Active Information Gathering

This phase is an important step in penetration testing and involves contact between the pen tester and the actual target.

Port Scanning

A simple bash script to grab open ports with nmap and then scan those ports more aggressively:

echo Grabbing ports...
ports=$(nmap -p- --min-rate 1000 -T4 $1 | grep ^[0-9] | cut -d '/' -f 1 | tr '\n' ',' | sed s/,$//)  
echo Ports grabbed!
echo Scanning...
nmap -sC -sV -Pn -p $ports $1 $2 $3


portscan -oX nmap.xml