Footprinting and scanning tools

This is a selection of footprinting and scanning tools you may wish to install in your MIS  Lab VM machine in order to do the course assignments. Some of these tools are NOT safe to install in your home PCs. You should be very careful in using these tools outside of the Lab. Network administrators do not take lightly the probing of their networks and may respond aggressively to your attempts to gain information about them by using some of these tools. Please note that I am emphasizing Windows tools, but we will see Linux/UNIX tools later.  

I suggest you run these tools as administrator. If they are graphical, right-click on the shortcut or .exe file and select run as admin.

  1. Sam Spade

    Download Sam Spade from this web site and install it. Sam Spade is  a graphical tool which allows you to do DNS interrogation and many other things. See a tutorial here. The features which make Sam Spade a key security tool are:

    Sam Spade also does whois, traceroute, finger and dns lookup.
  2. SuperScan

    Download SuperScan from its new location and install it. SuperScan allows you to scan a range of IP addresses and do TCP port scanning. It can check all ports, or the ones you select. It is a very fast and powerful tool. You can see a tutorial here and a youtube video, too.
  3. Nmap

  4. Download Nmap from its  Web site. You will use it in both Windows and UNIX/Linux.  It can do ping sweeps,  OS identification,  in addition to what can be done with SuperScan.  You can see most of its options and commands at  its Web site  Options summary.   and more details can be seen in its online book version. Of course you can also see an youtube video on the nmap basics.

  5. TcpView

    TcpView  is a free tool for Windows that enables you to monitor all open TCP and UDP ports on the local computer. You can download it from the Microsoft Sysinternals download site. As you can see in this image it shows not only the open ports, but also what application in your PC is linked to the open ports. If a connection is established with a remote host you can see the remote host IP number. TcpView is not a Intrusion Detection System, but provides a picture of is going on in your computer regarding to ports and refreshes automatically, so you can see the changes that are happening.
We will see, later in the course, how to set IDS and firewall software to attempt to protect your hosts. 

This page is maintained by Al Bento who can be reached at This page was last updated on August 20, 2017. Although we will attempt to keep this information accurate, we can not guarantee the accuracy of the information provided.