pMap - Tool for Passive Discovery, Scanning, and Fingerprinting

pMap - Security Tool

pMap is a security tool that can passively discover, scan, and fingerprint link-local peers by the background noise they generate (i.e. their broadcast and multicast traffic).

Note: It requires Administrator permissions.

Features:

  • Reveals open TCP and UDP ports
  • Uses UDP, mDNS, and SSDP to identify PCs, NAS, Printers, Phones, Tablets, CCTV, DVR, and Others
  • Stand-Alone (Nmap-like output) or Agent Mode (SYSLOG)
  • Metasploit Script Included

   Usage: pmap [-t:Range] [-p:Port] [-j] [-a:SyslogServer] [-f:Function] [-v] [-s:Seconds]

Range Range which you want to scan for the open port.
(Defaults to all subnets, 255.255.255.255 or any)

Ports Ports to look for in the range.

21, 22, 23, 80, 389, 445, 5353, or 5060.
(Defaults to all ports)

Agent Address of the SYSLOG server.
(Defaults to stand-alone)

Function Function to perform.
d for Discovery Only, s for Discover and Scan, a for All.
(Defaults to Discover and Scan)

Verbose Display enumerated Name Records and Notifications.

Seconds Seconds to profile the network (Defaults to 300 seconds).

Examples:
C:\>pmap -t:10.234.61.133
C:\>pmap -t:10.234.61.0-10.234.61.255 -p:21
C:\>pmap -p:80
C:\>pmap -a:10.10.1.1
C:\>pmap -t:10.234.61.0-10.234.61.255 -f:d






from Effect Hacking full article here