Muhammad Daffa Blog

Disclaimer: My post is for academic purposes only, How to use this information is the visitor’s responsibility.

This week, I have Learned about Target’s discovery. Target discovery is a very important skill that a pentester needs to have in order to successfully enter a target server. One of the most popular tools that is used in target discovery is nmap.

nmap is an open-source tool for vulnerability scanning and network discovery. Network administrators use Nmap to identify what devices are running on their systems, discovering hosts that are available and the services they offer, finding open ports, and detecting security risks.

I personally use nmap to discover open ports on a target. There are many ways to use nmap other that port discovery, for example, you can use nmap with krb5 script to find a list of users on a kerberos.

Using nmap is also very useful when you want to know which version of a port is, for example, you can know what version of a windows server by using nmap, also keep in mind when you use nmap it is better to specify the port number that you want to scan since default nmap search only going to scan from ports 1-10000 and if you want to scan other ports other than that you need to specify it.