NMAP, NCAT and NGREP: The Networking Toolbox
Nmap is a highly popular, and very powerful network security tool. Nmap is used for network mapping and port scanning in the discovery of hosts and services on any network.
Nmap -sP 10.0.0.0/24
Or -sL or -sn
Ping sweep of entire network, returns device details
Nmap -p- hostname
Scans all ports of a given host and returns service details
Nmap -sS -A 10.10.1.1
Or -sV gives banner information
Portscan an IP and return complete service details
Within the NMAP suite there is also the NCAT tool. Ncat is a modern reinvention of the original Netcat, a widely used tool for interfacing with TCP/IP services over a network.
NC -lvp 10101
Ncat listens on port 10101
Nc -c 10101 hostname
Connect to host on port 10101
ncat -l -p 10101 --chat
Run a chat server on port 10101
NGREP is GREP for live network traffic. A very powerful PCAP utility, NGREP can filter traffic based on packet content or IP parameters.
Grep all network traffic to google.com
ngrep -d any "pass|USER" port 80 >> treasure
Grap all plain-text HTTP traffic containing "pass" or "USER", and append to a file named "treasure"