NMAP KALI LINUX TUTORIAL

Intro – Nmap (“Network Mapper”) is an open source tool for network exploration and security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. It uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. While Network Mapper is commonly used for security audits, many systems and network administrators find it useful for routine tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime.
 
1. How to open nmap

A. GUI method

Application → Kali Linux → Information gathering → DNS Analysis → nmap
nmap
 
B. open terminal type nmap hit enter
nmap

 
2. Scan a single IP address When firewall OFF/ON on target PC
Syntax – nmap IP address/hostname
EX – nmap 192.168.75.131
Ex-  nmap google.com
nmap console
 
3. Boost up Your nmap Scan – using this command u can decrease scan time
Syntax – nmap –F IP address
Ex – nmap –F google.com
nmap
 
4. Scan multiple IP address or subnet
A. scan a range of IP address
Syntax – nmap IP address range
EX- nmap 192.168.75.1-131
nmap scan range
 
B.  Scan a range of IP address using a wildcard
Ex – nmap 192.168.75.*
 
C. Scan an entire subnet
Ex – nmap 192.168.75.1/24
 
5. scan turn on OS and version detection
Ex – nmap –O 192.168.75.131
 
6.  Scan all TCP port in target IP
Ex – nmap –sT 192.168.75.131
 
7. Scan a firewall for security weakness
A. Null scan – TCP Null Scan to fool a firewall to generate a response
Ex – nmap –sN 192.168.75.131
 
B. Fin scan – TCP Fin scan to check firewall
Ex – nmap –sF 192.168.75.131
 
C. TCP Xmas scan to check firewall
Ex – nmap –sX 192.168.75.131
 
8. UDP Scan – Scan a host for UDP services. This scan is used to view open UDP port.
Ex – nmap –sU 192.168.75.131
 
9. Scan for IP protocol – This type of scan allows you to determine which IP protocols (TCP, ICMP, IGMP, etc.) are supported by target machines.
Ex – nmap –sO 192.168.75.131
 
10. detect remote services (server / daemon) version numbers
Ex – nmap –sV 192.168.75.131
 
11. Find out the most commonly used TCP ports using TCP SYN Scan
A. Stealthy scan
Ex – nmap –sS 192.168.75.131
 
B. Find out the most commonly used TCP ports using  TCP connect scan
Ex – nmap –sT 192.168.75.131
 
C.  Find out the most commonly used TCP ports using TCP ACK scan
 Ex – nmap –sA 192.168.75.131
 
D. Find out the most commonly used TCP ports using TCP Window scan
Ex – nmap –sW 192.168.75.131
 
E. Find out the most commonly used TCP ports using TCP Maimon scan
Ex – nmap – sM 192.168.75.131
 
12. List Scan – this command is used tolist target to scan
Ex – nmap –sL 192.168.75.131
 
13. Host Discovery or Ping Scan – Scan a network and find out which servers and devices are up and running
Ex – nmap –sP 192.168.75.0/24
 
14. Scan a host when protected by the firewall
Ex – nmap –PN 192.168.75.1
(click image for large view)
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s