5-Network scanning

Metasploit

Discover hosts

msfconsole
nmap -Pn -sS -oX Test [ip] - scan whole subnet

search portscan - to open port scanning modules

load auxiliary/scanner/portscan/syn - perform syn scan

set INTERFACE eth0
set PORTS 80
set RHOSTS 10.10.1.5-23
set THREADS 50

run

Shows number of active hosts with port 80 open:

Display all TCP ports in target IP addr.

load auxiliary/scanner/portscan/tcp

set RHOSTS [target ip]
run

Scan specific port 445 to determine SMB version

use auxiliary/scanner/smb/smb_version
set RHOSTS 10.10.1.5-23
set THREADS 11

run