Scanning - Third Step Of Ethical Hacking

After getting some surface knowledge of the network now it’s time to scan the network. Scanning, also called port scanning is a technique used to scan the network devices or system to find the vulnerabilities or open doors than can be used to enter the network or system. However, there are three types of scanning:

Network Scanning : – This scan is done to actually find the systems that are online. You dont want to waste your time playing with the system that doesnt even exist. Ping sweep is a popular method done to find the systems that are running or online.

This scan is done to actually find the systems that are online. You dont want to waste your time playing with the system that doesnt even exist. Ping sweep is a popular method done to find the systems that are running or online. Port Scanning: – In this scanning different tools are used to identify the services or applications are running on those system. Here, TCP/IP ports are scanned. Nmap is a popular tool just to do this.

In this scanning different tools are used to identify the services or applications are running on those system. Here, TCP/IP ports are scanned. Nmap is a popular tool just to do this. Vulnerability Scanning: – Now, to make the attack more specific, automated tools are used to find vulnerabilities. In this scan the operating system and its version number is identified. The hacker use weakness of the OS to penetrate the system.

Some Scanning tools of Ethical Hacking And Penetestration Testing

NMAP

NMAP is a penetration testing and network information gathering tool which was use by most of the IT administrators around the world. NMAP uses are more wide and we can easily gather the devices and the Network peripherals around you.

To see which NMAP version you are using, you need to use the following command in the Kali Linux terminal. It is very important because, whenever a new NMAP version was released, you will get some new feature which comes with your NMAP Package. So next time while you are starting to use the NMAP app in Kali Linux, check whether you are using the latest version of NMAP.

PING Command

The ping command helps to verify IP-level connectivity. When troubleshooting, you can use ping to send an ICMP echo request to a target host name or IP address. Use ping whenever you need to verify that a host computer can connect to the TCP/IP network and network resources. You can also use ping to isolate network hardware problems and incompatible configurations.

Advanced IP Scanner

Reliable and free network scanner to analyse LAN. The program shows all network devices, gives you access to shared folders, provides remote control of computers (via RDP and Radmin), and can even remotely switch computers off. It is easy to use and runs as a portable edition. It should be the first choice for every network admin.

Angry IP Scanner

Angry IP Scanner (or simply ipscan) is an open-source and cross-platform network scanner designed to be fast and simple to use. It scans IP addresses and ports as well as has many other features.

It is widely used by network administrators and just curious users around the world, including large and small enterprises, banks, and government agencies.

It runs on Linux, Windows, and Mac OS X, possibly supporting other platforms as well.

CurrPorts

CurrPorts is network monitoring software that displays the list of all currently opened TCP/IP and UDP ports on your local computer. For each port in the list, information about the process that opened the port is also displayed, including the process name, full path of the process, version information of the process (product name, file description, and so on), the time that the process was created, and the user that created it.

Dmitry

DMitry has the ability to gather as much information as possible about a host. Base functionality is able to gather possible subdomains, email addresses, uptime information, tcp port scan, whois lookups, and more.

Friendly Pinger

This program offers network visualization, administration, monitoring, scanning, inventory, ping and visual traceroute.

ID Serve

ID Serve is a freeware by Steve Gibson is essentially a security investigation tool. Its main function is to examine the workings of the Web server. This program also gives information in the operating platform of the server. The probe can also reveal useful information on other information such as cookie values and reverse DNS information.

LANsurveyor

LANsurveyor is proven, network and desktop management software. LANsurveyor makes it easy to map, manage, and report on your entire network. LANsurveyor is unique because it provides four essential functions in one cost-effective application: automatic network maps, asset management reports, network monitor, and remote administration and distribution

Nessus

Nessus is the most trusted vulnerability scanning platform for auditors and security analysts. Users can schedule scans across multiple scanners, use wizards to easily and quickly create policies, schedule scans and send results via email. Nessus supports more technologies than any other vendor, including operating systems, network devices, hypervisors, databases, tablets/phones, web servers and critical infrastructure.

NetScanTools Pro

NetScanTools Pro is an integrated collection of internet information gathering and network troubleshooting utilities for Network Professionals. Research IPv4/IPv6 addresses, hostnames, domain names, e-mail addresses and URLs automatically or with manual tools.

Nexpose tool

They are generally referred as vulnerability scanners. These tools maintain a database of known vulnerabilities and then scan the target systems for them. If they find any, they then generate a detailed report of the vulnerabilities found, allowing us to simply choose the appropriate attack, then exploit the system or network.

Uniscan

Welcome back, in this tutorial you will learn how to scan and fingerprint a web server or device to find vulnerabilities. To achieve this we will be using a tool called Uniscan.Uniscan is a vulnerability scanner that can scan websites and web applications for various security issues like LFI, RFI, sql injection, xss etc.

Zenmap

Zenmap is the official Nmap Security Scanner GUI. It is a multi-platform (Linux, Windows, Mac OS X, BSD, etc.) free and open source application which aims to make Nmap easy for beginners to use while providing advanced features for experienced Nmap users. Frequently used scans can be saved as profiles to make them easy to run repeatedly.

For References :-

I hope you enjoyed this article.