Port scanning

In a real assessment, an agreement between the person or company that is reviewing the application and the application's owners is established. This is one of the first steps involved in detecting the services.

This task is usually carried out using Nmap (https://nmap.org/), which is a command-line tool that is used to detect ports and services running on a remote host. Using Nmap is not complicated; you can just type nmap on a command line to see all the different options we have, as shown in the following screenshot:

To perform a standard scan to a host, we can use the following command:

nmap -vv -sV -O -Pn -p0-65535 -oA nmap_[IP] ...

Get Hands-On Application Penetration Testing with Burp Suite now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.