Information Security Testing and Auditing with Nmap

Paths

Information Security Testing and Auditing with Nmap

Author: Matt Glass

Testing network security controls and discovering vulnerabilities are important parts of any organizations security plan. Nmap ("Network Mapper") is a free and open... Read more

What you will learn

  • Scan types, targets, and outcomes
  • Network service and application version detection
  • Detect vulnerabilities and test security controls
  • Detect and evade firewalls and intrusion detection systems (IDS)
  • Customize Nmap scripts to detect a specific vulnerability
  • Interpret the results of the scan(s)

Pre-requisites

Security Fundamentals

Beginner

Testing network security controls and discovering vulnerabilities are important parts of any organization's security plan. This course will help you learn how to use Nmap to discover network hosts and potential vulnerabilities.

A further course entitled "Nmap: Big Picture" is currently in production and will appear here soon.

Getting Started with Nmap

by Matt Glass

Oct 5, 2018 / 1h 25m

1h 25m

Start Course
Description

Nmap, or network mapper, is a tool that has been around for more than 20 years. In this course, Getting Started with Nmap, you will learn how this versatile tool can be broken down into phases that are easily understood and implemented. First, you will go over Nmap installation and command structure. Next, you will move progressively through each scan phase until you are leveraging more advanced features. Finally, you will have the opportunity to apply what you learn to a scenario where you use Nmap to evaluate network devices. By the end of the course, you will have a basic understanding of how to use Nmap for internal security testing and will be running your own commands to detect applications running on your devices.

Table of contents
  1. Course Overview
  2. Navigating Nmap and Its Capabilities
  3. Understanding Nmap Basic Functions
  4. Host Enumeration and Network Mapping
  5. Port Scanning with Nmap
  6. Performance and Timing
  7. Understanding Service, Application Version, and OS Detection
  8. Detecting and Scanning Firewalls
  9. Wrapping Up

Intermediate

In the first course "Testing Security Controls and Detecting Vulnerabilities with Nmap" you will learn how to leverage the capabilities of Nmap to find insecure applications and explore the weaknesses in your organization’s firewalls. "Maximizing Nmap for Security Auditing" will teach you how to leverage the Nmap Scripting Engine, write custom scripts, and automate security auditing tasks.

A further advanced course entitled "Scanning for Vulnerabilities with Nmap Scripting Engine (NSE)" is currently in production and will appear here soon.

Testing Security Controls and Detecting Vulnerabilities with Nmap

by Matt Glass

Feb 8, 2019 / 1h 38m

1h 38m

Start Course
Description

Testing network security controls and discovering vulnerabilities are important parts of any organizations security plan. In this course, Testing Security Controls and Detecting Vulnerabilities with Nmap, you will learn how to do just that. First, you will learn how Nmap conducts host discovery. Next, you will see how to perform port scans. Finally, you will learn how Nmap detects applications and operating systems. After finishing this course, you will know how to leverage the capabilities of Nmap to find insecure applications and explore the weaknesses in your organization’s network security devices.

Table of contents
  1. Course Overview
  2. Using Nmap for Security Testing
  3. Host Enumeration and Network Mapping
  4. Detecting Vulnerabilities with Nmap Port Scanning
  5. Leveraging Service and Application Version Detection
  6. Using OS Detection for Security Testing
  7. Detecting and Evading Firewalls and Intrusion Detection Systems
  8. Understanding the Nmap Scripting Engine (NSE)
  9. Wrapping Up

Maximizing Nmap for Security Auditing

by Matt Glass

Dec 31, 2019 / 1h 2m

1h 2m

Start Course
Description

Conducting an information security audit can be a lengthy and in-depth process. In this course, Maximizing Nmap for Security Auditing, you will learn how to leverage the capabilities of Nmap. First, you will discover how to use Nmap to find network hosts and potential vulnerabilities. Next, you will see how to leverage the Nmap scripting engine to increase Nmap’s capabilities. Finally, you will create custom solutions to increase your productivity and the effectiveness of the audit. When you are finished with this course, you will be ready to effectively implement Nmap in your information security audits.

Table of contents
  1. Course Overview
  2. Understanding What Nmap Can Do for Your Organization
  3. Leveraging the Nmap Scripting Engine
  4. Customizing Nmap Scripts for Security Auditing
  5. Maximizing Nmap Reports for Security Auditing
  6. Wrapping Up