Nmap Basic's part one Simple scan

Welcome back to hacking arise lads Laughing Man here with a very basic understanding of some the commands in Nmap Free Security Scanner

What is Nmap network scanner

Nmap is a free and open-source network scanner created by Gordon Lyon. Nmap is used to discover hosts and services on a computer network by sending packets and analyzing the responses. Nmap provides a number of features for probing computer networks, including host discovery and service and operating system detection Find out more

How To use Nmap

First let me start by saying i have Nmap install on my system but for people using termux type pkg install nmap this will install it on your termux as many os systems have it installed like Kali,parrot,cyborg hawk,black arch arch strike etc …

So see nmap full commands type Nmap in terminal or man nmap this gave you the manual for nmap in the terminal

note

some times when scanning you will be blocked this dont mean it dont work means the target not responding to the pings so if this happens use -Pn (eg nmap -Pn google.com and for IP’s nmap -Pn 127.0.0.1 )

simple scan

so this a simple command for a simple scan for ips or a website its easy just type nmap 127.0.0.1
well you wont be using the local host so if its a website put the url or if its a ip type it.

Post scanning

Right now lets move on to ways to find the ports we need so lets start by looking for a specific port this be port 80 so in terminal type nmap -p 80 127.0.0.1

so scanning one port is easy so lets scan two ports at one time so type nmap -p 80,433 127.0.0.1

now what we want to get all the ports on a ip or server we use this command nmap -p 1-9999 127.0.0.1

Ip Range

Now we move on two ip range scanning this help you nmap a network and see what devices are on it the two main commands for that are
nmap 127.0.0.1/28

or we can use this one nmap 127.0.0.1/14

what id we want to see everyone on the network we use the nmap 127.0.0.* this gave you everyone on the network 1 to 256

now lets take out a few ips to be excluded from the scan type nmap 127.0.0.* --exclude 127.0.0.1,127.0.0.2

top 20 ports

you way ask your self whats the top 20 ports well there

21/tcp closed ftp
22/tcp closed ssh
23/tcp closed telnet
25/tcp closed smtp
53/tcp closed domain
80/tcp closed http
110/tcp closed pop3
111/tcp closed rpcbind
135/tcp closed msrpc
139/tcp closed netbios-ssn
143/tcp closed imap
443/tcp closed https
445/tcp closed microsoft-ds
993/tcp closed imaps
995/tcp closed pop3s
1723/tcp closed pptp
3306/tcp closed mysql
3389/tcp closed ms-wbt-server
5900/tcp closed vnc
8080/tcp closed http-proxy

using this command nmap --top-ports 20 127.0.0.1
this will gave you that list and tell ya what ones is open .

Right lads we leave it at that and im going for a coffee and enjoying rest me fathers day lol whoop whoop

ALL THE BEST lAUGHINGMAN

Setting up recon-ng

Welcome laughing man here back with another one this one is on setting up recon-ng this is used for gaining info on targets .

What is Recon

recon-ng is a full-featured Web Reconnaissance framework written in Python. … Recon-ng is a completely modular framework and makes it easy for even the newest of Python developers to contribute. Each module is a subclass of the “module” class. credits to kali.org as u see it is a lot like metasploit so its pretty neat .

how to use

right open your terminal and type recon-ng when it starts a list of the keys you will need to add to get the tool to work

so what you do is sign up to each these services

API Keys

bing_api (optional $$$) – Sign up here (I chose the free plan), agree to all the terms until you get to “Thank You”, then go here to view the key. (free account: 5000 transactions per month)
builtwith_api – Go here and sign up. Once you enter an email and password, it will show you the API key
censysio_id – Go here and sign up. Once you register, confirm your account by clicking on the link in the email. Then login and go here to view the “ID” and “Secret”
censysio_secret – Look at #3
facebook_api – This one is a bit more in-depth. Click here, login to Facebook (or register if you don’t have one). Once logged in, in the top-right, click “My Apps”, then “Add a new app”. Click the “Add a new app” green button. Type any name you want and select any category. This will create a new app, now click “Dashboard” in the top left. Copy the “App ID” and “App Secret” from that page. For this field, you want to use “App ID”
facebook_password – Note: Due to order of the API keys, this does not have to do with #5 above! This is simply your facebook password. Or make a new facebook and use that password!
facebook_secret – This is the “App Secret” from #5
facebook_username – This is your facebook username that has the password listed in #6. Make a new facebook account if you want
flickr_api – Go here and click “Request an API Key” under “Get your API key”. Login to Yahoo (or make an account). If you had to create a Yahoo/Flickr account, you may need to click the link again after registering. Choose “Apply for non-commercial key”. Fill in some filler information (it really doesn’t matter what you put here). Then you will get an “API Key” and “Secret”. Use “API Key” for this entry (Note: Untested, don’t know if you need “Secret” too or what. Open bug report here)
fullcontact_api (optional $$$)– Go here and click “Get a key”. Sign up. You will be shown an API key immediately after signing up (free account: 500 Person and Company matches per month, and 60 queries per minute)
github_api – Go here (login if necessary, then click the link). Click “Generate new token” in the top right corner. You don’t need to give the token any permissions (and I recommend that you don’t), just click “Generate Token”. You will be shown the token
google_api (optional $$$) – Go here (login if necessary). At the top left, click the dropdown “Project”, then “Create project”. Enter a project name, then hit “Create”. Once the project is created, go here and click “Create Credentials” and select “API Keys”. It displays the key to use here. Click “close” after you save it, _not “Restrict Key”._Then go to”Library” on the left, click “Custom Search API” (bottom-ish), and click “Enable”. Done! (free account: 100 search queries per day for free)
google_cse – Go here (login if necessary). Click “Create”, enter “www.google.com” with “Sites to search”, then click “Create” button. On the next page, click “Control Panel”. Under “Sites to search”, choose “Search the entire web but emphasize included sites” in the dropdown, then click the “Update” button at the bottom. On the same page, scroll up and click “Search Engine ID” under “Details”. Thats the key to use here!
hashes_api – Register here (or login). Confirm your account via email link. Login with your new account, then click here. Your API key should be listed.
instagram_api – Register here (or login). Once logged in, click here and create a new application. Add “http://localhost:31337” as the “OAuth redirect_uri”. Click “Manage Clients” at the top of the screen and the API key will be available as the “CLIENT_ID” (Note: Instagram wasn’t functioning when I wrote this…it may be different)
instagram_secret – Same as #15 but its “CLIENT_SECRET”
ipinfodb_api – Register here. You must enter the IP you will use recon-ng from under “Server IP”. I recommend you use a VPN or server or something so the IP never changes. Activate the account via email link. The api key will be given to you on account activation
jigsaw_api (Requires $$$) – Register here. Once registered, you must send a special request to get an API key. No specifics here because its very expensive!.
jigsaw_password (Requires $$$) – Register here. This is the password for your account that you create and sign up for a plan with!
jigsaw_username (Requires $$$) – Same as #19, but this is the account password.
linkedin_api – Go here (register/login if necessary) and click “Create Application”. Fill out the information with random stuff…annoyingly it requires an image with the same width and height. I used this. It will show you the “Client ID”, which is this key. Add “http://localhost:31337” under “OAuth 2.0”. Check all the boxes under “Default Application Permissions”. Click “Update”. For this API to function fully, you must submit this form. Fill out information explaining what you will use it for, etc. Pain in the butt, but necessary.
linkedin_secret – Same as but its the “Client Secret”
pwnedlist_api – Service has been officially shut down
pwnedlist_iv – Service has been officially shut down
pwnedlist_secret – Service has been officially shut down
shodan_api (optional $$$)– . Activate your account via email. The API key will be shown upon login. (free account: basic search capabilities. Premium account with full access is a one-time payment of $50 and pretty worth it)
twitter_api – Go here and login/register as needed. Click “Create New App”. Enter in filler information of your app. Once the application is created, click on “manage keys and access tokens”. The key is “Consumer Key (API Key)”.
twitter_secret – Same as #27, but the key is “Consumer Secret (API Secret)”
virustotal_api (If using a branch with it) – Go here and click “Join our community” in the top right. Active the account via email, then login. Click your username in the top right, then click “My API Key”. The API key will be shown. A “public” API will be sufficient.

so lets have a look at the keys we got in the database so type this command show keys

ok we have none so lets start adding them the one im going to add is builtwith_api sign up here and go to tool API access
copy the api key it gaves you now go back to recon-ng and type keys add builtwith_api 0644f3ac-ba8b-4a1f-83b6-ab4dc2e3f824

there ya got its the same for all the API’S
ENJOY