nmap

discover hosts and services on a network, find out what operating system they are using

• find hacking targets
• vulnerabilities that you can exploit
• see what ports are open (default ports can tell you what services are running on these ports)

1# Scan entire network (ping an entire network to see what devices are online)
2nmap -sP 10.7.1.0
3
4nmap -v -A www.badstore.net
5
6sudo nmap -A 10.77.1.0/24

• -v: verbose output
• -A: Enable OS detection, version detection (for protocols), script scanning, and traceroute
• -O: Enable OS detection

1sudo nmap -sT -p 80,443 10.7.1.0/24

• sT TCP connect, i.e. full open scan

This scanning of entire networks might be blocked by firewalls (IDS: Intrusion Detection System) and may even be illegal. so you use -sS instead, the S is for stealthy