News

Tool Tuesday – nmap

Aug 19, 2019

One tool which should be installed on every pentester PC is nmap. This command line tool is the Swiss army knive for penetration tests on network level, but also used regularly by system administrators.

nmap scans one or more target systems for open ports. Such ports are used to offer services running on the computer to users on the network.

In a network or system level pentest, nmap often finds ports which are not necessary for a productive environment with end users. If the software running behind such ports is poorly configured or outdated, vulnerabilities potentially can be exploited.

Generally, the attack surface of every server should be kept as small as possible. Only services which are actually required to be reachable from the outside should be exposed – for a web application this means only ports for HTTP: 80 and 443.

Tool Tuesday – nmap

Do you want us to check the attack surface of your servers? Please feel free to contact us

Recent posts

mgm sp @ Dresden

Our second office is located in Dresden, the capital of Saxony. Come have a look at our office there!

read more

mgm sp @ Heise DevSec

With the topic “How practical is DevSecOps really? – A field report” our colleague Maximiliane Zirm is present at this year’s Heise devSec. 

read more

Pentests at a fixed price

By integrating our colleagues in Vietnam and a well-established organization, we are able to offer penetration tests at a very attractive fixed price.

read more

Wenn Sie auf der Seite weitersurfen, stimmen Sie der Cookie-Nutzung zu.
If you continue to visit the site, you agree to the use of cookies.
Privacy Policy / Cookie Policy

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close