I submitted a PR to update MacPorts' version of ZMap to version 3.0.0 which was officially released!

https://github.com/macports/macports-ports/pull/19211

It's passed the build bot/CI checks.

However, since I do not have commit access, it is thanks to someone else to merge it.

Thanks to @zakir for merging one of my PRs in the upstream project before this release!

Thanks to Herby Gillot (not sure where Herby may be on the FediVerse) for giving me a heads up that 3.0.0 was officially out (I had previously been working on PRs for RC2).

#ZMap #MacPorts #OpenSource #NetworkScanning #Security

@zakir I submitted this PR which seems to have made the CI/build bots happy at least:

https://github.com/macports/macports-ports/pull/19015

Though it would probably still be advisable to get the Assets and branch tags in closer alignment for whenever this progress beyond Release Candidates?

Regardless, it's up to someone else to merge that PR, but hopefully it improves things a little bit for MacPorts users!

#ZMap #MacPorts #OpenSource #NetworkScanning

If you're interested in a minimal network port scanner, check out Qscan:

https://github.com/0xor0ne/qscan

and its companion command line tool qsc:

https://github.com/0xor0ne/qscan/tree/main/qsc

#networkscanning #network #infosec #tool

[ #AdventOfCyber2022 #tryhackme] Day 4

In Day 4 Tasks, we learn on how to do #scanning

Scanning is procedure to identify living hosts, ports, and services running on specify target.

There are 2 types of scan based on their intrusiveness:
1. #passivescan
Passive scan is scanning without touching/interacting directly with the target device. The scan usually done being capturing packages using #wireshark. However, the information you can get are fairly limited.

2. #activescanning
Active scan is scanning that interacting directly with the target service, usually by sending pocket to specific asset. The scanning will immediately do a deep scan to get a lot of information from the target.

Several #scanning techniques:
1. #networkscanning
The scan that aimed to map the entire network of the target. When an attacker has mapped the entire network of their target, they can launch #exploit through the weakness of enemy network.

2. #portscanning
The scan that aimed to look for any open port that capable of sending and retrieving request/data.

3. #vulnerabilityscanning
The scan that aimed to identify what kind of #vulnerability existed on the network that may threaten the system.

Tools to do scanning:
1. #nmap
NMAP is one of the most popular tool used for scanning a network. It can be used to scan open ports, open #networkprotocols , open #services, running #operatingsystem, etc.

2. #nikto
Nikto is a open source that can be used to identify #website for #vulnerability. It allows to search a #website for their subdomains, outdated servers, #debug messages, and many more.