Reconnaissance Tools

Port Scanning is one of the initial steps that a Penetration Tester (‘Ethical Hacker’) will take to determine how secure a network or web application is from black hat hackers.

Port Scanning Software, of which there is plenty, is a ‘must-learn’ if you are serious about becoming a Cybersecurity Professional. We’ve tried to list as many useful and ‘user-friendly’ Port Scanning Tools that we have used in the past.



Why scan?

Everything starts life with a scan when it comes to penetration testing and indeed every aspect of Cybersecurity testing.


Popular Network Scanning Tool

What is Nmap?
Nmap is an abbreviation for ‘Network Mapper’ – ‘Network’ in an IT sense of the word. You can consider Nmap as being one of the best-known, and in fact, one of the most useful hacking tools out there. Period. If you are serious about pentesting, ethical hacking and IT Security in general, then learning Nmap is essential.

Is Nmap Free?
You betcha! In fact, a lot of other tools out there, Metasploit for example, pulls in Nmap for network discovery and security auditing. Many system admins will use Nmap along with other such tools as Wireshark (and perhaps even ‘Network Miner’) for a wide variety of port and network scanning. If you’re completely new to port and network scanning then we’d suggest this article here.

How does Nmap Work?
Nmap tool works by inspecting raw IP packets in creative ways to understand what hosts (servers) are available on the network, what services (application name and version) those hosts are using, what operating systems (including Operating System versions and possible patches) and what type and version of packet filters/ firewalls are being used by the target. In summary you’ve got to learn Nmap and if want to work in Cyber Security as a practioner.

Does Nmap Work on all Operating Systems?
Yes, Nmap works on all major computer operating systems, and official binary packages are available for Linux, Windows, Mac OS X, IRIX, and AmigaOS. Of course, there’s a much easier way to install Nmap – just use Kali Linux or use BackBox since it ships with Nmap and you’ll be able to update the progam with ease. We have a lot of information on Linux Pentesting ‘Ethical Hacking’ Distributions here.

Brief word about ‘Zenmap’
Zenmap is the GUI version of Nmap. Here’s our advice: learn how to use Nmap, but when you’re out in the field performing a penetration test etc., then fire-up Zenmap. The awesome thing about Zenmap is that it pre-loads all the command lines in one go so you don’t have to start tapping ‘nmap’ into the command terminal to load the command help prompts.