Port Scanning Hacking Tools

Trying to understand what ports are open and why or why not they are is clearly a vital requirement of any Penetration Tester or Network Engineer. We’ve updated our list for 2019.



easy port scanning

Port Scanning is one of the initial steps that a Penetration Tester (‘Ethical Hacker’) will take to determine how secure a network or web application is from black hat hackers.

Port Scanning Software, of which there is plenty, is a ‘must-learn’ if you are serious about becoming a Cybersecurity Professional. We’ve tried to list as many useful and ‘user-friendly’ Port Scanning Tools that we have used in the past.

What is Network Scanning?
This concept refers to, somewhat obviously, scanning the network! ‘Ports’ on a network can be considered as being the entry points to a machine, or computer (box) that is connected to the Internet. An application or service that listens on a port functions by receiving data (bytes) from a client application, processing that data and then sending it back. If a network is hacked into, or compromosed, then a malicious client can be programmed to exploit vulnerabilities in the server code with the purpose of being able to gain access to sensitive data or execute malicious code remotely. The communication and commands would be administered through the implementation of a Remote Access Tool (RAT).

What is Port Scanning?
Network scanning and port scanning are often used interchangeably. Port scanners (of which there are several, such as Angry IP Scanner, NetScanTools, Unicornscan and NetworkMiner) are used by system and network administrators to verify security profiles of networks to prevent hackers from being able to identify services running on a host that have exploitable vulnerabilities. Of course, if a network admin (or any other IT professional) performing a scan discovers a vulnerability then there priority is to patch the hole without delay. Port scanning is a task performed in the initial phase of a penetration test (‘pentest’) in order to establish all network entry points into the target system.

Why are there so many ‘Network and Port Scanning’ tools?
At first it might seem that there are a ton of ‘similar’ tools. However, most of them service a particular need, or said in a more technical way, the tools have an expertize with regards to certain protocol scanning, for example, some are better at TCP ports scanning rather than UDP ports scanning and vica versa.

Nmap NEtwork scanner tool

Tool Category: Port Scanners


What is Nmap?
Nmap is an abbreviation for ‘Network Mapper’ – ‘Network’ in an IT sense of the word. You can consider Nmap as being one of the best-known, and in fact, one of the most useful hacking tools out there. Period. If you are serious about pentesting, ethical hacking and IT Security in general, then learning Nmap is essential.

Is Nmap Free?
You betcha! In fact, a lot of other tools out there, Metasploit for example, pulls in Nmap for network discovery and security auditing. Many system admins will use Nmap along with other such tools as Wireshark (and perhaps even ‘Network Miner’) for a wide variety of port and network scanning. If you’re completely new to port and network scanning then we’d suggest this article here.

How does Nmap Work?
Nmap tool works by inspecting raw IP packets in creative ways to understand what hosts (servers) are available on the network, what services (application name and version) those hosts are using, what operating systems (including Operating System versions and possible patches) and what type and version of packet filters/ firewalls are being used by the target. In summary you’ve got to learn Nmap and if want to work in Cyber Security as a practioner.

Does Nmap Work on all Operating Systems?
Yes, Nmap works on all major computer operating systems, and official binary packages are available for Linux, Windows, Mac OS X, IRIX, and AmigaOS. Of course, there’s a much easier way to install Nmap – just use Kali Linux or use BackBox since it ships with Nmap and you’ll be able to update the progam with ease. 

Brief word about ‘Zenmap’
Zenmap is the GUI version of Nmap. Here’s our advice: learn how to use Nmap, but when you’re out in the field performing a penetration test etc., then fire-up Zenmap. The awesome thing about Zenmap is that it pre-loads all the command lines in one go so you don’t have to start tapping ‘nmap’ into the command terminal to load the command help prompts.

Angry IP Scanner

Tool Category: Port Scanners


What is Angry IP Scanner?
Angry IP Scanner is a cross-platform and, like nmap, is an open source network scanner created to for fast and efficient deployment.

From our experience, the Angry IP Scanner is very easy to use.

Angry IP Scanner is mostly used by network administrators but it can also be used for penetration testing.

Features of this particular hacking software includes IP Range Scanning and being able to exports results in many formats and provides command-line interface.

Is Angry IP Scanner Free?
Yes! This tool is completely free.

Does Angry IP Scanner Work on all Operating Systems?
It runs on Linux, Windows and MAC OS X operating systems.

What are the Typical Uses for Angry IP Scanner?
One of the uses of this tool is to scan IP addresses and ports to find out what is out there on the network.


Tool Category: Port Scanners


What is NetScanTools?
NetScanTools is really a collection of different pentesting tools that a system admin would find particularly useful.

The range of network toolkits are designed for those who work in network engineering, network security, network administration, network training, or law enforcement internet crimes investigation. Like many other pentester tools in our series, the developers offer a free and commercial grade of their products.

Is NetScanTools Free?
NetScanTools has a free and commercial product available.

Does NetScanTools Work on all Operating Systems?
It is designed for Microsoft Windows operating systems.

What are the Typical Uses for NetScanTools?
NetScanTool was created to help people in internet information gathering and network troubleshooting. With this tool, you can automatically research IPv4 and IPv6 addresses, domain names, hostnames, email address and URLs. Tools that are automated are started by the user and it means that several tools are being used to do the research and then the results will be presented in the users’ web browser.


Tool Category: Port Scanners


What is Unicornscan?
Unicornscan is another tool that is similar to nmap, Angry IP Scanner and NetScanTools.

This tool works by gathering and correlating datasets for anaylsis.

This hacking software was created to provide an engine that is, according to the developers: “Scalable, Accurate, Flexible, and Efficient”.

It is released for the community to use under the terms of the GPL license.

Is Unicornscan Free?
Yes sir! Using this tool is free.

Does Unicornscan Work on all Operating Systems?
Unicornscan currently works on Linux operating systems but this could be wrong – please verify.

What are the Typical Uses for Unicornscan?
Unicornscan is intended to give hackers and penetration testers a way to visualize TCP/IP packets.

Features of this tool includes “an Asynchronous stateless TCP banner grabbing, asynchronous stateless TCP scanning with all variations of TCP Flags, asynchronous protocol specific UDP Scanning (sending enough of a signature to elicit a response), PCAP file logging and filtering, relational database output, active and Passive remote OS, application, and component identification by analyzing responses, custom module support and customized data-set views.”

There’s a good resource here if you’re interested.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.