Nmap 6: Network exploration and security auditing Cookbook
Format: PDF / Kindle (mobi) / ePub
Want to master Nmap and its scripting engine? Then this book is for you – packed with practical tasks and precise instructions, it's a comprehensive guide to penetration testing and network monitoring. Security in depth.
- Master the power of Nmap 6
- Learn how the Nmap Scripting Engine works and develop your own scripts!
- 100% practical tasks, relevant and explained step-by-step with exact commands and optional arguments description
What will you learn
- Master the basic scanning techniques for port scanning and host discovery.
- Implement your own host monitoring system with Nmap
- Perform security checks to web applications, mail servers and databases
- Learn to gather interesting host information not included in a typical scan
- Tune scans to optimize performance
- Create reports from the scan results
- Run distributed scans through several clients
- Write your own NSE scripts
The book is a collection of easy to follow, practical recipes with explanations of the code, and links to further information.
Who is this book written for
This book is for any security consultant, administrator or enthusiast looking to learn how to use and master Nmap and the Nmap Scripting Engine.
Nmap is a well known security tool used by penetration testers and system administrators. The Nmap Scripting Engine (NSE) has added the possibility to perform additional tasks using the collected host information. Tasks like advanced fingerprinting and service discovery, information gathering, and detection of security vulnerabilities.
"Nmap 6: Network exploration and security auditing cookbook" will help you master Nmap and its scripting engine. You will learn how to use this tool to do a wide variety of practical tasks for pentesting and network monitoring. Finally, after harvesting the power of NSE, you will also learn how to write your own NSE scripts.
"Nmap 6: Network exploration and security auditing cookbook" is a book full of practical knowledge for every security consultant, administrator or enthusiast looking to master Nmap. The book overviews the most important port scanning and host discovery techniques supported by Nmap. You will learn how to detect mis-configurations in web, mail and database servers and also how to implement your own monitoring system.
The book also covers tasks for reporting, scanning numerous hosts, vulnerability detection and exploitation, and its strongest aspect; information gathering.
Exploration The Collecting valid e-mail accounts recipe in Chapter 3, Gathering Additional Host Information Chapter 1 ff ff The Discovering hostnames pointing to the same IP recipe in Chapter 3, Gathering Additional Host Information The Brute forcing DNS records recipe in Chapter 3, Gathering Additional Host Information Scanning using a specified network interface Nmap is known for its flexibility, and allows users to specify the network interface used when scanning. This is very handy when
Networks 197 Chapter 8: Generating Scan Reports 229 Introduction 175 Discovering valid e-mail accounts using Google Search 176 Detecting open relays 178 180 Brute forcing SMTP passwords 182 Enumerating users in an SMTP server 184 Detecting backdoor SMTP servers 186 Brute forcing IMAP passwords 189 Retrieving the capabilities of an IMAP mail server 190 Brute forcing POP3 passwords Retrieving the capabilities of a POP3 mail server 192 Detecting vulnerable Exim SMTP servers version
potentially-dangerous methods but also to test them. This recipe shows you how to use Nmap to enumerate all of the HTTP methods supported by a web server. How to do it... Open a terminal and enter the following command: $ nmap -p80,443 --script http-methods scanme.nmap.org The results are shown for every web server detected on ports 80 or 443: Nmap scan report for scanme.nmap.org (22.214.171.124) Host is up (0.11s latency). PORT STATE SERVICE 80/tcp open http |_http-methods: GET HEAD POST
that block requests made using Nmap's default HTTP User Agent. You can use a different User Agent value by setting the argument http.useragent: $ nmap -p80 --script http-wordpress-brute --script-args http. useragent="Mozilla 42"