Port Scanning
When we discover a host, we scan for every port to find which services are running, and get a deeper understanding of the attack surface.
- nmap πͺπ₯: a stealthy and powerful port scanner
- Rustscan πͺπ₯: a fast port scanner for CTFs
- Masscan πͺ: an aggressive port scanner for mass scanning
It's worth nothing that these tools may miss ports.
- β οΈ Don't forget UDP ports
- β οΈ The target may be behind a firewall
- β οΈ Ports answering after the timeout may be marked 'closed'