Sign in Try for Free
DE

Online TCP Port Scan

Check for insecure network services that could be accessible through the Internet using our port scanner.

Run a port scan
14-day free trial. No CC required.
  • See whether your firewall is set up appropriately and if the servers have any unneeded TCP ports open
  • Identify quickly obsolete service versions and required updates
  • Get automated reports to share within your team in a continuous security approach
  • Automated online SaaS port scanner
Hirmer
Alltron
Flixbus
Instana
Ottonova
Atoss
Acrolinx
Netfonds

Port scanner features

Attackers scan targets regularly, taking an inventory of all available ports, knowing that every open port is a potential for compromise. We have developed this port scanner to avoid data loss and budget for cyber attack mitigation to make your work easier and faster.

Start 14-day free trial

Create

Create a scan target and verify it.

1

Configure

Configure the system and application credentials.

2

CI Integration

Create a webhook and start a scan via the CI Integration.

3

Get notifications

Integrate chat notification (Slack, Mattermost, Hangouts, and more).

4

Download the report

Get reports with remediations advice for every vulnerability found, risk levels, and specific solutions for each one of those.

5

Benefits

Port scanning tool benefits

  • Scan for open ports and detect with ease services running behind them.
  • Quickly share security reports with your team members in PDF, XML/JSON, or CSV formats.
  • Check for other flaws listed in the OWASP Top 10 2021.

Reports

Sample TCP port scan with Nmap reports

Download a sample result from a TCP Port Scan using Nmap and check how our software can save your time and eliminate tedious manual testing labor.

Get your report

Vulnerability overview

The report begins with a brief description of the results and risk ratings, providing you with a valuable overview of the risk levels and the number of findings.

Helpful suggestions

Each discovery includes a risk assessment and recommendations to help you get a head start on resolving the problems.

Sorted according to the severity of the threat

Starting with the most significant danger detected, vulnerabilities are ranked according to their risk assessment. This saves you time and effort by eliminating manual labor.

Continuous Security

More reasons for continuous port testing

Automated Pentesting

Perform regular black box pentests on your web assets and spend less on infrequent manual penetration tests.

Cybersecurity Risk Reduction

Benchmark your next release against OWASP Top 10 and other known vulnerabilities.

Schedule Scans

Match vulnerability scanning to your agile dev cycle.

Ensure Compliance

Scan every new release before deployment and ensure compliance with regulations and standards (HIPAA, GDPR, ISO, and many more).

Faster Vulnerability Detection

Detect and mitigate vulnerabilities quicker by scanning your web assets regularly.

Integrated Dev Pipeline

Integrate vulnerability scanning into your dev process and environment and shift security left.

What kind of results do you find from port scanning?

Port scanning works to categorize ports into one of the following categories:

  • Open: your destination replies with a message indicating that it is listening on that port and the service used for the scan (often TCP or UDP).
  • Closed: the destination received the request packet but returned a response indicating that no service was listening at the port.
  • Filtered: the port may be open, but the packet has been filtered out and dropped by a firewall, resulting in no response.

Most common TCP Ports

  • Port 80 (HTTP)
  • Port 23 (Telnet)
  • Port 443 (HTTPS)—SSL-encrypted web servers use this port by default.
  • Port 21 (FTP)
  • Port 22 (SSH)
  • Port 25 (SMTP)
  • Port 3389 (ms-term-server)
  • Port 110 (POP3)
  • Port 445 (Microsoft-DS)
  • Port 139 (NetBIOS-SSN)
  • Port 143 (IMAP)
  • Port 53 (Domain)
  • Port 135 (MSRPC)
  • Port 3306 (MySQL)
  • Port 8080 (HTTP-Proxy)
  • Port 1723 (PPTP)
  • Port 111 (RPCBind)
  • Port 995 (POP3S)
  • Port 993 (IMAPS)
  • Port 5900 (VNC)

How to do portscanning online with Crashtest Security

A port is a kind of door on the server that can be used to connect to a specific service. For a webserver, port 80 and 443, which are for HTTP/HTTPS, are most likely open to serve the website to the users. Other ports should be closed if they are not needed for any service.

The portscanner tests the webserver with an SYN scan for a wide range of open ports and reports them back. If there are any other open ports except port 80 and port 443, the firewall should block them if they are not needed.

Why should I use your TCP port scan?

Unneeded open ports on the webserver open a large attack surface to a malicious user. This can be used to find unmaintained and possibly vulnerable network services that can be targeted.

The critical advantage of using an online version of the Nmap port scanner (rather than one installed on your local PC) is that it provides an external view of your systems, similar to any hostile hacker on the Internet. Because of various firewalls and network constraints, you may get different findings if running the same scan from your internal network. In addition, our port scanner is:

  • Ready to go.
  • Upgraded regularly.
  • It has a user-friendly UI that simplifies Nmap’s cumbersome command-line options.
  • Provides you with an excellent report to share with security teams or colleagues
FAQ

Port Scan

What is port scanning?

Port is a kind of door on the server that can be used to connect to a specific service. For a web server, port 80 and port 443, which are for HTTP/HTTPS, are most likely open to serve the website to the users. Other ports should be closed if they are not needed for any service. The port scanner tests the webserver with an SYN scan for a wide range of open ports and reports them back. If there are any other open ports except port 80 and port 443, the firewall should block them if they are not needed.

Unneeded open ports on the webserver open a large attack surface to a malicious user. This can be used to find unmaintained and possibly vulnerable network services that can be targeted.

What protocols are used for port scanning?

TCP (transmission control protocol) and UDP (user datagram protocol) are the most often used protocols for port scanning (user datagram protocol). They are both internet data transfer systems; however, their mechanics are distinct.

UDP is connectionless and unstable, whereas TCP is a reliable, two-way connection-based data transfer that relies on the destination’s status to complete a successful send. Data sent through the UDP protocol is provided without regard for the destination; as a result, there is no guarantee that the data will reach its intended destination.

There are various alternative strategies for doing port scans using these two protocols.

How do hackers use port scanning as an attack method?

According to the SANS Institute, one of the most common strategies attackers employ when looking for a vulnerable server to hack is port scanning.

When attacking networks, fraudsters frequently utilize port scanning as a preparatory step. They utilize the port scan to assess various firms’ security levels and decide who has a good firewall and a weak server or network. Several TCP protocol approaches allow attackers to hide their network location and execute port scans using “decoy traffic” without disclosing their network address to the victim.

Get a quick security audit of your website for free now

We are analyzing https://example.com
wAAACH5BAEAAAAALAAAAAABAAEAAAICRAEAOw== Port Scanner
Scanning target https://example.com
Scan status: In progress
Scan target: http://example.com/laskdlaksd/12lklkasldkasada.a
Date: 26/05/2023
Crashtest Security Suite will be checking for:
Information disclosure Known vulnerabilities SSL misconfiguration Open ports
Complete your scan request
Please fill in your details receive the
quick security audit by email.
Security specialist is analyzing your scan report.
То verify your identity please provide your phone/mobile:
Thank you.
We have received your request.
As soon as your security audit is ready, we will notify you.