Welcome to Ethical Hacking / Network Security Pentesting & Nmap.
This course starts with the basics of Network Fundamentals to Advance Exploitation.
This course starts with basics with TCP/IP Model and OSI Model and how it can be used in our day to day life. We will also learn TCP, UDP Packets, and Topologies to make our base stronger and then further move on to Ports and Protocols usage with practicals.
This course covers All the Nmap Scan Types with Wireshark Packet Analysis for a better understanding of what’s happening behind the hood.
The course also includes principles for each scan type and its Advantages and Disadvantages for Network Scans.
With this course, we will learn Target Selection Techniques for Host, Subnet Scans & Host Discovery. How to choose large Hosts from files and choose random hosts, also how to exclude them from our scans.
This course will cover port scanning and port knocking which is useful for Penetration Testing & CTF’s
Then we will see How to perform Service Version Detection for vulnerable services for exploitation.
We perform OS Detection and fuzzy scripts to identify the underlying targeted OS
We will also cover Nmap Output Formats to save the output in different formats like HTML and XML. We Willa also see How we can convert XML to CSV format for Recon of Bug Bounty & Penetration Testing.
We will cover Script Scans and use Nmap’s powerful scripting engine for scanning.
Next, we will cover the Nmap Script attack for different categories like Safe, Vulnerability, DOS, Exploit, Not Intrusive, and Boolean Expressions.
Next, we will cover Nmap for reconnaissance for Bug Bounty and Pentesting.
We will cover Nmap Protocols and Exploitation in which we will see protocols like FTP, SSH, HTTP and its exploitation. We will also cover HTTP Basic Auth Exploitation and PUT to RCE using Nmap
Next section, we will see Custom NSE scripts and its anatomy and will also learn How to write your own scripts.
In the next section, we will cover Nmap Timing Parameters and Firewall Analysis to bypass firewalls with Nmap parameters.
Next, we will cover Nmap Timing and Performance to tune Nmap Scans for better results and performance
Next, we will learn how to bypass Timing based firewalls with Nmap
Next section, we will learn How to Bypass IDS and Firewalls with Mac Spoofing, Cloak scan with decoys, Faking TTL and adding Bogus TCP/UDP Checksums.
Next, we will see The Nmap GUI which is the Zenmap
In the last section, we will write our own Python program for scanning and OS Detection based on Nmap.
Here's a more detailed breakdown of the course content:
In all the sections we will start the fundamental principle of How the scan works and How can we perform Exploitation.
1. In Introduction, We will cover What are TCP/IP Models and OSI Models, What is the difference between both and how can we implement it in our day to day life.
We will also learn about network types and fundamentals. We will also see what are network topologies and what are IP and MAC address.
2. In Ports and Protocols, We will cover fundamentals of what are ports and protocols and how do they communicate. We will see protocols like FTP, SSH, DHCP, SSH, Telnet, RDP, HTTP, HTTPS, and their practicals.
In the end, we will see the summary and revision of this section to remember the important protocols & key points.
3. In Nmap Scan Types and Techniques, We will cover most of the commonly used and important scans like TCP, Stealth, Null, UDP, FIN, XMAS, ACK, and Zombie Scan.
We will also see the advantages and disadvantages of each scan type and also see the live Packet Analysis to understand what is happening behind the hood and how all the scans differ from each other.
In the end, we will see the summary and revision of this section to remember the important Scan Types & key points.
4. In Nmap Target Selection and Techniques, We will cover How can we perform a Host Scan using Nmap. We will also see How to perform a Subnet Scan & Host Discovery to identify Live Hosts.
We will also see the difference between Netdiscover and Nmap Host Discovery and the difference between the output.
Next, we will see, How can we scan a large number of Hosts from files using a file input scan.
We will learn how to exclude hosts from a subnet scan or a File input scan if they are blacklisted or whitelisted into a network.
We will also cover How can we Bypass Windows Firewall Rule with No Host Discovery and successfully identify the information about the target.
5. In Nmap Port Scan and Techniques, We will cover How can we perform a Port Scan using Names and numbers with Nmap. We will also see How to identify only open ports perform a Fast Port Scan.
We will also see Port Knocking of hidden ports, which is useful in Penetration Testing and CTF’s. We will also see How can we scan ports without randomization and in a sequential manner along with scanning of only Top Ports.
In the end, we will see the summary and revision of this section to remember the important Port Scan Types & key points.
6. In Nmap Service version Detection, We will cover How can we perform a Service Version Detection Scan using Nmap to identify running older services on the target systems
We will also perform Service Detection with Light Intensity to All to find the exact versions of the target systems.
In the end, We will also see the Service Version trace to identify how each packet is sent and How Nmap is able to identify services based on fingerprints.
7. In Nmap OS Detection, We will cover How can we perform an OS Detection Scan using Nmap to identify Operating System and their versions installed on the targets.
We will also perform OS Detection Fuzzy scripts to find the exact versions of the OS of the target systems. We will also see the OS Detection Scripts for better identification of results.
8. In Nmap Output Formats, We will cover How can we save the output from the Nmap Scans to specific formats. This is useful as we save the output and later check if the installed software on the targets have been outdated or not for successful exploitation.
We will save the output in different formats like XML, HTML, Script Kiddie, and Greppable.
We will also see How we can convert XML output to HTML for better visual identification of hosts using xsltproc.
We will also save our XML output to CSV using python parser for bug bounty reconnaissance.
In the end, we will see how one command can save all the output types of all the formats.
9. In Nmap Script Scan, We will cover Nmap’s powerful feature its NSE engine which contains powerful and handy scripts to run on the targets. We will become familiar with the usage of scripts, help, and updating the database.
We will see how to use NSE arguments to run scripts. We will also see how you can use script sets to perform mass script scanning against the targets.
10. In Nmap Script Attack Categories, We will see different types of script categories and run all of them against the target.
We will cover scripts of categories - Safe, Vulnerability, DOS, Exploit, Not Intrusive.
We will also cover how you can run multiple script categories with the help of Boolean Expressions in Nmap.
11. In Nmap for Reconnaissance, We will see different ways to perform recon for Pentesting and Bug Bounty Hunting.
We will cover trace-route scans, geo resolution of IP’s, IP information, and get sensitive results from DNS Bruteforce
Also, We will learn how can we find live hosts on IP ranges. We will also cover whois scan, Robots scan to find information related to targets.
Next, We will see how can we identify web application firewalls on domains, So we do not get blocked by running our scans and payloads. We will also cover How can find vulnerable targets from Shodan using Nmap. We will also see how can we scrape emails from the target for enumeration and generate a sitemap for the target.
12. In Nmap Protocol Exploitation, We will see different types of exploitation for different protocols like FTP, SSH, DNS, HTTP Basic Auth.
We will also cover how can we exploit HTTP Methods to achieve Remote Code Execution using Nmap.
We will also see How can we perform Heart Bleed Scan using Nmap against any target, also will cover HTTP Open Proxy Enumeration to find any open proxies.
In last, We will see How can we perform Zone Transfer to dump all the Zone Records of master and slave servers
13. In Nmap Web Exploitation, We will see how can we perform HTTP headers and HTTP Security Headers scan to identify targets vulnerable.
We will also cover famous web-based vulnerabilities like - XSS, SQL Injection, CSRF.
In the end, we will also see to find targets vulnerable to Default Account Exploitation and IIS Web server name disclosure.
14. In Nmap Custom NSE Scripts, We will see Anatomy of Nmap’s powerful Nmap scripting engine.
In the end, We will also learn How to write our own first NSE script.
15. In Nmap Timing and Performance, We will see what are Nmap Insane Scan, Aggressive Scan, Normal Scan, Polite Scan, Sneaky Scan, and Paranoid Scan.
Next, We will see each of their breakdown using the Wireshark network analyzer.
16. In Nmap Time Based Firewalls Evasion, We will see how can a System Administrator can block Nmap Insane Scan and How can we bypass it using 2 tricks.
We will see How Administrator can block Aggressive Scan, Normal Scan, Polite Scan, Sneaky Scan, Paranoid Scan, and How can we bypass all of them by tuning our scans.
17. In Nmap Firewall & IDS Bypass, We will see how can a bypass targets with Cloak Scans and Decoys.
We will see How to spoof Mac address to hide our identities, How to change our network interfaces for scanning, How to change the source port numbers for scanning, How to send Fake TTL, How to relay proxies, How to append random data with packets, How to send Bogus TCP/UDP Checksum,
How to perform a Fragment scan to send invalid packet sizes, and perform MTU Scans.
18. In Zenmap The Nmap GUI, We will see the graphical user interface version of Nmap.
We will perform the installation of the GUI Version and learn the usage and roadmap of zenmap.
19. In Nmap with Vulscan Automation for Penetrating Testing, We will learn the setup of vulnscan with Nmap for automatic vulnerability scanning and turn Nmap into a powerful vulnerability scanner.
We will enumerate vulnerabilities based on CVE databases from different websites.
20. In Nmap with Python for Penetrating Testing, We will learn the setup of python and will learn to write our own python program for a network scanner.
In the end, we will write a python program for port scanning of targets to identify the port state as open or closed.
With this course, you get 24/7 support, so if you have any questions you can post them in the Q&A section and we'll respond to you as soon as possible.
This course is created for educational purposes only and all the websites I have performed attacks are ethically reported and fixed.
Testing any website which doesn’t have a Responsible Disclosure Policy is unethical and against the law, the author doesn’t hold any responsibility.