Scanning for Vulnerabilities with Nmap Scripting Engine (NSE)

By Matt Glass
This course will teach you how to use the built-in and custom scripts of Nmap Scripting Engine (NSE) to detect vulnerabilities.
Play course overview
Course info
Level
Advanced
Updated
Dec 9, 2020
Duration
56m
Table of contents
Course Overview
Course Overview 2m
Using Nmap to Test Authentication Controls
Overview 2m Demo: Lab Setup 3m Testing Authentication Controls 2m Nmap Auth Scripts 3m Demo: Auth Scripts 2m Brute Scripts 3m Demo: Brute Scripts 2m Summary 1m
Leveraging Nmap to Detect and Exploit Vulnerabilities
Overview 1m Detecting Backdoors Using the NSE 2m Demo: Malware Detection with the NSE 3m Detecting Web App Vulnerabilities Using Nmap Scripts 2m Demo: Detecting SQL Injection Vulnerabilities with the NSE 3m Using Nmap Fuzzer and DoS Scripts 2m Demo: Using a Fuzzer Script 2m Summary 1m
Writing a Custom Nmap Script for Vulnerability Detection
Overview 2m Demo: Vulnerability Overview 2m Custom Script Planning 2m Demo: Script Header 3m Demo: Script Action Part 1 4m Demo: Script Action Part 2 3m Demo: Improving Output 3m Summary 2m
Description
Course info
Level
Advanced
Updated
Dec 9, 2020
Duration
56m
Description

Testing network security controls and discovering vulnerabilities are important parts of an organization's security plan. In this course, Scanning for Vulnerabilities with Nmap Scripting Engine (NSE), you’ll learn to leverage the NSE and write custom scripts for Nmap. First, you’ll explore built-in NSE scripts. Next, you’ll discover network vulnerabilities of different types. Finally, you’ll learn how to write custom NSE scripts to detect and exploit vulnerabilties. When you’re finished with this course, you’ll have the skills and knowledge of the Nmap Scripting Engine needed to detect network vulnerabilities and write custom scripts.

About the author
Matt Glass
About the author

Matt Glass is an IT Project Manager in Stuttgart, Germany, working as a government contractor. He has more than 12 years of IT experience in a variety of roles.

More from the author
Manage Suricata Rule Sets and Rule Sources
Intermediate
1h 6m
Apr 27, 2021
Suricata: Getting Started
Intermediate
1h 12m
Dec 14, 2020
More courses by Matt Glass
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hello, everyone. My name is Matt Glass, and welcome to my course, Scanning for Vulnerabilities with Nmap Scripting Engine. I'm an IT project manager at Leidos, working in Stuttgart, Germany. Nmap, or Network Mapper, is a tool that's been around for more than 20 years and continues to expand its capabilities. The Nmap Scripting Engine allows you to gather more details from open ports, and in some cases, check for available exploits or valuable information. In this course, we're expanding on the information covered in the rest of the Nmap series and focusing on the features available in the NSE. We'll use a variety of built‑in scripts, and write our own custom version to find information in a database. Some of the topics that we'll cover include testing authentication controls with Nmap, detecting and exploiting vulnerabilities with Nmap scripts, and creating a custom Nmap script to exploit a vulnerability. By the end of this course, you'll be able to conduct scans and leverage the Nmap Scripting Engine and even write your own scripts to find specific information. Before beginning this course, you should be familiar with Nmap's capabilities and operation from the command line, or you can always go back and watch the previous Nmap courses in the Information Security Testing and Auditing with Nmap Path. I hope you'll join me on this journey to learn about the Nmap Scripting Engine, with the Scanning for Vulnerabilities, with the Nmap Scripting Engine course, at Pluralsight.

You're the smartest person in the room

PROVE IT

Your team won't just close the skills gap

THEY'LL HURDLE IT