How to scan ports with netcat

Penetration Testing Wiki

How to scan ports with netcat

Sometimes when doing lateral movement in a penetration testing engagement, we don’t want to use nmap to keep a low footprint. There it comes netcat to the rescue which it is already installed in many Linux systems.

With this command we can easily perform a port scanning for the most used ports:

nc -n -v -z -w 1 192.168.1.1 20 21 22 23 25 80 443 8080 8081

If you are willing to scan all 65535 TCP ports, take your time, it takes around 1 second per port as specified with -w 1 flag:

Port scanning with netcat
Port scanning with netcat

More tricks in Enumeration penetration testing phase.

 

Leave a Reply

Your email address will not be published. Required fields are marked *