Learn Pentesting like a Pro!

Share this post

How to scan ports with netcat

pentesting.academy

Discover more from Learn Pentesting like a Pro!

Stay updated on the latest cybersecurity insights from Cloud and Mobile to Blockchain. (HUNDREDS OF SUBSCRIBERS)
Continue reading
Sign in

How to scan ports with netcat

netscan is the swiss army knife... learn how to use it

DH
Mar 5, 2021
Share this post

How to scan ports with netcat

pentesting.academy
Share

Sometimes when doing lateral movement in a penetration testing engagement, we don't want to use nmap to keep a low footprint. There it comes netcat to the rescue which it is already installed in many Linux systems.

With this command we can easily perform a port scanning for the most used ports:

nc -n -v -z -w 1 192.168.1.1 20 21 22 23 25 80 443 8080 8081

If you are willing to scan all 65535 TCP ports, take your time, it takes around 1 second per port as specified with -w 1 flag:

Port scanning with netcat
Port scanning with netcat

More tricks in the Enumeration penetration testing post:

Learn Pentesting like a Pro
🥷 Enumeration Cheat Sheet for the 25 most used protocols: From DNS to ElasticSearch
#1: DNS Enumeration nmap -T4 -sS -p 53 $IP/24 Enumerate ALL DNS records! Maybe hidden hosts in network recon dig -t all target1 target2 target3 @$DNSSERVER DNS recon (brute force subdomains): dnsrecon -d $IP -t brt -D /usr/share/wordlists/dnsmap.txt dnsenum $DOMAIN fierce -dns $DOMAIN -wordlist dictionary.txt…
Read more
9 months ago · pentesting.academy
Share this post

How to scan ports with netcat

pentesting.academy
Share
Previous
Next
Comments
Top
New

No posts

Ready for more?

© 2023 pentesting.academy
Privacy ∙ Terms ∙ Collection notice
Start WritingGet the app
Substack is the home for great writing