New Skills

New Training: Pentest Enumeration and NMAP

by Team Nuggets
New Training: All About Shells picture: A
Published on February 25, 2021

In this 8-video skill, CBT Nuggets trainer Bob Salmans takes you through the enumeration phase of a pentesting engagement. This is where we identify all that we can about a target using several tools and hopefully identifying some vulnerabilities that we can later exploit. Watch this new CompTIA training.

Learn CompTIA with one of these courses:

This training includes:

  • 8 videos

  • 53 minutes of training

You’ll learn these topics in this skill:

  • Intro to Pentesting Enumeration

  • Pentest Enumeration Tools

  • Basic NMAP Commands

  • Ping Scans with NMAP

  • Scanning TCP and UDP with NMAP

  • Identifying Host Attributes with NMAP

  • Using NMAP Scripts

  • Bypassing Firewalls with NMAP

Why NMAP Must Be in Your Pentesting Toolkit

NMAP is a free, open-source network scanning tool popular with IT admins and pentesters. Given its power, it's no surprise that NMAP is as standard a tool as Wireshark. But why?

First, because NMAP is free and open-source, it's widely available with a large community to back it. In fact, NMAP comes pre-installed in popular Linux distros like Kali. With a large community backing NMAP, learning to use it is simple.

NMAP is powerful. This tool can easily map a network, clients on that network, their OSes, and potential vulnerabilities quickly. Likewise, NMAP can work around roadblocks like firewalls and VLANs.

NMAP is extensible. If NMAP doesn't have a function that you need, there's a good chance that someone has created a script for that feature. Writing scripts for NMAP is easy and enhances the functionality of this tool far beyond what it was originally meant to handle.

If NMAP hasn't become a standard tool in your pentesting toolbox, you need to consider learning more about it. Though NMAP can be simple to learn and use, mastering NMAP will make you a pentesting guru.

Recommended Articles