This NSE Checks for Ivanti EPMM MDM by requesting a known API endpoint.

#ivanti #nmap #cybersecurity

🔗 https://rulezet.org/rule/detail_rule/195235

💡 Understanding core network protocols is fundamental for any aspiring cyber security professional. One of the most common that you will encounter is SMB (Server Message Block).

In my latest video, I provide a detailed, beginner friendly walkthrough of the "DANCING" machine from Hack The Box, focusing entirely on SMB enumeration and access 🚀

You will learn:
🔹 What SMB (Server Message Block) is and how it works
🔹 Common SMB ports (139 & 445) and why they matter
🔹 How to use Nmap for targeted service enumeration such as SMB services
🔹 How to enumerate SMB shares using smbclient
🔹 Understanding anonymous / misconfigured shares
🔹 Downloading files from SMB shares and capturing the flag

This is a perfect starting point for anyone new to ethical hacking.

🎥 Watch the HTB DANCING walkthrough here:

https://www.youtube.com/watch?v=CpaBWeq9JU8

📂 Full playlist:

https://www.youtube.com/playlist?list=PL2mncq0mb-6iZ6ngDmwGEywmxnCYwO2s_

If you are transitioning into cybersecurity, bug bounty, or pentesting - this series is built for you.

Happy learning and keep hacking ethically 🔐

#CyberSecurity #EthicalHacking #HackTheBox #PenetrationTesting #Learning #TechEducation #BeginnerHacking #HTBStartingPoint #Nmap #KaliLinux #SMB

Как я выяснял, что провайдер блокирует входящий 443 порт, и что это означает для self-hosting и хомлабов

В какой-то момент я решил заняться self-hosting’ом дома: небольшой хомлаб, Proxmox, несколько сервисов за reverse proxy, HTTPS - всё максимально стандартно. Никакой экзотики: обычный домашний интернет, белый IP, проброс портов, nginx с TLS. Но на этапе публикации сервисов наружу выяснилось странное: входящий 443 порт просто не открывается , при том что 80 и другие порты работают.

https://habr.com/ru/articles/991520/

#Homelab #Блокировка_портов #Порт_443 #HTTPS #Белый_IP #Reverse_Proxy #Proxmox #NAT #Traefik #nmap

It's rare that I need to check TLS version support, but #TIL that #nmap is pretty great at that. #networking

Just published a new beginner-friendly walkthrough for Hack The Box Starting Point - FAWN (Tier 0).

This machine is an excellent introduction to FTP (File Transfer Protocol) and helps beginners understand:
🔹 How FTP works
🔹 Why FTP is insecure by design
🔹 What are the secure alternatives of FTP
🔹 How attackers enumerate services using Nmap
🔹 How anonymous FTP login works
🔹 What is the man command
🔹 How to retrieve files and capture the flag

Instead of rushing through commands, this walkthrough explains the concepts behind every step, which is something I wish I had when I first started learning ethical hacking.

If you are new to penetration testing or is an aspiring ethical hacker, Hack The Box Starting Point is a fantastic learning platform.

🎥 Watch the FAWN walkthrough here:

https://www.youtube.com/watch?v=SLFJOEq5w6Y

📂 Full playlist:

https://www.youtube.com/watch?v=OqxPRwP8t_s&list=PL2mncq0mb-6iZ6ngDmwGEywmxnCYwO2s_

If you are transitioning into cybersecurity, bug bounty, or pentesting - this series is built for you.

Happy learning and keep hacking ethically 🔐

#CyberSecurity #EthicalHacking #HackTheBox #PenetrationTesting #Learning #TechEducation #BeginnerHacking #HTBStartingPoint #Nmap #KaliLinux #FTP

#cybersecurity #infosec #nmap #metasploit #wireshark

🛠️ Tool
===================

Opening: LAN Orangutan is a self-hosted network discovery and device-inventory utility aimed at homelab users. The project blends an nmap-driven discovery backend with a modern web dashboard and a full-featured CLI that emits JSON for automation.

Key Features:
• Auto-discovery: network scanning and device enumeration using nmap results parsed into a local inventory.
• Inventory management: labeling, grouping, notes, and online/offline status tracking.
• Multi-network support: discovery across multiple detected networks and aggregated views.
• Integration: Tailscale integration to surface devices reachable via that overlay.
• Exports and APIs: CSV/JSON export and CLI JSON output for downstream processing.
• Distribution model: single binary cross-platform distribution (Windows, macOS, Linux) with a bundled web UI supporting light/dark modes and keyboard shortcuts.

Technical Implementation (conceptual):
• The discovery layer relies on invoking nmap to enumerate live hosts, parse ARP/hostname/vendor data, and build a device index.
• Elevated privileges are required to access ARP tables and MAC-to-vendor mappings; without elevated privileges the tool will still report IPs but omit MAC/vendor fields.
• A local HTTP server exposes the dashboard and device APIs; the CLI provides parity with the UI through JSON outputs suitable for automation pipelines.

Use Cases:
• Home lab asset tracking and device labeling for mixed environments (servers, desktops, IoT).
• Reconciling overlay networks (Tailscale) with physical LAN devices.
• Exporting inventories for documentation or integration into other tooling.

Limitations and Considerations:
• External dependency on nmap is required for network discovery; the quality of discovered metadata depends on the privileges under which nmap runs.
• Device classification relies on passive/active discovery heuristics; vendor and hostname data may be incomplete on restricted networks.
• Single-binary distribution eases deployment but does not remove the need for the nmap binary and appropriate system permissions.

References:
• Configuration locations include platform-specific config file paths and a configuration example shipped with the project.

🔹 tool #network_discovery #nmap #tailscale #homelab

🔗 Source: https://github.com/291-Group/LAN-Orangutan

Built a custom Buildroot distro for #Raspberry Pi 4 running:

Linux 6.12 PREEMPT_RT, Wi‑Fi, #NordVPN, #Tor + #Proxychains, #macchanger, #nftables, #nmap, #netcat, #watchdog.

A real‑time, stealth, weapon‑grade network appliance.

Minimal. Fast. Untraceable. Mine 👊🏻

#Linux #Buildroot #RaspberryPi #PREEMPTRT #FOSS #Privacy #Networking

I was watching an episode of Astrid et Raphaëlle (Madmans Sacrifice).
In the episode, someone is using a watch to transmit information to a player in a chess tournament. One of the characters, a former insurance investigator who acts as the tech person of the team, uses a hotel computer to identify what device is sending the information to the watch.
To do this, she runs a few different commands, including nmap.
Sorry for the big pause button and the blur.

She does hacking in other episodes. Some of it is pretty ridiculous, but I have not analyzed it and don't have screenshots.

#nmap #astrid #astridEtRaphaëlle

Today's #FreeSoftwareAdvent surprise is #nmap !

https://nmap.org/

Scan a network to see what's running out there. Get a list of the live hosts, their open ports, and a pretty good guess at what operating system they're running.

You can even poke at the hosts in various ways using nmap's scripting engine. It's a foundational network administration and troubleshooting tool.

Как защищать данные, когда денег на ИБ мало: топ-5 Open Source сканеров для поиска уязвимостей

Привет, Хабр! Меня зовут Виктор Иевлев, руководитель отдела информационной безопасности группы компаний «Гарда» . Сегодня хочу поговорить о поиске и управлении уязвимостями. Стоит начать с того, что процесс управления уязвимостями – это непрерывный цикл, включающий в себя поиск, оценку, мониторинг и устранение уязвимостей в программном обеспечении и инфраструктуре. Зачастую крупные организации используют сразу несколько коммерческих сканеров. Но что делать небольшим компаниям или стартапам, у которых нет бюджета на дорогостоящие инструменты информационной безопасности? К счастью, на помощь кибербезу приходит Open Source. В статье приведу примеры конкретных Open Source инструментов, а также расскажу, для решения каких задач они подходят.

https://habr.com/ru/companies/garda/articles/978582/

#owasp_zap #Nikto #Nuclei #Wazuh #Nmap #поиск_уязвимостей #сканер_уязвимостей #open_source #сканер

🧿 Nmap Basic to Advanced – Your Complete Scanning Guide

Nmap is one of the most essential tools for network exploration, security auditing, and vulnerability discovery. From quick host scanning to advanced enumeration, it gives defenders valuable insight into what exists inside a network and how it behaves. Learning Nmap step-by-step helps you move from simple port checks to full fingerprinting, service identification, and script-based analysis using NSE modules.

At the basic level, you’ll work with ping scans, port discovery, and OS detection to understand what devices are active and how they communicate. As you progress, you’ll start using advanced flags, stealth scanning techniques, firewall evasion, and Nmap Scripting Engine scans to uncover misconfigurations and weak services on a network. The more comfortable you get with options and timing controls, the more accurate and efficient your assessments become.

Whether you're securing your own systems or practicing ethical testing in a controlled environment, mastering Nmap helps you build strong fundamentals for reconnaissance, penetration testing, and network defense.

#Nmap #CyberSecurity #Networking #InfoSec #EthicalHacking

New Learning Tool Nmap Timing Visualizer

In the spirit of helping others master Nmap, i made this widget for you to play with. Enjoy and i hope it makes learning about Nmap's timing arguments fun and interactive.

chickenpwny.github.io/NmapTimingTe...

#Nmap #PenetrationTesting #NetworkScanning

New tool: Interactive Nmap Timing Template Visualizer

In the spirit of helping others master Nmap, i made this widget for you to play with. Enjoy and i hope it makes learning about Nmap's timing arguements fun and interactive.

https://chickenpwny.github.io/NmapTimingTemplateVisualizer/

#Nmap #PenetrationTesting #NetworkScanning

Solved: rootless kit startete erst mit Login

Frage zu #Raspberry
Ich habe einen #Pi im LAN, der ist per SSH erreichbar. Port ist dauerhaft verfügbar, sagt zumindest #nmap. Andere Ports nicht.
Logge ich mich via SSH ein, sind dann auch alle anderen erwarteten Ports von außen verfügbar.

Über #Docker läuft ein #PiHole
Weder der #DNS Port 53 ist ohne SSH Login erreichbar, noch die Weboberfläche.

Woran liegt das? 🤔
Mir fehlt gerade die Idee, was ich falsch eingestellt habe.

#Linux #SysAdmin

OSINT Tools in C/C++: Used by Intelligence and Security Services
Modern intelligence and cyber-reconnaissance units increasingly rely on **C and C++ tools** when **speed, resource control, and minimal digital footprint** are critical. Below is an overview of key tools and why these languages are preferred.
Classic OSINT Tools in C/C++
1. **Nmap (C/C++)**
The cornerstone network scanner for most OSINT tasks.
**Function:** Active and passive host discovery, service detection, OS fingerprinting.
**Feature:** Supports NSE scripts for automated reconnaissance.
2. **ZMap (C)**
Mass IPv4 scanning (e.g., one port across the entire IPv4 space in ~5 minutes).
Used for large-scale SIGINT/OSINT operations.
3. **Masscan (C)**
U.S. counterpart to ZMap, optimized for maximum speed.
Ideal for instant “network snapshots.”
4. **Tcpdump / libpcap (C)**
Passive packet capture.
Forms the backbone for packet analysis in intelligence systems.
5. **Bro/Zeek (C++)**
Network event analysis framework.
Detects anomalies and covert channels.
6. **YARA / YARA Rules Engine (C/C++)**
Signature-based detection of malware, documents, and archives.
Widely used in cyber intelligence.
7. **OpenSSL Toolkit (C)**
Certificate and TLS channel analysis.
Used to examine cryptographic infrastructure.
8. **ExifTool (C++)**
Metadata analysis for images and documents: device, timestamp, GPS.
9. **Tshark (C)**
CLI version of Wireshark for covert traffic analysis.
10. **Osquery (C++)**
Live-forensics system turning the host into a SQL-queryable database.
Why C/C++ Matters in Intelligence
**Maximum speed**
Native code is crucial for mass network scanning, data streams, and crypto operations.
**Resource control**
Direct management of memory, threads, and network buffers without overhead.
**Low-level access**
Raw sockets, system calls, filesystem, network interfaces.
**Deterministic behavior**
Predictable response times, no garbage collection delays.
**Minimal dependencies & portability**
Statically compilable binaries for Linux, Windows, BSD, or embedded systems.
**Integration with high-performance libraries**
OpenSSL, libpcap, Boost, ZLib for crypto, networking, and compression.
**Hardware-level optimization**
SIMD, vectorization, inline functions, assembly inserts.
Performance: C/C++ vs Interpreted Languages
Example: scanning 100,000 IPs for open ports.
Language Execution Time Reason C 3–5 sec Native code, minimal overhead C++ + Boost.Asio 4–6 sec Asynchronous, thread control Go 10–15 sec Runtime overhead, garbage collection Python 180–300 sec Interpretation, GIL, extra wrappers
**Conclusion:** Porting Python → C/C++ can give **50–100× speedup** for CPU- and I/O-intensive tasks.
Summary
C/C++ are the languages of choice for professional OSINT and intelligence tools where **speed, control, and low-level system/network operations** are required.
**Hashtags**
#OSINT #CPlusPlus #CProgramming #CyberIntelligence #SIGINT #NetworkAnalysis #Maltego #Nmap #ZMap #CyberSecurity #Forensics #MetadataAnalysis #OpenSourceIntelligence #Recon
**Bibliography / Must-Have References**
Gordon UA. *Preparations for war against Poland underway – Polish Chief of Staff*. 2025.
Eurointegration. *Polish Army Chief warns about pre-war threats*. 2025.
TVN24. *Polish Army Chief: Prepare forces for full-scale conflict*. 2025.
Nmap Official Documentation. https://nmap.org
ZMap Project. https://zmap.io
ExifTool Documentation. https://exiftool.org
YARA Rules Engine. https://virustotal.github.io/yara
Osquery Documentation. https://osquery.io

#nmap: My personal favorite network-security port-scanning tool.
Stable, consistent and highly reliable - for over 20 years now. 💌

If you have anything to do with computer-networks, you'll want to know it. 🥳

nmap's website has a page "where nmap appears in movies", as /the coolest hacker tool ever/ 😆 😎

https://nmap.org/movies/

#KaliLinux, #sibergüvenlik, #etikhacker, #penetrationtesting, #Debian, #Linuxdağıtımı, #Metasploit, #Nmap, #Wireshark, #OffensiveSecurity, #adli bilişim

https://huseyinozbekar.com/kali-linux-nedir-etik-hackerlarin-tercih-ettigi-guvenlik-odakli-isletim-sistemi/

Próbowaliście kiedyś znaleźć otwarte porty w podsieci? Jest to możliwe m.in. za pomocą programu nmap, ale można go jeszcze rozszerzyć o skrypty. Przydatny poradnik.

#Linux #Nmap #CyberSec #Cyberbezpieczeństwo

https://opensecurity.pl/szybki-rekonesans-interfejsow-webowych-przez-skrypt-nmapa/

Target and Discovery Configuration Options for “nmap”

https://novatopflex.wordpress.com/2025/10/29/target-and-discovery-configuration-options-for-nmap/