Use Nmap for Tactical Network Reconnaissance [Tutorial]
Вставка
- Опубліковано 1 січ 2019
- Our Premium Ethical Hacking Bundle Is 90% Off: nulb.app/cwlshop
How to Conduct Network Recon with Nmap
Full Tutorial: nulb.app/x4eyg
Subscribe to Null Byte: goo.gl/J6wEnH
Kody's Twitter: / kodykinzie
Cyber Weapons Lab, Episode 057
If you find yourself on a Wi-Fi or Ethernet connection, it might be confusing to know how to figure out what else is on the network. Nmap is a powerful tool for exploring and learning about devices around you on a network. On this episode of Cyber Weapons Lab, we'll explore the various uses of Nmap, and show you some of the most useful scans for a beginner.
To learn more, check out the article: nulb.app/x4eyg
Follow Null Byte on:
Twitter: / nullbyte
Flipboard: flip.it/3.Gf_0
Website: null-byte.com
Weekly newsletter: eepurl.com/dE3Ovb
Vimeo: vimeo.com/channels/nullbyte - Навчання та стиль
![Search for Vulnerable Devices Around the World with Shodan [Tutorial]](http://i.ytimg.com/vi/oDkg1zz6xlw/mqdefault.jpg)
![Search for Vulnerable Devices Around the World with Shodan [Tutorial]](/img/tr.png)
![Haunt a Computer Using SSH [Tutorial]](http://i.ytimg.com/vi/M0eEwqUpKDc/mqdefault.jpg)
Instead of hitting up and home to add sudo to a command, you can run ‘sudo !!’ to run the last command with sudo. Just something that I found helpful. Love the videos, thank you for doing them and sharing the passion for our field.
Thank you! And thanks for sharing that
!! is really cool. You can even do something like echo "!!"
Can I just say thank you for your videos... the best way to learn pen testing skills on the internet. They very well put together and it’s also nice that you put out a written version!
I'm glad other people find this stuff as interesting as I do!
Absolutely love this channel! I've learnt so much about hacking and Linux in general because of you Kody. Your tutorials helped making me comfortable enough with Linux to leave Windows permanently. Happy new year and all the best to all viewers and of course Null Byte themselves.
Thank you so much! I really appreciate it
Thank you and happy New Year. You are the only channel in which I activated the bell
Thank you Ali! Happy new year
Great video with very clear examples and explanations. Thank you for sharing your knowledge. I've played with nmap and arp-scan but it is nice to see someone else put it into practice as well.
Do you want to learn something new on UA-cam?
just press the " i " button on your keyboard ^^
also 0-9 are preset timestamps for every video on UA-cam
I knew that...
? works too...
thanks
i knew that
It says “I love you”
Great job Kody, happy new year from Italy
Hey bud! Amazing content, please continue to make more. Happy New Years!!!
I don't really watch really long videos, But Kody's videos are very interesting and amazing, he share knowledge for free and explains everything in an spectacular way everyone understands. And I don't even know how 15 mins fly away. Good work brother.
I'm fairly new to all of this but iv been loving your tutorials
Thank you for watching it!
Great video for begginers man nice job, i got one thing to add. If you don't specify the ports to scan nmap is going to scan the top 1000 common ports in a system and not "every possible port" 7:11. Thanks for sharing
this is the best Nmap video for beginners, thanks
Love this channel, nice videos Kody!
Nice GITS wallpaper. New subscriber here, loving your tutorials so far
Man. You are such an inspiration dude. Thank you.
i reeeaally like ur videos, i've learned soo much from ur channel. me and my friend really want to be like you. you made me wanna go more into computer science. you made it soo much more fun than other channels thanks!!!!
Thanks! That really sweet, means a lot to me. You'll do great in CS!
-D just makes a lot more noise in the logs (2,472 lines vs 513) , and it still reveals your scan IP. Use -S followed by an IP. You might get a Nsock error, but it still works. It does not hide your IP during OS detection, but it does reduce the number of times it is logged vs -S. It does completely hide the IP on a normal scan. Also use '--spoof-mac' followed by a random MAC to hide your MAC. Use IP tables on another PC to view the noise.
Great tutorial as always, but I noticed your censoring is off if you wanted to hide the mac address at around 8:30 , it moves with the scrolling -- just in case I wanted you to know :) happy new year!
i was waiting for this video ty!!
Your welcome, thanks for watching!
At 16.20 i got jump scare 😂 nice video , you have many awesome contents on this channel
The video was really useful. I really thank you and I really wish you for more subscriptions. You can speak really great and I'm enthusiastic to see more videos.
Check this sir for more details enumerations ua-cam.com/video/1XAssdnTQSo/v-deo.html
If you forget to run a command as root, simply type ‘sudo !!’ to run it again but as root !! means previous command
Thank you congratulations happy new year
8:29 Nice one Kody. (Pause and look closely under the censoring)
Kody, love that shirt, thanks for all you do!
Thank you the video was quite informative
Thanks bro I have so much diy and have the basic grasp of nmap before this tute, its a soft listen on repetition for me, I mean I only felt smart after school, so im assuming that something sunk in when I was semi concious
Happy new year kody these videos are really nice we want more
Thank you for watching them! I appreciate each and every one of these comments
@@NullByteWHT you put a whole lot of work bro.we have to be there when a new video comes out
@@NullByteWHT make few videos about buffer overflows and lfi rfi
@@sheerazali2395 I really like the community! I'm getting a little bored of the format though, I want to start working on something new!
@@NullByteWHT I'll love to be on any projects with you I am not new to cyber security but I am still learning I'll work for free
I keep watching this channel.
Thank you for watching it
Hell yes!! This is fun! Thank you!
Thanks kody , great tutorial as always.
Thanks Jonah!
Awesome , great video, thanks!!
I still use zenmap, the GUI version because i never got around to learning all the commands.
happy new year!!
Learn the commands! They'll make you powerful. Happy new year!
yeah ill defenitely need them. the more you know the more you realise you know nothing
Like your videos. Easy to learn from.
Thanks for watching them!
This was great! Thank you.
Christopher thanks for watching! Tell all of your friends about us! 😃
Parabéns pelo excelente conteúdo...
You are awesome Kody
Thanks for sharing, really appreciate it!, more content please....
whoa, ipcalc? you just changed my life.
I had no idea that Sheldon Cooper was also a hacker...
Jokes aside, great content. I am learning a lot. Thank you
This tutorial is easy to follow and understand. As of today 12/30/2022.
Very informative ....👍
Hi Kody, Make a video on Possible firewall, ids evasion techniques.
The " | cat " on the command that you provided is extraneous. You should be able to remove that completely from the command to wind up with the following command line:
sudo nmap -sS 192.168.0.0/24 | grep open >> results.txt
Thanks for walking us through the use of nmap!
Also, the two greater than signs ">>" means append to the file if it already exists; otherwise, create the file as new.
Jeff Groves i was thinking the same thing. I just finished linux 1 and taking linux 2 in a couple of weeks. was kind of cool to see my mind remembering those commands and remembering that >> was append while > would overwrite the file each time. I also thought wait, why is he putting cat after the pipe, but syntax isnt always that important to remember since u figure it out as you go. he obviously has some pretty advanced skills and not everyone is an expert at everything. glad I wasnt the only one to catch that though. you must be a daily linux user or something. it gets pretty complicated so I hope linux 2 is easy for me... I aced linux 1 100 percent so lets see how I do with the security part which is linux 2. take it easy bro.
Thank you so much for mentioning that! I'm still learning some of this myself, and teaching it helps me check myself against the community.
Good luck!
@@NullByteWHT Did you try to learn Linux before you jumped into Kali , or did you just start on Kali and learn to navigate the cli that way ? Personally I tried backtrack first and then soon realized that it wasn't the place to start. So I just grabbed a basic Debian based distro and learned everything I could about Linux. Then when I came back to what is now Kali and can actually understand the how , and the why. Learning the system in and out, then I jumped into networking & hardware, because if your going to understand vulnerabilities sometimes it goes all the way down to a hardware level not just software. For over a year I didn't even look at anything pentesting related. That said , doing it that way its so much easier to pick this stuff up, and I hate the term but I didn't want to be a script kiddie. I know this is getting long. After all is said and done, THEN you have to go back to Windows and learn CMD because how are you going to exploit a machine if you dont know how to control it ! What average Windows user even ever opens CMD its all graphical tools in windows. Its like alright I learned Linux to learn Kali to go back and learn the technical side of windows in order to manipulate it lol. Crazy cycle, but well worth the journey. Without a grasp on cli, networking, hardware, and multiple operating systems its impossible to use Kali to its potential if at all. No one should try and learn Linux on Kali it is not entry level friendly @ ALL. Am I making sense ? Now that I rambled I wanted to know how you decide on the topics for each video. Some of that is based on the Pi itself and its constraints, but not all videos are based on the Pi so I ask.
How long have you been at this from a security based standpoint ?
thank you for the vide0!
Hey, what’s the song at the start? It’s cool
Good ...brother..your tutoriel is great ..but i am bigginer..so i have little confusion..your web tutoriel is also good..congradulation..jan video..just i have seen..ha..ha..super..please upload more..ethycal hacking knowledge...
Good for pen testing, to close vulnerabilities of course.
hey man, keep this shit up... it really helped!!
great video btw.....as always..
Thank you!
Thank you very much
awesome video
First of all i would like to thank you for great educational videos ⚘
My question is do you have any idea how to get ms teams group member IP address and other informations ?
Instead of piping grep open, you can use --open option.
great thanks for the great content :0
Elliot Alderson "real life version"
God i love this channel!
srsly
Thanks
I have a question regarding macbook pro's touch bar. Does it work with kali on virtualbox? I'm in market for laptop to study pen testing. I can't choose between macbook pro or a thinkpad. Any advice? thanks
Please add English subtitles, happy new year
Are there any videos that go over all the different types of networks/ IP addresses like what’s en, en0, lo, Wlan0
@5:15 - no option will scan 1000 ports, -F option scans 100, but if you want to scan all 65535 ports, you should use '-p - ' option
Thanks for the tip seasonedtoker!
Im userland user love this tactical nmap
great video :)
On Windows? Advanced IP Scanner is handy. Sure it can't do everything nmap can do like specify ports etc but it will scan multiple subnets at once and give you any common services on hosts.
Whoops MAC Adress at 13:20
Ha! Didn't even read the comments till now, first thing I saw lol.
There is also one at 8:29
because it' very difficult to restart the VM and change it
@@thedoomslayer6526 it was the MAC of the router
Good vids keep going =)
Thank you!
Try doing this with other IP addresses (research purposes only), "too many fingerprints match this host to give specific OS details". etc. etc. etc. Firewall blocks nmap scans, different methods as well are outdated. Also assuming that IP when conducting scans, allow them to receive that scans are being conducted to IP addresses which leads me to believe that those scans will notify IP and further investigation can be conducted on your own IP address. Any thoughts on this?
hello how to perfom an anonymous scan ?? i heard about proxy chains and whonix , what is your suggestion
hhapy new YEAR WOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOW
There's a GUI front-end available. Zenmap.
this video was really helpful .....but i have one question ..there are several videos over youtube showing different methods to stay annonymous while hacking , so while hacking over a network which is the best method to remain annonymous???..please do reply ...and lots of love from India
Check out our guide on how to Fully Anonymize Kali with Tor, Whonix, and PIA VPN I think you'll find it helpful. null-byte.wonderhowto.com/how-to/fully-anonymize-kali-with-tor-whonix-pia-vpn-0180040/
Why do you blur your internal mac addresses? As far as I know it wouldn't be harmfull
hy!! i have an isue writing a comand.. how to conduct a ACK scan with OS identification and scan fewer ports then normal? i tried nmap -sA -O -p 80,21,3306, but nope. can you help me?
>> means append to the end of the file...not overwrite. > will overwrite the contents of the file if it exists. You don't need to pipe through cat either... just >> to append and > to overwrite.
If you want to see the results on screen _and_ log them in a text file pipe to the `tee` command: `nmap | grep | tee output.txt`
backing up a bit...if you need to sudo your last command, do: `sudo !!` . Much faster than up arrow and going to start of line, etc.
Sir i m a beginner nd i m passionate about hacking nd all.......so on which platform would u like to just me like kali linux , ubuntu nd etc
If I type in ipcalc the terminal gives me the message that it is an invalid command.. do I need to have a separate program installed? What causes this?
Same here why does this happen Kody help
What’s up dude. Check it out, I got a asus rt-ac66u router I need to get username and password but I cannot reset it. Which Linux should I use and what tool ?
Link for your wallpaper pleeeaaasseee.
after the sudo namp -sS witht he ip im not getting anything but "all 1000 scanned ports are closed (500) or filtered (500)"
By running ifconfig, it does not show local ip, but it shows static ip. How to see local ip?
Kody, happy new year....
we would like to see more videos about hacking Android .......not a lot of PC's around here..
@I dont know anymore Yeah that would be for hacking with your Android, I believe he means actually hacking Android phones, its un clear but.... Which without user interaction or physical access can prove to be a pretty daunting task. Which entails the ring buffer in the kernel, compromising the WiFi stack, using aireplay-ng to collect frames and then spoofing a network that the phone is calling out to that it has securely connected to previously. Then once its on your fake network that has the phone thinking its home its business as usual from there you still have to gain access to the device some way. and you can use Termux without root , the best route is the kali nethunter rom or pwnie express phone. I say that because a lot of scripts do not work properly because they were meant to be ran on a cell phone. All though I saw a pretty cool video of someone installing ubuntu from git in termux, I guess if you did that and then installed kali tools you might be able to use thing to their full potential.
Mostly everyone has a PC.. Even use a family computer if you have to.
@username yup!
what if your access is denied when you do arp-scan -l
Could you please make a video on Metasploitable 3 ?
Good idea Lal Budha, I've added it to the list of video ideas.
serious question: how do you _not_ blink?
hi, how about (socket: Operation not permitted) ? have any idea how fix this? i already did the ifconfig eth0 down in terminal emulator but its all clear and no errors but still (socket: Operation not permitted) again
What kind of linux os have supported nmap
when doing "sudo nmap -sS 192.169.**.* " i am getting this message " dnet: Failed to open device eth0" can anyone help, thanks
13:21 you dun goofed
Okay so I installed Linux in VMware, when I run ifconfig, it is different subnet than my actual router, so when I run nmap or arp scans it scans the virtual subnet instead of the LAN. Please help, I'm a total NEWB!
is this better than Fing?
Why using sudo code?pls tell me
Is this a UAV?
MAC Address leak: 13:22 (if you pause at the right second)
Which os it is
Sir you are a great hacker
Thank yoy!
@@NullByteWHT sir please teach us SS7 and is nullbyte.com is your website
please reply why cant we use arp -a
I am running ubuntu on a windows machine and when I type "nmap -f" it tells me that fragscan needs root privileges, how do I grant root privileges
Script kiddie
How can you ask that? You are the definition of a script kiddie
4:21 help im so confused how do i know which ip to copy
the computer model is ?
The command ipcalc didn't work for me?