# NMAP

* Even though this is a web penetration test, I will go ahead and check nmap anyways to see what pops up. If anything for good practice.
* Start with basic nmap scan:

  * `nmap 10.10.72.153`
  *

  ```
  <figure><img src="https://3952040429-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FF29RnxijYeB8jxlysIRF%2Fuploads%2Feu8D7j8UZ2SZtet8vnV8%2Fimage.png?alt=media&#x26;token=4f4886dc-3e1f-40b1-b046-e0784fc8bf85" alt=""><figcaption></figcaption></figure>
  ```

  * Looks like the following ports are open:
    * 22
    * 80
  * Will check for all open ports
* Next run an nmap scan on all ports to see what is open:

  * `nmap -p- 10.10.72.153`
  *

  ```
  <figure><img src="https://3952040429-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FF29RnxijYeB8jxlysIRF%2Fuploads%2FVwIqXVsfNCidNJWlp78t%2Fimage.png?alt=media&#x26;token=8494273f-996c-411a-a466-c03286f13083" alt=""><figcaption></figcaption></figure>
  ```

  * Nothing new.
* Run a more detailed scan to see what pops up:

  * `nmap -sC -sV -p 80,22 10.10.72.153`
  *

  ```
  <figure><img src="https://3952040429-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FF29RnxijYeB8jxlysIRF%2Fuploads%2FYT5nHmEPN006aJyOdqVY%2Fimage.png?alt=media&#x26;token=0bca58fe-1dd2-432a-af39-f0d3471b4b3e" alt=""><figcaption></figcaption></figure>
  ```

  *