Book Image

Nmap: Network Exploration and Security Auditing Cookbook - Second Edition

By : Paulino Calderon
Book Image

Nmap: Network Exploration and Security Auditing Cookbook - Second Edition

By: Paulino Calderon

Overview of this book

This is the second edition of ‘Nmap 6: Network Exploration and Security Auditing Cookbook’. A book aimed for anyone who wants to master Nmap and its scripting engine through practical tasks for system administrators and penetration testers. Besides introducing the most powerful features of Nmap and related tools, common security auditing tasks for local and remote networks, web applications, databases, mail servers, Microsoft Windows machines and even ICS SCADA systems are explained step by step with exact commands and argument explanations. The book starts with the basic usage of Nmap and related tools like Ncat, Ncrack, Ndiff and Zenmap. The Nmap Scripting Engine is thoroughly covered through security checks used commonly in real-life scenarios applied for different types of systems. New chapters for Microsoft Windows and ICS SCADA systems were added and every recipe was revised. This edition reflects the latest updates and hottest additions to the Nmap project to date. The book will also introduce you to Lua programming and NSE script development allowing you to extend further the power of Nmap.
Table of Contents (18 chapters)
13
Brute Force Password Auditing Options
17
References and Additional Reading

What this book covers

Chapter 1, Nmap Fundamentals, covers the most common tasks performed with Nmap. In addition, it introduces Rainmap Lite, Ndiff, Nping, Ncrack, Ncat, and Zenmap.

Chapter 2Network Exploration, covers host discovery techniques supported by Nmap and other useful tricks with the Nmap Scripting Engine.

Chapter 3Reconnaissance Tasks, covers interesting information-gathering tasks with Nmap and the Nmap Scripting Engine.

Chapter 4, Scanning Web Servers, covers tasks related to web servers and web application security auditing.

Chapter 5Scanning Databases, covers security auditing tasks for MySQL, MS SQL, Oracle, and NoSQL databases.

Chapter 6Scanning Mail Servers, covers different tasks for IMAP, POP3, and SMTP servers.

Chapter 7Scanning Windows Systems, covers tasks for security auditing Microsoft Windows systems.

Chapter 8Scanning ICS SCADA Systems, covers tasks for scanning and identifying Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) systems.

Chapter 9, Optimizing Scans, covers tasks from scan optimization to the distribution of scans among several clients.

Chapter 10, Generating Scan Reports, covers the output options supported by Nmap and some additional nonofficial tools to generate reports in formats that are not supported.

Chapter 11, Writing Your Own NSE Scripts, covers the fundamentals of NSE development. It includes specific examples to handle sockets, output, NSE libraries, and parallelism.

Appendix A, HTTP, HTTP Pipelining, and Web Crawling Configuration Options, covers the configuration options of libraries related to the protocol HTTP.

Appendix B, Brute Force Password Auditing Options, covers configuration options of the NSE brute force engine.

Appendix C, NSE Debugging, covers the debugging options for the Nmap Scripting Engine.

Appendix D, Additional Output Options, covers additional output options supported by Nmap.

Appendix E, Introduction to Lua, covers the basics of Lua programming.

Appendix FReferences and Additional Reading, covers references, additional reading, and official documentation used throughout this book.