Usually
we use NMAP as a port scanner to find open port of web-server, But
with help of this Tool we can also gather Information about victim
using NMAP script. In this tutorial we use NMAP to gather
information.
(1)
Use NMAP to determine I.P. Address of victim:- NMAP include two
scripts in his database.
nmap
--script ip-geolocation-* host-name
As
we can see that it show co-ordinate & location of our target.
(2)Use
NMAP as Whois Tool:- Following Command is used to find whois
information about victim
nmap
--script whois host-name
(3)Use
NMAP for Email Harvesting:- There are two script for email
harvesting.
- Http-google-email
- http-email-harvesting
Http-email-harvesting
is official repository in nmap . But if you want to use Google webs &
Google Group to find Email then you should Download Http-google-email
from here.
Use
Following command to find email Address
nmap
-p80 --script http-email-harvest host-name
(4)Use
NMAP as Brute Force DNS:- DNS recor contain useful information about
website. There are many tools available for this purpose , But you
can also use nmap for simple DNS Brute Force Attack.
Use
Following command
nmap
-p80 --script dns-brute host-name
(5)Discovering
Additional Host-name:- we can find additional host which has same
I.p. Address using simple nmap script. It can help us to find
web-application which hosted on same I.p. Address.
Download
this nse script from here.
You
can aslo use following script code
nmap
--script http-robtex-reverse-ip --script-args
http-robtex-reverse-ip.host='ip'
No comments:
Post a Comment