Nmap for Penetration Testing: From Beginner to Advanced [Updated for 2021]

Nmap for Penetration Testing: From Beginner to Advanced [Updated for 2021]

by HackerSploit Academy
Released January 2021
Publisher(s): Packt Publishing
ISBN: 9781801074421

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Video description

Network scanning and enumeration have become an increasingly important aspect of penetration tests over the last couple of years. Organizations now have a complex network of assets storing sensitive and valuable data. To test the security posture of the organization, conducting effective network scanning and enumeration of the organization's network is mandatory. This course will help you become an expert in Nmap quickly and easily.

The course starts by showing you the steps for setting up the working and then highlights the importance of Nmap for network scanning. Next, you will grasp the fundamental concepts of networking, such as port scanning, the Open Systems Interconnection (OSI) model, network layer, and transport layer. Moving along, you will learn how to discover hosts using pings and understand advanced scanning topics that will help you to set up your own virtual hacking lab. Next, you will learn techniques to detect and evade firewalls and become familiar with the Nmap Scripting Engine (NSE). Finally, you will find out the role of enumeration services, such as File Transfer Protocol (FTP), Simple Mail Transfer Protocol (SMTP), Doman Name System (DNS), HyperText Transfer Protocol (HTTP), Server Message Block (SMB), and MySQL in network scanning.

By the end of this course, you will have all the key skills needed to use Nmap for penetration testing.

What You Will Learn

  • Distinguish between the network and transport layers
  • Work with different types of pings, such as Transmission Control Protocol (TCP), User Datagram Protocol (UDP), and Address Resolution Protocol (ARP)
  • Explore advanced scanning methods, such as aggressive, UDP, and fast scan
  • Perform firewall detection with Nmap using ACK probing
  • Learn the Nmap Scripting Engine (NSE) syntaxes
  • Perform vulnerability scanning with Nmap

Audience

If you are a penetration tester, network administrator, or system administrator, who is looking to master Nmap for discovering hosts and services on a computer network, this course is for you. Basic knowledge and understanding of the Linux terminal are needed to get started with this course.

About The Author

HackerSploit Academy: HackerSploit is aimed at protecting companies and businesses from the ever-growing threat of hackers, data breaches, malware, and ransomware. They believe in achieving this by providing essential training in the protection of systems, and by providing industry-standard defense solutions protecting web applications to enterprise networks. They also offer individual and corporate training packages in Infosec, penetration testing and Red Team Operations, web application security, and cybersecurity awareness. So far, they have trained over 500,000 students in ethical hacking, penetration testing, and Linux system administration.

Table of contents

  1. Chapter 1 : Introduction
    1. Introduction to Nmap
    2. Setting up Our Working Environment
    3. Compiling Nmap from Source
    4. Importance of Nmap for Network Scanning
  2. Chapter 2 : Networking Fundamentals
    1. Port Scanning
    2. The Open Systems Interconnection (OSI) Model
    3. Network Layer
    4. Transport Layer
    5. Transmission Control Protocol (TCP) Header Flags and TCP 3-Way Handshake
  3. Chapter 3 : Host Discovery
    1. Ping Sweep and Don't Ping
    2. Transmission Control Protocol (TCP) SYN Ping
    3. Transmission Control Protocol (TCP) ACK Ping
    4. User Datagram Protocol (UDP) Ping Scan
    5. Address Resolution Protocol (ARP) Ping
    6. Internet Control Message Protocol (ICMP) ECHO Ping and ICMP Timestamp Ping
    7. Internet Protocol (IP) Protocol Ping
    8. Traceroute and Reverse Doman Name System (DNS) Resolution
  4. Chapter 4 : Advanced Scanning
    1. Setting up Our Virtual Hacking Lab
    2. Metasploitable3 Prebuilt Virtual Machine (VM) Images
    3. Default Nmap Scan
    4. Port Scanning Options and Ranges
    5. Transmission Control Protocol (TCP) Connect Scan (-sT)
    6. Stealth (SYN) Scanning (-sS)
    7. Operating System Detection and Service Detection
    8. Aggressive Scanning
    9. User Datagram Protocol (UDP) Scanning
    10. The Reason Option
    11. The Fast Scan
    12. Verbosity, Output, and logging
    13. FIN, XMAS, and NULL Scanning
    14. WebMap - Web Dashboard for Nmap
  5. Chapter 5 : Firewall Detection and Evasion
    1. Firewall Detection with ACK Probing
    2. Packet Fragmentation
    3. Specifying Maximum Transmission Unit (MTU)
    4. Using IP Decoys
    5. Spoofing MAC Addresses
  6. Chapter 6 : Scan Timing and Performance
    1. Timing Templates
    2. Parallelism
    3. Host Timeout
    4. Scan Delay
  7. Chapter 7 : Nmap Scripting Engine (NSE)
    1. Introduction to the Nmap Scripting Engine (NSE)
    2. Nmap Scripting Engine (NSE) Syntax
    3. Script Categories
  8. Chapter 8 : Service Enumeration
    1. Banner Grabbing with Nmap
    2. Whois and Traceroute Geo-location Enumeration
    3. File Transfer Protocol (FTP) Enumeration
    4. Simple Mail Transfer Protocol (SMTP) Enumeration
    5. Doman Name System (DNS) Enumeration - Zone-transfer and DNS Bruteforce
    6. HTTP Enumeration - HTTP Methods
    7. HTTP Enumeration - Finding Hidden Files and Directories
    8. HTTP Enumeration - Web Application Firewall (WAF) Detection and Fingerprinting
    9. Server Message Block (SMB) Enumeration
    10. MySQL Enumeration
    11. Vulnerability Scanning with Nmap

Product information

  • Title: Nmap for Penetration Testing: From Beginner to Advanced [Updated for 2021]
  • Author(s): HackerSploit Academy
  • Release date: January 2021
  • Publisher(s): Packt Publishing
  • ISBN: 9781801074421