06-03-2023, 01:54 PM
so i scan with nmap and get some open ports, what are the next steps? i am very new to all this
var unreadAlerts = '1';
New user needs help. |
06-03-2023, 01:54 PM so i scan with nmap and get some open ports, what are the next steps? i am very new to all this 06-03-2023, 02:24 PM TechnWoE Wrote: so i scan with nmap and get some open ports, what are the next steps? i am very new to all this Depends what are you scanning XD.... First you need to do "recon" before trying to exploit anything. That's simple : get as much informations as possible that include port scanning but you will have to do a ton of other things (service vulns, nmap tcp fingerprinting, os detection). Then you can do CVE scan with tools like jok3r or nmap NSE script like vuln. With only port scanning you already have an idea what service is running on the host, you can check the version to know its vulnerabilities for example. Just don't forget that hacking is research and not running scripts, you will always have to find ways and tricks to exploit something nmap is a tool to help... Here are some cool nmap command you can use to find interesting infos:
We are Light Hat Arsenal, we are hackers for the light ! 06-04-2023, 06:18 AM 06-06-2023, 12:37 AM Next step would likely be to identify the services and their version for each open port after that you search for ways to possibly attack any of these services. you can also always consult sites like this: pentest-standard.org There are multiple ones like this, each with a slightly different way of going about things. The killchain is still the same for most of them. You will get familiar with the cycle very rapidly if you practice some machines. HTB and vulnhub where my go to sites to practice |
« Next Oldest | Next Newest » |