Nmap Tutorial For Beginners - 3 - Aggressive Scanning

hey guys hack exploit here back again with another video and welcome to your third end map tutorial so in this tutorial what I'm going to be talking about is some aggressive scans and basically how to get more information from your scans and more powerful scanning options so without further Ado let's get to it um so the first thing as usual you have to open your terminal and you have to initialize end map pretty self-explanatory you should already know that by now uh so again I'm just going to use the help command just to make it easier for you guys to understand all right so um let's say we want to get information about what um operating system is running uh on the uh the basically the site or IP or IP ranges uh so how would we go about that well luckily for us we do have a command or a parameter that can actually give us that information and that is the a parameter which as it says here will enable OS detection the version of the operating system excuse me and it will give us script scanning so to see if any scripts are running and Trace ruit um so that's basically what it'll give you so let's actually try that right now with the scan me. nm.org all right so let's try that nmap uh capital A and let's scan me do nmap whoops excuse me I actually pressed something wrong there excuse me guys um nm.org all right so let's see what it actually G gives us all right it's going to start scanning and uh given the fact that I've not specified any ports it's going to go through a thousand ports and it's actually grabbing the operating system information and all of that stuff so it's actually using the aggressive scan which is basically what a means is aggressive so just let it scan and um let's see what we get now one thing I also wanted to tell you guys is it's going to give you a trace rout but uh I'm going to recommend that you just it's a trace root is really not important at this time so I just want you to ignore that for this period of time I'm going to get to it later so uh let let finish scanning all right there we are uh it actually scanned so uh it's going to give you the latency and it's going to scan a th000 ports by default uh that's what nmap does but you can specify how many you want to or which ports like we mentioned in the previous video so uh we have Port 22 which is SSH uh and it's running uh open SSH uh Ubuntu it's running on Ubuntu which is pretty strange I would say I expecting something like a red hat but nonetheless maybe it's just a test server for the site so it's running Ubuntu Linux and uh it has the host key I'll explain what this is later you really don't need to know that and then we have HTTP which is running Apache standard stuff um and it's is giving you a little teaser here telling you to go ahead and scan me so I'm we really going to ignore that right now and you can see it's actually running the Linux kernel so that's basically how to get OS basically like an aggressive scan uh now let's say you want to find out what services uh the service versions of the services that are running basically like the version of the operating system that's running it may have given it here but I just want to show you the difference so to do that you actually have to hit in map uh small s and a capital S and we're going to try that again nm.org right and let's hit that and let's see what it gives us right again it's going to take a while to scan and what this means is it's just going to show you the services the service version that's what it means and it's just going to give you the version of the um of whatever Services operating systems are being used on the server or IP ranges and how this is helpful is for like if you wanted to know if there were vulnerable for example intu 2.4 for example uh and you had exploits you would really want to know what you're attacking so you can actually line up exploits specific for the version so it's really really important that uh so um Ubuntu 2.8 pretty much is given us quite similar information to the first scan but it's pretty minimal here it's it's it's left the trace route and stuff like that um so it's running a to 2.8 Apache 2.4.7 which it really it did uh it did give us up there so it may seem like it's not a very important uh function but trust me it is when uh when it comes to scanning really really big service or sites or IP ranges or an IP so uh now uh in the previous video I showed you how to scan for specific ports all right now um enter a specific Port can be well you can say it's it takes quite a while and H for a beginner you really just want to get the the the important ports uh like for example SSH uh HTTP uh Echo and the MySQL so the command for this is basically n map a capital f I'm going to explain what that means um and let's use the scan me I know I'm using it more than I should now but um I'm almost done uh just explaining what these uh these Advanced um commands are so nmap F scan me.n map.org all right what the f means is basically fast and it'll actually just give you the most commonly targeted ports so let's see what it gives us and you can actually see the most important targeted ports all right so it's targeted um it's going to scan for 100 ports all right these are the well um as I mentioned uh it's going to scan for 1,000 by default but if you enter the the F which means fast it's going to scan for 100 ports all right and these are going to be the most important ports so uh that it scan for TCP and HTTP these are the only important ports that are open so uh if there were more it would have given you more of the important ports like MySQL and stuff like that so that's basically how to just Target the important ports without actually entering a specific Port very useful if you're a beginner and you just want to check out all the open important ports that it has instead of going through all the 1,000 all right uh the other thing I wanted to mention uh I know I'm uh giving you guys a lot right now but I forgot to mention this in I think the first video is with nmap you can actually um scan more than one in a row so if I entered scan me. nm.org right and um let's actually use the fast command um um and let's say we wanted to also scan let's say we wanted to scan google.com I'm sure Google won't say anything to me for this um let's say we want to save it again as I mentioned uh this time I'm going to save it as a txt file which I'll show you how to do right now home Alexis um desktop that's where I want to save it and I'm going to say scan. txt make sure you specify that and it's going to create a txt file and let's see what it actually gives us so it's going to let's open it and again it's going to scan it's going to scan for Google and it's going to scan for nmap scan me.n map.org and it's going to give them a very good format so um Google has three ports open and um uh scan me.n has two ports open so that's a pretty cool way of scanning multiple in a row and you can add as many as you like so that's just a quick timesaving tip and uh that's another way of actually saving it as txt so you don't really don't need to use grippable output all right so um that's basically how to enter multiple IPS uh you can also in addition do this you can actually say n map let's use the fast again and let's say uh ww.google.com we have actually used um this scan me domain more more than I think I should have you can actually um enter uh an IP address uh sorry you don't use a comma so let's say 192.168.0.1 let's see what we get there that's basically the router the uh basic the router IP there let's just see what we get I'm going to save it to home desktop and scan dxt all right let's see what we get so it's going to scan for Google and it's going to scan for the IP and as you can see my router has a UPnP I'll explain what that is later and it just uh basically allows you to scan an IP and a site in one line so this is really really cool stuff it actually can save you a lot of time um one last thing before we actually and end the video I know I've shown you guys a lot in this video but uh yeah uh one last thing uh let's say this will actually is one of my favorite commands because it just saves a lot of time so let's say I say in map um this will save a lot of time so let's say n map open google.com all right and let's again save it to home Lexus desktop and scan actually let's use the capital scan this time and let's see what it gives us all right uh this is the one I'm guessing right here and uh you see it scaned really fast because um it's just going to give you the open ports it's not it's not going to give you any of the other stuff that's closed or I mean that that's filtered or any uh of the ports that um nmap is really not sure about so that's basically um the last command I wanted to show you here I hope this video helped you guys again I'm going to ask you to share this video so a lot of people can can get this content and it can actually help them uh uh one more thing guys thank you for the support on the channel um we're really really growing at an exorbitant rate and I'm really really proud of the journey that we've had so far I'm going to I'm keeping my I'm keeping my pledge to be providing videos almost every day for you guys um and that's what I'm going to stick to so thank you so much for the support thank you for asking questions I really appreciate that by the way if you have any questions you know the drill I'm on Kick social media and in the comment section anything you need just ask me and I'll be happy to help you uh otherwise uh guys um thank you guys so much for watching this video and have a fantastic day peace