The stage which comes before starting hacking or real examining is Reconnaissance.
Reconnaissance means gathering all the information related to that website like what ports are running, what technology is being used, on which OS the website is running, etc.
The tool about which we are going to learn today is called Nmap. I use Nmap mostly just
to find what ports are running on a website but other than this Nmap also has lot of features like it has scripts of his own to perform different tests on a website, it can also be used to brute force HTTP-basic-authentication, test a website for a firewall, etc.
Reconnaissance means gathering all the information related to that website like what ports are running, what technology is being used, on which OS the website is running, etc.
The tool about which we are going to learn today is called Nmap. I use Nmap mostly just
to find what ports are running on a website but other than this Nmap also has lot of features like it has scripts of his own to perform different tests on a website, it can also be used to brute force HTTP-basic-authentication, test a website for a firewall, etc.
So, let's start :
Command 1 : nmap -sn <ip>
The above command is used to see if the host is alive means if the website is responding to our requests. As seen in the above image we can also use the website name instead of it's IP to know if it's running and we will also know the IP.
Here -sn means that we are disabling the port scanning feature of Nmap.
Here -sn means that we are disabling the port scanning feature of Nmap.
Command 2 : nmap <ip>
The shown command is used to know what ports are open.
From the above image it can be seen that the website is only running 80/tcp and 443/tcp ports which are http and https respectively. (it may be a little less accurate sometime)
Command 3 : nmap -sV -O <ip>
The above shown command is used to know what OS and version of services is being used by the website. As can be seen in the image the concerned website is hosted on an Ubuntu machine.
Here we have used -sV because we want to know the service/version on each open ports. -O is used to enable operating system detection.
Here I've described some of the features of Nmap. But Nmap is a very powerful tool and is not limited to only these features mentioned above. To know about all of the attributes present in Nmap you can use --help or -h attribute like this :
nmap -h
OR
nmap --help
That was all for the article.
Thanks for Reading.
Happy Hacking !!
Here we have used -sV because we want to know the service/version on each open ports. -O is used to enable operating system detection.
Here I've described some of the features of Nmap. But Nmap is a very powerful tool and is not limited to only these features mentioned above. To know about all of the attributes present in Nmap you can use --help or -h attribute like this :
nmap -h
OR
nmap --help
That was all for the article.
Thanks for Reading.
Happy Hacking !!
No comments:
Post a Comment