1. Full TCP Port Scan on Target Host

To begin any pentest, you must discover what services the machine is running. A full TCP port scan helps uncover all active ports, even if services are running on unusual ports.

Tool Used: nmap

Chosen for its speed, versatility, and accuracy in network scanning.

nmap -Pn -sS -p- 192.168.10.4

-Pn: Skip ping (Treat host as online)
-sS: SYN scan for stealth and speed (if you are not root, run it with sudo)
-p-: Scan all 65535 TCP ports

Hints & Tips:

Always scan all ports (-p-) to avoid missing hidden services.
Use -Pn if ICMP is blocked or when you treat host as online.

PreviousReconnaissance Phase Next2. Service and Version Detection

Last updated 1 month ago