Removing Nmap from Windows - NM

Video Activity

Join over 3 million cybersecurity professionals advancing their career

Required fields are marked with an *

View all SSO options

Already have an account? Sign In »

NMAP

Course

Time

7 hours 1 minute

Difficulty

Beginner

CEU/CPE

Video Transcription

00:00

in this lesson, I'm going to simply walk you through removing and map from the Windows operating system.

00:07

I'm pretty sure that all of you know how to remove a program from Windows, but I thought I'd throw in a cool, built in Windows Command line tool that helps a pen tester cover tracks.

00:18

The obvious benefit of such a tool is that you don't have to install 1/3 party tool like Eraser or C cleaner on a compromise machine during a penetration test.

00:27

Let's get started.

00:29

Here are the learning objectives For this lesson,

00:32

this lesson will almost entirely focus on the lab.

00:36

First, I'm going to show you howto uninstall and map ends in map from a 64 bit Windows 10 installation.

00:43

Then I'm going to show you how to use a couple of built in Windows commands to make the work you did in and map completely your recoverable

00:51

in the lab. I'll walk you through removing NP cap and maps packet capture library.

00:58

Then we'll remove and map

01:00

Zen map in all of its dependencies and features.

01:03

Finally, I'll show you how to run the cipher command to make it so that all the work you did, and map will be irrecoverable.

01:11

When you delete files or folders. The data is not actually removed from the hard disk right away. Instead, the space on the disk that was occupied by that deleted data is considered de allocated.

01:23

That basically means that it has stuff on it that can't be seen by browsing the operating system in the space it used to occupy can be overwritten

01:33

until that space is overwritten.

01:36

A low level disk editor or piece of data recovery software like those used by digital forensic analysts can still actually fairly easily recover it.

01:46

However, the cipher utility is designed to prevent unauthorized recovery of such data. So using cipher will make it so that all deleted files like the ones removed by uninstalling and map

01:57

will be impossible to get back.

02:02

Welcome to the lab on removing and map

02:06

in windows.

02:08

All right, First of all, we're gonna open a command prompt

02:12

Click on the start button,

02:14

then just start type in C M. D.

02:17

Once you see, command prompted the top. Just right. Click and run his administrator.

02:25

All right, I'm gonna show you where in the file system.

02:29

And Matt stores all its files. So do a CD space

02:34

backslash

02:35

enter

02:38

on a 64 bit operating system.

02:40

It is

02:43

to a seedy space

02:45

program. Files Space

02:50

X 86

02:53

hit Enter

02:54

We'll do a D I R

02:57

and map

02:59

star dot

03:00

That'll show us all directories that start with and map.

03:05

So we see a directory right here called and MT.

03:08

That's where in map stores all its files

03:14

for now, we'll just minimize. This screen will come back to this later.

03:17

All right, now we'll go through the actual removal process.

03:22

I have control panel on my desktop, but

03:25

the best way to navigate to it is just simply click the start button

03:30

and start typing control panel,

03:36

and you can see that it's up there at the top. Just click on it.

03:42

Now we want to scroll down and find programs and features.

03:46

Click on that.

03:49

We'll maximise this screen to make it bigger.

03:53

Now simply just scroll down until you see and pea cap.

03:59

Click on it

04:00

and click Uninstall.

04:05

The wizard will just walk us through. The process,

04:18

once completed, just clicked close.

04:21

Then I'll open back up my control panel

04:27

and we'll look for and map.

04:30

Think like

04:35

then just walk through the wizard

04:43

click next

04:45

click uninstalled

04:51

Cook. Yes,

04:55

click close

04:58

and I want to open back up my command, prompt

05:01

and

05:02

click the up arrow just to run the same

05:05

command that I did last time. That is D I. R Space and map star dot in the program file's directory

05:14

hit Enter

05:16

the folder is still there.

05:18

05:23

So I'm gonna go into that folder and see what's there.

05:28

Seedy space and matter.

05:32

Enter

05:33

D I r.

05:39

So there's still some files there.

05:42

So if we want to clear our tracks

05:44

really well,

05:46

then we want to remove all of that stuff,

05:49

not just from the file system, but remove it permanently.

05:54

So the cd

05:57

dot dot

05:59

I'll do it.

06:00

Our m D I. R space

06:03

and map

06:09

says the directory is not empty.

06:16

06:17

in order to remove the directory

06:19

with files in it were to do a r m d i R. Slash s.

06:28

So do ah

06:30

r m die Our space

06:32

slash s

06:33

space

06:35

and map.

06:40

Are you sure? Why?

06:44

Now I'll do a d i r.

06:46

Space

06:46

and map. Start out again.

06:50

Found not found.

06:53

Okay, so now we removed it from the foul system. But unfortunately, as many of you know, just deleting stuff from the file system doesn't permanently remove it.

07:02

07:04

the command to permanently remove it

07:06

07:09

not very well known, but it's very effective

07:12

that is cipher.

07:14

So the command we want to execute is cipher,

07:17

space slash