Learn Pentesting like a Pro!

Share this post

How to scan ports with netcat

pentesting.academy

How to scan ports with netcat

netscan is the swiss army knife... learn how to use it

pentesting.academy
Mar 5, 2021
Share this post

How to scan ports with netcat

pentesting.academy

Sometimes when doing lateral movement in a penetration testing engagement, we don't want to use nmap to keep a low footprint. There it comes netcat to the rescue which it is already installed in many Linux systems.

With this command we can easily perform a port scanning for the most used ports:

nc -n -v -z -w 1 192.168.1.1 20 21 22 23 25 80 443 8080 8081

If you are willing to scan all 65535 TCP ports, take your time, it takes around 1 second per port as specified with -w 1 flag:

Port scanning with netcat
Port scanning with netcat

More tricks in the Enumeration penetration testing post:

Learn Pentesting like a Pro
🥷 Enumeration Cheat Sheet for the 25 most used protocols: From DNS to ElasticSearch
#1: DNS Enumeration nmap -T4 -sS -p 53 $IP/24 Enumerate ALL DNS records! Maybe hidden hosts in network recon dig -t all target1 target2 target3 @$DNSSERVER DNS recon (brute force subdomains): dnsrecon -d $IP -t brt -D /usr/share/wordlists/dnsmap.txt dnsenum $DOMAIN fierce -dns $DOMAIN -wordlist dictionary.txt…
Read more
3 months ago · pentesting.academy
Share this post

How to scan ports with netcat

pentesting.academy
Comments
TopNew

No posts

Ready for more?

© 2023 pentesting.academy
Privacy ∙ Terms ∙ Collection notice
Start WritingGet the app
Substack is the home for great writing