When we scan a network and its attached hosts, we are typically looking for open doors on the systems and infrastructure devices we happened to notice through predominantly passive scanning tools such as Maltego. Active scanning becomes more focused and is more likely to trip alerts, so we'll need to tread carefully and use the tools with discretion to ensure we do not draw attention. One of the preeminent tools in this realm is nmap
, and we'll soon see why its power and myriad of options and tweaks have made it a favorite for cyber security professionals and criminals alike for many years.
Unlike Maltego, this tool makes a lot of sense for use on the Raspberry Pi 3 versus the C&C server, as inside traffic is often under less scrutiny and it is a command-line tool. Companies tend to spend their money and time worrying about their Internet Edge perimeter to limit outside access and neglect the policing of their interior communications, as gaining visibility throughout...