Mastering Nmap

Name: Mastering Nmap
Rating: 4.6 (65 reviews)

A step-by-step tutorial to gain expertise in Nmap

Created byPackt Publishing

Last updated 5/2017

English

What you'll learn

Learn network security concepts that are required to properly comprehend and grasp how all Nmap utilities work the way they do.
Handle large numbers of results from scanning large networks.
IT administrators can effectively monitor their network for critical changes that might lead to potential vulnerabilities, by comparing the results from everyday scans.
Master the Nmap Scripting Engine (NSE) by writing new (and customizing existing) Lua scripts that further extend Nmap's capabilities.
Utilize the Nmap suite's accompanying tools to refine and effectively automate your everyday network tasks, including debugging, visualizing, monitoring, and network auditing.
Conduct host discovery, port scanning, and version and OS detection for every system in your network.

Course content

7 sections • 24 lectures • 2h 59m total length

The Course Overview5:17
This video provides an overview of the entire course.
Nmap Primer10:43
The aim of the video is to let the viewer get acquainted with Nmap and show them its basic functionality and capabilities.
Network Security Fundamentals8:44
The aim of this video is to introduce some fundamental network security concepts that are needed to get a basic understanding of how Nmap works.
Service Version Detection5:47
The aim of this video is to learn how to use Nmap’s Service Version Detection, why it is important and how it works behind the scenes.
Operating System Detection4:26
The aim of the video is to get acquainted with Nmap’s remote Operating System detection capability.

Host Discovery7:44
The aim of this video is to learn how to conduct host discovery with Nmap. We are also going to learn how it works and the differences between local and remote network host discovery.
Adjusting Timing Parameters6:13
The aim of this video is to learn how to fine-tune Nmap’s timing and performance parameters.
Optimizing Nmap Performance5:46
The aim of this video is to learn how to optimize Nmap’s performance to reduce scan time by fine-tuning its options.
Large Scale Scans4:57
The aim of this video is to learn how to refine Nmap scans for larger networks.

Checking for Misconfigurations6:30
The aim of this video is to learn how to check for web server misconfigurations using Nmap.
Interesting Points of Entry5:43
The aim of this video is to learn how to find interesting points of entry for web servers.
Exploiting Web Applications7:30
The aim of this video is to learn how to find and exploit vulnerabilities on web applications with the help of Nmap.

Assessing Databases8:01
The aim of this video is to learn how to assess databases with Nmap by focusing on MySQL, one of the most popular database services.
Assessing Mail Servers5:39
The aim of this video is to learn how to use Nmap to assess Mail Servers.
Assessing Other Services7:59
The aim of this video is to learn how to assess other services, with a focus on SSL-related vulnerabilities using NSE scripts.

Analyzing Your First NSE Script10:05
The aim of this video is to analyze the NSE script format and also analyze the source code of a simple NSE script, while explaining any Lua concepts along the way.
Adjusting NSE Scripts9:14
The aim of this video is to learn how to make small adjustments to NSE scripts and also add debugging output.
Customizing NSE Scripts9:56
The aim of this video is to learn how to customize NSE scripts by adding new functionality to them. The example script will be the smb-system-info.

Remote Enumeration and Exploitation8:05
We learn how use Nmap and its accompanying tools (Nping, Ncat, Ncrack) in real-world scenarios.
Privilege Escalation and RDP Cracking11:26
The aim of this video is to demonstrate exploiting misconfigurations to escalate privileges and to show how to perform RDP cracking with Ncrack.
Final Exploitation and Outro6:31
This video demonstrates the final exploitation for the remaining host of the network and recaps what we learnt throughout the course.

Requirements

They need have no knowledge about Nmap. However, a basic knowledge of Nmap will be helpful.

Description

You will learn how to use Nmap to implement a wide variety of practical tasks related to pentesting and network monitoring. The tutorial will start with basic scanning techniques and explain Nmap fundamentals. Moving on, we will cover the advanced functionalities of the Nmap Scripting Engine (NSE) such as libraries, scripts, APIs, and so on. You will be able to perform custom tasks, learn the fundamentals of Lua programming, scan and assess mail servers and databases, Windows machines and their associated services as well as large networks.

About the Author

Fotis Chantzis has been a member of the main Nmap development team since 2009, when he wrote Ncrack under the mentorship of Fyodor, the original author of Nmap, during Google Summer of Code 2009 and 2010. He also represented Nmap at the Google Mentor Summit in October 2016. He is passionate about network security and is actively and professionally involved in the information security field, with his research having been published on Phrack and other venues.

Who this course is for:

Aimed at system and network admins along with IT security professionals who wish to master Nmap.

Mastering Nmap

What you'll learn

Explore related topics

Course content

Scanning Your First Target5 lectures • 35min

Scanning Larger Networks4 lectures • 25min

Scanning and Auditing Web Servers3 lectures • 20min

Assessing Common Services3 lectures • 22min

Advanced NSE Usage3 lectures • 23min

Analyzing and Refining NSE Scripts3 lectures • 29min

Mapping and Owning the Network3 lectures • 26min

Requirements

Description

Who this course is for: