How to scan ports with netcat

Penetration Testing Wiki

How to scan ports with netcat

Sometimes when doing lateral movement in a penetration testing engagement, we don’t want to use nmap to keep a low footprint. There it comes netcat to the rescue which it is already installed in many Linux systems.

With this command we can easily perform a port scanning for the most used ports:

nc -n -v -z -w 1 20 21 22 23 25 80 443 8080 8081

If you are willing to scan all 65535 TCP ports, take your time, it takes around 1 second per port as specified with -w 1 flag:

Port scanning with netcat
Port scanning with netcat

More tricks in Enumeration penetration testing phase.

How useful was this post?

Click on a star to rate it!

Average rating 0 / 5. Vote count: 0

No votes so far! Be the first to rate this post.