
Share feedback and rate the course to help improve it, and connect with the instructor on Instagram or Facebook to build a learning community as we begin the nmap journey.
Explore the six Nmap port states, including open, closed, filtered, unfiltered, open|filtered, and closed|filtered, with practical definitions and implications for network scanning.
Explore stealth, TCP, and UDP scans in Nmap, including how stealth scans use a half handshake and how firewalls affect detectability. See UDP port 53 and DNS service detection.
Discover how nmap's version detection reveals the exact software running on each service, enabling CVE-based vulnerability research for upnp and httpd, with tools like openvas and nessus.
Learn how to use nmap verbosity and debugging to gain real-time feedback during scans, adjusting levels with D and V keys, including caps lock tricks and levels up to ten.
Master the Nmap scripting engine and Lua to leverage community scripts for discovery, vulnerability checks, and banner grabber usage, using default and category scripts.
Practice nmap and http enumeration in a lab, conducting port discovery and service versioning. Explore phpinfo details, phpMyAdmin exposure, directory listing, and ftp anonymous login with brute-force using word lists.
Learn to use nmap to detect weak ciphers and old TLS versions on a Metasploitable target, interpret SSL enum ciphers results, and leverage banners for reconnaissance in network security.
Explore nmap fragmentation and decoy techniques to evade firewalls, packet filters, and intrusion detection systems, including using multiple ip addresses to blend requests with legitimate traffic.
In Lua, uninitialized variables yield a null value with no error. Watch for typos like print names producing null, and increment values carefully.
Explore Lua variable scope: global versus local. Apply the local keyword to confine variables to a code block like a for loop, with printing and random seeds.
Master Lua tables by using key-value pairs and treating them as matrices. Learn indexing and nested tables to access elements in a three by three matrix and print results.
Write a simple Nmap NSE script that displays a message when a tcp port is open, and adapt it to udp ports to explore port states and basic usage.
Welcome to the comprehensive course on network reconnaissance, security scanning, and scripting mastery using Nmap, Lua, and NSE (Nmap Scripting Engine)! In today's digital landscape, understanding network security is paramount, and this course equips you with the essential skills to become a proficient security professional or system administrator.
Throughout this course, you'll embark on an in-depth journey into the world of Nmap, the industry-standard network scanning tool trusted by cybersecurity experts worldwide. You'll learn how to harness Nmap's powerful capabilities to conduct thorough network exploration, discover vulnerabilities, and secure systems against potential threats.
What sets this course apart is the integration of Lua scripting within Nmap's NSE, enabling you to craft custom scripts to extend Nmap's functionality and address specific security concerns. You'll delve into Lua programming fundamentals and gradually progress to writing and executing your own NSE scripts, tailored to your network's unique requirements.
Course Highlights:
Understanding Nmap Fundamentals: Gain a solid foundation in Nmap, learning its command-line interface, scanning techniques, host discovery, OS detection, service enumeration, and more.
Advanced Nmap Scanning Tactics: Explore advanced scanning methodologies, such as version detection, firewall evasion, timing options, and performance optimization for efficient and stealthy scanning.
Introduction to Lua Programming: Master the basics of Lua programming language, including syntax, data types, control structures, functions, and libraries essential for NSE scripting.
Building NSE Scripts: Learn how to write custom Nmap scripts using Lua to automate tasks, perform targeted scans, and create specialized tools for network security assessment.
Security Best Practices: Understand ethical considerations, legal implications, and best practices in network security assessment, ensuring responsible and effective use of Nmap and NSE scripting.
By the end of this course, you'll possess the expertise to leverage Nmap, Lua, and NSE scripting effectively for comprehensive network reconnaissance, vulnerability assessment, and security enhancement. Whether you're a cybersecurity enthusiast, system administrator, or IT professional aiming to fortify network defenses, this course will empower you with the necessary skills to navigate the complex landscape of network security confidently.
Join us on this learning journey and become a proficient Nmap and Lua scripting expert in the realm of network security!