Scanning Network

Scanning Network

Host Discovery Techniques

Used to indentify the active/live system in the network

To detect OS of the target machine

nmap -sV –script smb-os-discovery.nse

To detect service version

nmap -sV

View packets send and receive

nmap -sT –packet-trace

Port Scaning

Categorized according to the type of protocol used for communication

Nmap Script Engine

Nmap has many ready-made scripts available for use in various purposes such as vulnerability scanning, DoS attacks, brute-force attacks, etc.

smb-os-discovery is an inbuilt script that can be used for collecting OS information on the target machine through the SMB protocol

In the Kali, the scripts are saved at the folders /usr/share/nmap/scripts/

You can view the contents of these files to understand how it works and see the specific nmap command syntax needed to run the script.

nmap -sV -p445 –script vuln

• Scan for EternalBlue vulnerabilities with the smb-vuln-ms17-010 script to

Example about the detail command for scaning

nmap -sV -O -sC -v -oN nmap-win7.txt -p-

DoS attack using nmap

There are several scripts in nmap that support DoS attacks, for example, the http-slowloris script (a DoS attack against apache2). The attack method is as follows:

nmap -Pn –script http-slowloris –max-parallelism 800