Nmap for Penetration Testing: From Beginner to Advanced [Updated for 2021]

Nmap for Penetration Testing: From Beginner to Advanced [Updated for 2021]

by HackerSploit Academy
Released January 2021
Publisher(s): Packt Publishing
ISBN: 9781801074421

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to live online training experiences, plus books, videos, and digital content from O’Reilly and nearly 200 trusted publishing partners.

Start your free trial

Video description

A carefully tailored and structured course to make you an expert in Nmap in just 6.5 hours

About This Video

  • Gain a solid understanding of Nmap
  • Learn modern techniques to map and scan the network
  • Learn how to generate outputs and reports with WebMap

In Detail

Network scanning and enumeration have become an increasingly important aspect of penetration tests over the last couple of years. Organizations now have a complex network of assets storing sensitive and valuable data. To test the security posture of the organization, conducting effective network scanning and enumeration of the organization's network is mandatory. This course will help you become an expert in Nmap quickly and easily.

The course starts by showing you the steps for setting up the working and then highlights the importance of Nmap for network scanning. Next, you will grasp the fundamental concepts of networking, such as port scanning, the Open Systems Interconnection (OSI) model, network layer, and transport layer. Moving along, you will learn how to discover hosts using pings and understand advanced scanning topics that will help you to set up your own virtual hacking lab. Next, you will learn techniques to detect and evade firewalls and become familiar with the Nmap Scripting Engine (NSE). Finally, you will find out the role of enumeration services, such as File Transfer Protocol (FTP), Simple Mail Transfer Protocol (SMTP), Doman Name System (DNS), HyperText Transfer Protocol (HTTP), Server Message Block (SMB), and MySQL in network scanning.

By the end of this course, you will have all the key skills needed to use Nmap for penetration testing.

Who this book is for

If you are a penetration tester, network administrator, or system administrator, who is looking to master Nmap for discovering hosts and services on a computer network, this course is for you. Basic knowledge and understanding of the Linux terminal are needed to get started with this course.

Publisher resources

Download Example Code

Table of contents

  1. Chapter 1 : Introduction
    1. Introduction to Nmap
    2. Setting up Our Working Environment
    3. Compiling Nmap from Source
    4. Importance of Nmap for Network Scanning
  2. Chapter 2 : Networking Fundamentals
    1. Port Scanning
    2. The Open Systems Interconnection (OSI) Model
    3. Network Layer
    4. Transport Layer
    5. Transmission Control Protocol (TCP) Header Flags and TCP 3-Way Handshake
  3. Chapter 3 : Host Discovery
    1. Ping Sweep and Don't Ping
    2. Transmission Control Protocol (TCP) SYN Ping
    3. Transmission Control Protocol (TCP) ACK Ping
    4. User Datagram Protocol (UDP) Ping Scan
    5. Address Resolution Protocol (ARP) Ping
    6. Internet Control Message Protocol (ICMP) ECHO Ping and ICMP Timestamp Ping
    7. Internet Protocol (IP) Protocol Ping
    8. Traceroute and Reverse Doman Name System (DNS) Resolution
  4. Chapter 4 : Advanced Scanning
    1. Setting up Our Virtual Hacking Lab
    2. Metasploitable3 Prebuilt Virtual Machine (VM) Images
    3. Default Nmap Scan
    4. Port Scanning Options and Ranges
    5. Transmission Control Protocol (TCP) Connect Scan (-sT)
    6. Stealth (SYN) Scanning (-sS)
    7. Operating System Detection and Service Detection
    8. Aggressive Scanning
    9. User Datagram Protocol (UDP) Scanning
    10. The Reason Option
    11. The Fast Scan
    12. Verbosity, Output, and logging
    13. FIN, XMAS, and NULL Scanning
    14. WebMap - Web Dashboard for Nmap
  5. Chapter 5 : Firewall Detection and Evasion
    1. Firewall Detection with ACK Probing
    2. Packet Fragmentation
    3. Specifying Maximum Transmission Unit (MTU)
    4. Using IP Decoys
    5. Spoofing MAC Addresses
  6. Chapter 6 : Scan Timing and Performance
    1. Timing Templates
    2. Parallelism
    3. Host Timeout
    4. Scan Delay
  7. Chapter 7 : Nmap Scripting Engine (NSE)
    1. Introduction to the Nmap Scripting Engine (NSE)
    2. Nmap Scripting Engine (NSE) Syntax
    3. Script Categories
  8. Chapter 8 : Service Enumeration
    1. Banner Grabbing with Nmap
    2. Whois and Traceroute Geo-location Enumeration
    3. File Transfer Protocol (FTP) Enumeration
    4. Simple Mail Transfer Protocol (SMTP) Enumeration
    5. Doman Name System (DNS) Enumeration - Zone-transfer and DNS Bruteforce
    6. HTTP Enumeration - HTTP Methods
    7. HTTP Enumeration - Finding Hidden Files and Directories
    8. HTTP Enumeration - Web Application Firewall (WAF) Detection and Fingerprinting
    9. Server Message Block (SMB) Enumeration
    10. MySQL Enumeration
    11. Vulnerability Scanning with Nmap

Product information

  • Title: Nmap for Penetration Testing: From Beginner to Advanced [Updated for 2021]
  • Author(s): HackerSploit Academy
  • Release date: January 2021
  • Publisher(s): Packt Publishing
  • ISBN: 9781801074421