Nmap

Nmap is a popular port scanning tool.It can also be used discover hosts, identify the Operating System,  Services running on the ports and lots of other thing.

A simple scan is as follows:

nmap (target address)

This will show us the Ports, their state (open/closed) and the Services running.

  • Open Ports: It means that an application on the target host is accepting TCP connection.
  • Closed Ports: It means that an application on the target host isn’t listening.
  • Filtered Ports: It means that nmap cannot determine whether the the port is open or closed.This may be because of a firewall rule in the target host to block any request packets.

This slideshow requires JavaScript.

Continue reading

Information Gathering

Information Gathering is one of the initial and important steps of Penetration testing.We collect information of the host which we are going to test for vulnerabilities that can later be exploited.

The two basic methods of Information Gathering are:

  • Active: In this method, we induce network traffic to the target and collect information.
  • Passive: In this method, we use a third party to induce network traffic to the target and collect information.We can use information that is publicly available also.In this way, we won’t leave our fingerprints on the target.

Continue reading