New Training: Pentest Enumeration and NMAP
In this 8-video skill, CBT Nuggets trainer Bob Salmans takes you through the enumeration phase of a pentesting engagement. This is where we identify all that we can about a target using several tools and hopefully identifying some vulnerabilities that we can later exploit. Watch this new CompTIA training.
Learn CompTIA with one of these courses:
This training includes:
53 minutes of training
You’ll learn these topics in this skill:
Intro to Pentesting Enumeration
Pentest Enumeration Tools
Basic NMAP Commands
Ping Scans with NMAP
Scanning TCP and UDP with NMAP
Identifying Host Attributes with NMAP
Using NMAP Scripts
Bypassing Firewalls with NMAP
Why NMAP Must Be in Your Pentesting Toolkit
NMAP is a free, open-source network scanning tool popular with IT admins and pentesters. Given its power, it's no surprise that NMAP is as standard a tool as Wireshark. But why?
First, because NMAP is free and open-source, it's widely available with a large community to back it. In fact, NMAP comes pre-installed in popular Linux distros like Kali. With a large community backing NMAP, learning to use it is simple.
NMAP is powerful. This tool can easily map a network, clients on that network, their OSes, and potential vulnerabilities quickly. Likewise, NMAP can work around roadblocks like firewalls and VLANs.
NMAP is extensible. If NMAP doesn't have a function that you need, there's a good chance that someone has created a script for that feature. Writing scripts for NMAP is easy and enhances the functionality of this tool far beyond what it was originally meant to handle.
If NMAP hasn't become a standard tool in your pentesting toolbox, you need to consider learning more about it. Though NMAP can be simple to learn and use, mastering NMAP will make you a pentesting guru.