You will learn how to use Nmap to implement a wide variety of practical tasks related to pentesting and network monitoring. The tutorial will start with basic scanning techniques and explain Nmap fundamentals. Moving on, we will cover the advanced functionalities of the Nmap Scripting Engine (NSE) such as libraries, scripts, APIs, and so on. You will be able to perform custom tasks, learn the fundamentals of Lua programming, scan and assess mail servers and databases, Windows machines and their associated services as well as large networks.
About the Instructor
Fotis Chantzis has been a member of the main Nmap development team since 2009, when he wrote Ncrack under the mentorship of Fyodor, the original author of Nmap, during Google Summer of Code 2009 and 2010. He also represented Nmap at the Google Mentor Summit in October 2016. He is passionate about network security and is actively and professionally involved in the information security field, with his research having been published on Phrack and other venues.
Scanning Your First Target
The aim of the video is to let the viewer get acquainted with Nmap and show them its basic functionality and capabilities.
The aim of this video is to introduce some fundamental network security concepts that are needed to get a basic understanding of how Nmap works.
The aim of this video is to learn how to use Nmap’s Service Version Detection, why it is important and how it works behind the scenes.
Scanning Larger Networks
The aim of this video is to learn how to conduct host discovery with Nmap. We are also going to learn how it works and the differences between local and remote network host discovery.
The aim of this video is to learn how to fine-tune Nmap’s timing and performance parameters.
The aim of this video is to learn how to refine Nmap scans for larger networks.
Scanning and Auditing Web Servers
The aim of this video is to learn how to check for web server misconfigurations using Nmap.
Assessing Common Services
The aim of this video is to learn how to assess databases with Nmap by focusing on MySQL, one of the most popular database services.
The aim of this video is to learn how to use Nmap to assess Mail Servers.
Advanced NSE Usage
The aim of this video is to learn how to exploit SMB services by more advanced NSE scripts.
We will learn about Nmap's scanning phases and the how and when different scripts get executed.
Analyzing and Refining NSE Scripts
The aim of this video is to analyze the NSE script format and also analyze the source code of a simple NSE script, while explaining any Lua concepts along the way.
The aim of this video is to learn how to make small adjustments to NSE scripts and also add debugging output.
The aim of this video is to learn how to customize NSE scripts by adding new functionality to them. The example script will be the smb-system-info.
Mapping and Owning the Network
We learn how use Nmap and its accompanying tools (Nping, Ncat, Ncrack) in real-world scenarios.
The aim of this video is to demonstrate exploiting misconfigurations to escalate privileges and to show how to perform RDP cracking with Ncrack.
This video demonstrates the final exploitation for the remaining host of the network and recaps what we learnt throughout the course.