Port Scanning

adventofcyber2 vulnversity blue ice blaster kenobi rrootme basicpentestingjt netsecchallenge startup cowboyhacker steelmountain easyctf colddboxeasy allinonemj source ctf mustacchio chillhack githappens lianyu easypeasyctf tomghost gamingserver cyborgt8 md2pdf surfer bruteit unbakedpie archangel teamcw pythonplayground techsupp0rt1 bypassdisablefunctions catpictures marketplace couch attacktivedirectory glitch jason anthem blueprint nax brooklynninenine h4cked vulnnet_node blog getsimplecms nibbles devvortex jerry lame sau cozyhosting netmon blue legacy cap wifinetic knife return broker bashed celestial optimum busqueda granny antique bizness shocker blocky mirai validation keeper

When we discover a host, we scan for every port to find which services are running, and get a deeper understanding of the attack surface.

  • nmap πŸšͺπŸ”₯: a stealthy and powerful port scanner
  • Rustscan πŸšͺπŸ”₯: a fast port scanner for CTFs
  • Masscan πŸšͺ: an aggressive port scanner for mass scanning
  • jfsscan πŸšͺ: not tested
  • nc -zv IP 1-65535: Live Off The Land

It's worth nothing that these tools may miss ports.

  • ⚠️ Don't forget UDP ports
  • ⚠️ The target may be behind a firewall
  • ⚠️ Ports answering after the timeout may be marked 'closed'