Time
4 hours 20 minutes
Difficulty
Intermediate
CEU/CPE
5

Video Description

This lesson offers step by step directions in how to perform a scan using NMAP. NMAP can be used as a vulnerability scanner. This lesson offers examples of scripts which can be used to accomplish this: • -p • -script • -script-arghs

Video Transcription

00:04
except we're gonna perform a scam with any man.
00:06
A lot of people don't don't know that any map can be used as a vulnerability scanner as well,
00:12
Which, uh,
00:13
it's very, uh,
00:15
very surprising for a lot of people. But
00:18
you're gonna be more knowledgeable with and map after this.
00:22
So our syntax for this scan will be n map Tak p denotes the port number. So we're gonna run against Port 80
00:31
and then we're gonna call the script
00:33
by typing Tak Tak script
00:37
in the script that we're gonna be using is an http sequel injection script that's shown here.
00:43
Next, we'll put tack, tack, script tak are eggs, and what that does is it lets us customize script even further. And what we're gonna be using to customize the script even further is an https spider,
00:59
uh, script argument,
01:00
which will initiate a spider ring of the page and give us a max page count.
01:08
And we'll give us back all the pages up to 200 pages.
01:14
And then at the end, you'll take the target i p address. So
01:18
let's go check it out.
01:19
So here we are in our Callie environment,
01:22
we have
01:25
our community here
01:26
and, uh, let's execute it and see what we get back,
01:34
all right? It was a fairly quick scan that we get from a map,
01:38
and this scan shows
01:42
why you need to use multiple tools and I just focus on one toe so and map didn't provide back the exact results that we want it.
01:51
Uh, however,
01:53
it's not to say that it won't get successful results on another page that we might try. It just means that and map isn't really set up. Thio identify the sequel injection that is present
02:09
in the pen tester lab, so
02:13
you always need Thio to use multiple tools here. You can see here, however, that
02:19
it did identify some possible
02:23
locations of sequel injections,
02:28
and it did also give us back the Mac address, and
02:30
lesson at the host is up
02:32
so
02:34
didn't give us give results back this time. That's not to say that
02:38
it won't give you good results back another time against a different resource

Up Next

Web Application Penetration Testing

In this web application penetration testing course, SME, Raymond Evans, takes you on a wild and fascinating journey into the cyber security discipline of web application pentesting. This is a very hands-on course that will require you to set up your own pentesting environment.

Instructed By

Instructor Profile Image
Raymond Evans
Instructor