Alternatives to Nmap

I always use Nmap to scan IPs and ports but recently I was blocked off the network while I was doing a security test of infrastructure. What other tools, commands or methods could be used to scan infrastructure without risk about blocking?

Nmap uses threading and a particular way to test that makes firewalls to block you if you’re too exhaustive that are blocking you on the network. You should test port by port or a little list of ports in a timeframe, you can use netcat or if you’re on windows powershell’s Test-NetConnection.

For ncat is like this:

nc -vz ip.ip.ip.ip port

You can also make a script to show open and closed ports:

for i in port1 port2; do nc -z ip.ip.ip.ip $i && echo “Port $i open” || echo “Port $i closed”; done

For powershell is like this:

Test-NetConnection -Port port ip.ip.ip.ip

1 Like

With Net Cat you can specify a port range like this:

nc -vz ip.ip.ip.ip initialport-endport
1 Like

Using ol’ Asserts:

python3 -c “from fluidasserts.proto import tcp;tcp.is_port_open(‘fluidattacks.com’, 443)”

2 Likes