap basics-1198948509608024-3
byHarsh Desai
 
Cyber security-Active Scanning Networks-Nmap
byAdelSayed9
 
A COMPREHENSIVE ANALYSIS OF NETWORK SCANNING AND SECURITY ASSESSMENT TOOL
byIJNSA Journal
 
Nmap
byNishaYadav177
 
Null Delhi chapter - Feb 2019
byNikhil Raj
 
This Assignment consists of Amazon Web services
byMahesh688216
 
NMAP1.ppt
byDakshKhurana15
 
Network scanning with nmap
byAshish Jha
 
Nmap | Network Mapping | Null Bhopal Chapter
byYugansh Holani
 
Backtrack Manual Part3
byNutan Kumar Panda
 

Recently uploaded

PDF
OFFENSIVE OPERATIONS : THE ANATOMY OF A NETWORK TAKEOVER
byBangladesh Network Operators Group
 
PDF
Cybrain Software Solutions – Building Future-Ready Digital Tools
byCybrain Software Solutions
 
PPTX
Facebook: How to Maximize for Everyday Business
byLP3I Surabaya
 
PDF
A La Recherche Du Temps Perdu: In Search of the Cozy Web
byJen Looper
 
PPTX
AI Presentation it all about what is ai and how to implement in real life
byshraddhasule1710
 
PPTX
BTCFi on Starknet,Troves.fi offers automated strategies for Bitcoin users on ...
bytrovesfi
 
PPT
INTRODUCTION_TO_SOFTWARE_APPLICATION.pptx
byMESFINBELAY4
 
PPT
2. Network Desy Jemilan ena Birken ande ahun kuci bilo eyetebekegne newign.ppt
byedget1
 
PPTX
MEANING OF EMOJIS OF SOCIAL MEDIA - RUKUNDO Emmanuel..pptx
bysongsormusics
 
PDF
Automating ISP Networks Using Ansible and IPAM as a Source of Truth [SoT]
byBangladesh Network Operators Group
 
PPTX
ENDNOTE refrencing how to do step by step..
byhumairasohaib19
 
PPTX
ARCHITECTURESACGCHCIUOHCOHCSAKJCOQKCHUO.pptx
bymchlrdpc2921
 
PPTX
evolution of internet (internet journey)
byyamunadevi49
 
OFFENSIVE OPERATIONS : THE ANATOMY OF A NETWORK TAKEOVER
byBangladesh Network Operators Group
 
Cybrain Software Solutions – Building Future-Ready Digital Tools
byCybrain Software Solutions
 
Facebook: How to Maximize for Everyday Business
byLP3I Surabaya
 
A La Recherche Du Temps Perdu: In Search of the Cozy Web
byJen Looper
 
AI Presentation it all about what is ai and how to implement in real life
byshraddhasule1710
 
BTCFi on Starknet,Troves.fi offers automated strategies for Bitcoin users on ...
bytrovesfi
 
INTRODUCTION_TO_SOFTWARE_APPLICATION.pptx
byMESFINBELAY4
 
2. Network Desy Jemilan ena Birken ande ahun kuci bilo eyetebekegne newign.ppt
byedget1
 
MEANING OF EMOJIS OF SOCIAL MEDIA - RUKUNDO Emmanuel..pptx
bysongsormusics
 
Automating ISP Networks Using Ansible and IPAM as a Source of Truth [SoT]
byBangladesh Network Operators Group
 
ENDNOTE refrencing how to do step by step..
byhumairasohaib19
 
ARCHITECTURESACGCHCIUOHCOHCSAKJCOQKCHUO.pptx
bymchlrdpc2921
 
evolution of internet (internet journey)
byyamunadevi49
 

NMAP

  • 1.
    Basics of NMAP By: Prateek Aryan
  • 2.
    What’s NMAP ? ->NMAP is a mapping or a footprinting tool. -> It is used for network exploration. -> NMAP collects information about target host. -> Target can be specified by IP Adress or Domain Name. -> command : nmap 192.168.10.1 or nmap www.google.com
  • 3.
    What’s NMAP ? ->Host / Port / Service Discovery -> OS Version Detection -> Service Version Detection -> Vulnerability and Exploit detection using NSE -> Firewall and spoofing evasions.
  • 4.
    Installing NMAP -> NMAPis available fo all cross platforms. -> In Linux distros we can install it by using sudo apt-get nmap.
  • 5.
  • 6.
    Target Specification -> Targetcan be a single host or multiple hosts. nmap 192.168.10.1 nmap 192.168.10.2 192.168.10.3 nmap 192.168.10.1-24 -> any random hosts nmap -iR 5
  • 7.
    Target Specification ->CIDR Notation nmap192.168.10.0/24 - scans 192.168.10.0 -192.168.255 nmap 192.168.10.0/0 - scans whole internet
  • 8.
    Target Specification -> inputfrom file name nmap -iL URL
  • 9.
    Default Scan -> nmap192.168.10.0/24 ->ping phase : pings all the listed ip address. -> port scan phase : If ip address responds to ping i.e host is online then ->nmap scans all the ports of the ip address ( by default it scans 1000 ports ).
  • 11.
  • 12.
    Host Discovery -> Oneof the very first steps in any network expolartion mission is to reduce a (sometimes huge) set of IP ranges into a list of active hosts. -> Scanning every port of every single IP address is slow and usually unnecessary. -> Nmap offers a wide variety of options for customizing the techniques used.
  • 13.
    Various Host DiscoveryTechniques -> List Scan ->no port scan -> No ping scan ->TCP SYN Ping -> TCP ACK Ping -> UDP Ping -> Traceroute
  • 14.
    Varios Host DiscoveryTechniques -> ICMP Ping Types -> no dns resolution -> DNS Resolution for all targets
  • 15.
    List Scan -> ListScan nmap -sL 192.168.43.0/24 -> simply lists each host of the network specified. -> it doesnt send any packets to the target hosts. -> does DNS resolution.
  • 17.
    No port scan ->Does’t do port scan after host discovery ->only prints out the available hosts nmap -sn 192.168.10.0/24
  • 19.
    No Ping This optionsskips the Nmap Discovery Stage nmap -Pn 192.168.10.0/24
  • 21.
    TCP SYN Ping ->This option sends an empty TCP packet with the SYN flag set nmap -PS 192.168.10.0/24
  • 23.
    TCP ACK Ping ->This option sends an empty TCP packet with ACK flag set. -> nmap -PA 192.168.10.0/24
  • 25.
    UDP Ping -> Thisoption sends an empty UDP packets to hosts. -> Generally ACK and SYN packets are blocked by firewall. -> This option helps in bypassing firewall. nmap -PU 192.168.10.0/24
  • 27.
    ICMP echo ping ->This options send ICMP echo request to hosts. nmap -PE 192.168.10.0/24
  • 29.
    Other options -> --traceroute Tracespath to host. -> -n No DNS resolution
  • 32.
  • 33.
    Port Scanning -> aswe have found online hosts .. our next step will be targeting ports of active hosts. -> there are 65,535 ports -> nmap by default scans 1000 ports -> nmap recognizes ports in 6 states.
  • 34.
    Port Scanning Six statesrezognized by nmap are : ->open ->closed -> filtered ->unfiltered ->open | filered -> close | filtered
  • 35.
    Port Scanning Techniques ->TCP SYN Scan -> TCP ACK Scan -> TCP UDP Scan -> TCP Null Scan
  • 36.
    TCP SYN Scan ->by defaut nmap scans ports by sending TCP packets with syn flag set nmap -sS 192.168.10.1
  • 38.
    TCP ACK Scan ->sends empty TCP Packets with ACK flag set. nmap -sA 192.168.10.1
  • 40.
    TCP UDP Scan ->sends UDP packets to ports nmap -sU 192.168.10.1
  • 42.
    Other options -> -pport numbers We can specify which port we want to scan. -> -F Fast mode. It only scans 100 important ports.
  • 43.
    Version and OSdetection
  • 44.
    Service and versiondetection -> nmap can detect service and version of softwares running at ports of hosts. nmap -sV 192.168.10.1
  • 46.
    OS version detection ->nmap can detect OS version of the host. nmap -O 192.168.10.1
  • 48.
  • 49.
    NMAP Script Engine ->TheNmap Scripting Engine (NSE) is one of Nmap's most powerful and flexible features. -> It allows users to write (and share) simple scripts (using the Lua programming language) to automate a wide variety of networking tasks. -> NMAP also comes with premade scripts ->NSE can even be used for vulnerability exploitation
  • 50.
    What’s a script? -> a script is basically a predefined code written using Lua Programming Language -> this predefined code helps in gathering more information about services running at the ports.
  • 51.
    List of Scripts ->nmapcomes with premade scripts and are stored in the /usr/share/nmap/scripts -> we can list all the premade scripts ls /usr/share/nmap/scripts
  • 53.
    List of scripts ->for different services we have different list of scripts available. -> we can list scripts available for a particular service using grep command. ls /usr/share/nmap/scripts | grep “service_name” -> for example We can list scripts available for http service ls /usr/share/nmap/scripts | grep http
  • 55.
    Script Scanning -> defaultscript scanning : for different services default scripts are set -> when default script is run , nmap scan default scripts of services running at ports. nmap -sC scanme.nmap.org
  • 57.
    Script Scannning nmap --script=”script_name”192.168.10.1 -> example nmap --script=http-brute.nse scanme.nmap.org //multiple scripts nmap -script=http-traceroute.nse,http-brute.nse scanme.nmap.org
  • 60.
  • 68.
  • 69.
    OUTPUT -> we cansave our scan results in an output file. -> nmap -oN file_name 192.168.10.1 Outputs to given file name. -> nmap -oX file_name 192.168.10.1 -> XML Output to given file name.
  • 70.
  • 71.
    Miscellaneous Options -> verbosescanning Print more information about the scan in progress nmap -v 192.168.10.1 -> aggressive scanning Enables OS (-O) and service detection(-sV) , traceroute(-- traceroute), scriptscanning (-sC) . nmap -A 192.168.10.1
  • 72.