To begin any pentest, you must discover what services the machine is running. A full TCP port scan helps uncover all active ports, even if services are running on unusual ports.
Tool Used: nmap
Chosen for its speed, versatility, and accuracy in network scanning.
nmap-Pn-sS-p-192.168.10.4
-Pn: Skip ping (Treat host as online)
-sS: SYN scan for stealth and speed (if you are not root, run it with sudo)
-p-: Scan all 65535 TCP ports
Hints & Tips:
Always scan all ports (-p-) to avoid missing hidden services.
Use -Pn if ICMP is blocked or when you treat host as online.
