New Training: Pentest Enumeration and NMAP

In this 8-video skill, CBT Nuggets trainer Bob Salmans takes you through the enumeration phase of a pentesting engagement. This is where we identify all that we can about a target using several tools and hopefully identifying some vulnerabilities that we can later exploit. Watch this new CompTIA training.

Learn CompTIA with one of these courses:

• CompTIA PenTest+ (PT0-001)

• Penetration Testing Tools

This training includes:

• 8 videos

• 53 minutes of training

You’ll learn these topics in this skill:

• Intro to Pentesting Enumeration

• Pentest Enumeration Tools

• Basic NMAP Commands

• Ping Scans with NMAP

• Scanning TCP and UDP with NMAP

• Identifying Host Attributes with NMAP

• Using NMAP Scripts

• Bypassing Firewalls with NMAP

Why NMAP Must Be in Your Pentesting Toolkit

NMAP is a free, open-source network scanning tool popular with IT admins and pentesters. Given its power, it's no surprise that NMAP is as standard a tool as Wireshark. But why?

First, because NMAP is free and open-source, it's widely available with a large community to back it. In fact, NMAP comes pre-installed in popular Linux distros like Kali. With a large community backing NMAP, learning to use it is simple.

NMAP is powerful. This tool can easily map a network, clients on that network, their OSes, and potential vulnerabilities quickly. Likewise, NMAP can work around roadblocks like firewalls and VLANs.

NMAP is extensible. If NMAP doesn't have a function that you need, there's a good chance that someone has created a script for that feature. Writing scripts for NMAP is easy and enhances the functionality of this tool far beyond what it was originally meant to handle.

If NMAP hasn't become a standard tool in your pentesting toolbox, you need to consider learning more about it. Though NMAP can be simple to learn and use, mastering NMAP will make you a pentesting guru.