New Training: Pentest Enumeration and NMAP
In this 8-video skill, CBT Nuggets trainer Bob Salmans takes you through the enumeration phase of a pentesting engagement. This is where we identify all that we can about a target using several tools and hopefully identifying some vulnerabilities that we can later exploit. Watch this new CompTIA training.
Learn CompTIA with one of these courses:
This training includes:
- 8 videos
- 53 minutes of training
You’ll learn these topics in this skill:
- Intro to Pentesting Enumeration
- Pentest Enumeration Tools
- Basic NMAP Commands
- Ping Scans with NMAP
- Scanning TCP and UDP with NMAP
- Identifying Host Attributes with NMAP
- Using NMAP Scripts
- Bypassing Firewalls with NMAP
Why NMAP Must Be in Your Pentesting Toolkit
NMAP is a free, open-source network scanning tool popular with IT admins and pentesters. Given its power, it's no surprise that NMAP is as standard a tool as Wireshark. But why?
First, because NMAP is free and open-source, it's widely available with a large community to back it. In fact, NMAP comes pre-installed in popular Linux distros like Kali. With a large community backing NMAP, learning to use it is simple.
NMAP is powerful. This tool can easily map a network, clients on that network, their OSes, and potential vulnerabilities quickly. Likewise, NMAP can work around roadblocks like firewalls and VLANs.
NMAP is extensible. If NMAP doesn't have a function that you need, there's a good chance that someone has created a script for that feature. Writing scripts for NMAP is easy and enhances the functionality of this tool far beyond what it was originally meant to handle.
If NMAP hasn't become a standard tool in your pentesting toolbox, you need to consider learning more about it. Though NMAP can be simple to learn and use, mastering NMAP will make you a pentesting guru.