Skip to main content

Penetration Testing

===============================

Kali Linux

===============================

Install Kali Linux in the virtual box in the windows operation system.
Below is the link of the video which will demonstrate how to install kali linux in the virtual machine.
https://www.youtube.com/watch?v=wCEPusruqQM

SCANNING
NMAP CHEAT SHEET (FULL + STEP-BY-STEP + EASY)

For Kali Linux – Penetration Testing

===============================

1. BASIC DISCOVERY SCANS

===============================

1.1 Ping Scan (Find live hosts)

nmap -sn <target/subnet>

Purpose: Checks which hosts are online (no port scanning).
Example:
nmap -sn 192.168.1.0/24

1.2 Disable Ping (When host blocks ping)

nmap -Pn <target>

Purpose: Treats all hosts as online and scans even if ICMP is blocked.

1.3 Quick Scan of Top Ports

nmap <target>

Purpose: Scans top 1000 common TCP ports.

===============================

2. PORT SCANNING

===============================

2.1 Full TCP Port Scan (all 1–65535 ports)

nmap -p- -sS <target>

Purpose: Finds ALL open TCP ports.
-sS: Stealthy SYN scan.

2.2 Scan Specific Ports

nmap -p 22,80,443 <target>

2.3 Scan Port Range

nmap -p 1-1000 <target>

0R
nmap -Pn 192.168.1.1-50

2.4 UDP Scan

nmap -sU <target>
Purpose: Finds open UDP ports (slower).

2.5 TCP & UDP Together

nmap -sS -sU <target>

2.6 Fast Scan (Top 100 ports only)

nmap -F <target>
2.7 Multiple Targets from a File
Create a file named targets.txt with a list of IPs (one per line):
targets.txt
192.168.1.10
192.168.1.15
example.com
Then run:
nmap -Pn -iL targets.txt

===============================

3. SERVICE & VERSION DETECTION

===============================

3.1 Detect Service Versions

nmap -sV <target>

Purpose: Show exact versions (e.g., Apache 2.4.49).

3.2 Aggressive Version Detection

nmap -sV --version-intensity 9 <target>

3.3 OS Detection

nmap -O <target>
Purpose: Attempts to identify OS (Linux/Windows/etc.).

===============================

4. AGGRESSIVE & COMBINED SCANS

===============================

4.1 Aggressive Scan

nmap -A <target>

Includes:
✔ OS detection
✔ Version detection
✔ Scripts
✔ Traceroute

⚠️ Noisy – use carefully!

4.2 Everything in One Scan

nmap -p- -A -T4 <target>

===============================

5. NMAP SCRIPTING ENGINE (NSE)

===============================

5.1 Run Default Scripts

nmap -sC <target>

Equivalent to:
nmap --script=default <target>

5.2 Run Vulnerability Scripts

nmap --script vuln <target>
Purpose: Automatically checks common CVEs.

5.3 Run Specific Scripts

nmap --script smb-vuln* <target>
Examples for SMB:
  • smb-vuln-ms17-010
  • smb-vuln-regsvc-dos

5.4 Safe Script Scan

  • nmap --script safe <target>

5.5 Malware Detection

  • nmap --script malware <target>

===============================

6. SCAN TIMING & PERFORMANCE

===============================

6.1 Speed Up Scans

nmap -T4 <target>

T0 = slowest | T5 = fastest

6.2 Max Speed Scan

nmap -T5 <target>

⚠️ Very noisy.

6.3 Slow, Stealthy Scan

nmap -T1 <target>

===============================

7. EVASION & BYPASSING FIREWALLS

===============================

7.1 Fragment Packets

nmap -f <target>

7.2 Decoy Scan

nmap -D RND:10 <target>
Purpose: Makes scan appear as if coming from random IPs.

7.3 Randomize Scan Order

nmap --randomize-hosts <targets>

7.4 Change Source Port
nmap --source-port 53 <target>
Useful when firewalls allow DNS.

===============================

8. OUTPUT & REPORTING

===============================

8.1 Save Output to Text File

nmap <target> -oN scan.txt

8.2 Save Output in XML

nmap <target> -oX scan.xml

8.3 Save All Formats

nmap <target> -oA result
Creates:
  • result.nmap
  • result.xml
  • result.gnmap

===============================

9. ADVANCED & SPECIAL SCANS

===============================

9.1 DNS Brute Force

nmap --script dns-brute <domain>

9.2 HTTP Enumeration

nmap --script http-enum <target>

9.3 SSL/TLS Vulnerabilities

nmap --script ssl-enum-ciphers <target>

9.4 FTP Anonymous Login Check

nmap --script ftp-anon <target>

9.5 SMB Enumeration

nmap --script smb-enum-shares,smb-enum-users <target>

===============================

10. REAL-WORLD NMAP WORKFLOW

===============================

STEP 1: Find live hosts

nmap -sn 192.168.1.0/24

STEP 2: Scan top ports

nmap <target>

STEP 3: Full port scan

nmap -p- -sS <target>

STEP 4: Detect services

nmap -sV <target>

STEP 5: OS detection

nmap -O <target>

STEP 6: Vulnerability scan

nmap --script vuln <target>

STEP 7: Save report

nmap -oN final_report.txt <target>

Labels:

Comments

Post a Comment

Popular posts from this blog

Install MariaDB Latest Version 11.4 in Red Hat Version 9

 This this post i will show you step by step the installation process of mariaDB in red hat version 9. Step1 Run the command to pull the latest updated packages on applications installed in your system. -dnf update If you get Kernal update than reboot the system -reboot Step2 Go to official mariaDB site Make mariadb repository in /etc/yum.repos.d Place the configuration in this file # MariaDB 11.4 RedHatEnterpriseLinux repository list - created 2024-09-24 11:12 UTC # https://mariadb.org/download/ [mariadb] name = MariaDB # rpm.mariadb.org is a dynamic mirror if your preferred mirror goes offline. See https://mariadb.org/mirrorbits/ for details. # baseurl = https://rpm.mariadb.org/11.4/rhel/$releasever/$basearch baseurl = https://mirrors.aliyun.com/mariadb/yum/11.4/rhel/$releasever/$basearch # gpgkey = https://rpm.mariadb.org/RPM-GPG-KEY-MariaDB gpgkey = https://mirrors.aliyun.com/mariadb/yum/RPM-GPG-KEY-MariaDB gpgcheck = 1 Now install the mariaDB with its dependencies package...
Post a Comment
Read more

Car Company website Proposal Document.

 Car Company Website Proposal Document. What this website offers and give value to company and its customers. This site will showcase the products (vehicles) with simple and sleek design. It will show high impact vehicles images. The specification of vehicle which user can easily understand and make comparisons.  Features of this website both Front-End and Back-End side. Front-End Features 1. Landing page of website 1.1 This page will display classy look of the web design by showcasing different vehicle high resolution images. 1.2 Overview of all Services the company offering to their valuable customers 1.3 Testimonials Client feedback on your services and satisfaction with vehicle which build long term value to company and customer relationship. 1.4 Window Pop-up for showing  sales and events or any news. 2. Pages on this website 2.1 Services Page This page will demonstrate number of Maintenance Services of vehicles this company offers. Now there are two types of service...
Post a Comment
Read more

React js Commands

Navigation   1. Install React Router Dom npm install react-router-dom npm install react-router-dom@6
Post a Comment
Read more