Nmap 6: Network Exploration and Security Auditing Cookbook


Nmap 6: Network Exploration and Security Auditing Cookbook
eBook: $26.99
Formats: PDF, PacktLib, ePub and Mobi formats
$22.94
save 15%!
Print + free eBook + free PacktLib access to the book: $71.98    Print cover: $44.99
$44.99
save 37%!
Free Shipping!
UK, US, Europe and selected countries in Asia.
Also available on:
Overview
Table of Contents
Author
Support
Sample Chapters
  • Master the power of Nmap 6
  • Learn how the Nmap Scripting Engine works and develop your own scripts!
  • 100% practical tasks, relevant and explained step-by-step with exact commands and optional arguments description

Book Details

Language : English
Paperback : 318 pages [ 235mm x 191mm ]
Release Date : November 2012
ISBN : 1849517487
ISBN 13 : 9781849517485
Author(s) : Paulino Calderón Pale
Topics and Technologies : All Books, Networking and Servers, Cookbooks, Open Source

Table of Contents

Preface
Chapter 1: Nmap Fundamentals
Chapter 2: Network Exploration
Chapter 3: Gathering Additional Host Information
Chapter 4: Auditing Web Servers
Chapter 5: Auditing Databases
Chapter 6: Auditing Mail Servers
Chapter 7: Scanning Large Networks
Chapter 8: Generating Scan Reports
Chapter 9: Writing Your Own NSE Scripts
References
Index
  • Chapter 1: Nmap Fundamentals
    • Introduction
    • Downloading Nmap from the official source code repository
    • Compiling Nmap from source code
    • Listing open ports on a remote host
    • Fingerprinting services of a remote host
    • Finding live hosts in your network
    • Scanning using specific port ranges
    • Running NSE scripts
    • Scanning using a specified network interface
    • Comparing scan results with Ndiff
    • Managing multiple scanning profiles with Zenmap
    • Detecting NAT with Nping
    • Monitoring servers remotely with Nmap and Ndiff
    • Chapter 2: Network Exploration
      • Introduction
      • Discovering hosts with TCP SYN ping scans
      • Discovering hosts with TCP ACK ping scans
      • Discovering hosts with UDP ping scans
      • Discovering hosts with ICMP ping scans
      • Discovering hosts with IP protocol ping scans
      • Discovering hosts with ARP ping scans
      • Discovering hosts using broadcast pings
      • Hiding our traffic with additional random data
      • Forcing DNS resolution
      • Excluding hosts from your scans
      • Scanning IPv6 addresses
      • Gathering network information with broadcast scripts
      • Chapter 3: Gathering Additional Host Information
        • Introduction
        • Geolocating an IP address
        • Getting information from WHOIS records
        • Checking if a host is known for malicious activities
        • Collecting valid e-mail accounts
        • Discovering hostnames pointing to the same IP address
        • Brute forcing DNS records
        • Fingerprinting the operating system of a host
        • Discovering UDP services
        • Listing protocols supported by a remote host
        • Discovering stateful firewalls by using a TCP ACK scan
        • Matching services with known security vulnerabilities
        • Spoofing the origin IP of a port scan
        • Chapter 4: Auditing Web Servers
          • Introduction
          • Listing supported HTTP methods
          • Checking if an HTTP proxy is open
          • Discovering interesting files and directories in various web servers
          • Brute forcing HTTP authentication
          • Abusing mod_userdir to enumerate user accounts
          • Testing default credentials in web applications
          • Brute-force password auditing WordPress installations
          • Brute-force password auditing Joomla! installations
          • Detecting web application firewalls
          • Detecting possible XST vulnerabilities
          • Detecting Cross Site Scripting vulnerabilities in web applications
          • Finding SQL injection vulnerabilities in web applications
          • Detecting web servers vulnerable to slowloris denial of service attacks
          • Chapter 5: Auditing Databases
            • Introduction
            • Listing MySQL databases
            • Listing MySQL users
            • Listing MySQL variables
            • Finding root accounts with empty passwords in MySQL servers
            • Brute forcing MySQL passwords
            • Detecting insecure configurations in MySQL servers
            • Brute forcing Oracle passwords
            • Brute forcing Oracle SID names
            • Retrieving MS SQL server information
            • Brute forcing MS SQL passwords
            • Dumping the password hashes of an MS SQL server
            • Running commands through the command shell on MS SQL servers
            • Finding sysadmin accounts with empty passwords on MS SQL servers
            • Listing MongoDB databases
            • Retrieving MongoDB server information
            • Listing CouchDB databases
            • Retrieving CouchDB database statistics
            • Chapter 6: Auditing Mail Servers
              • Introduction
              • Discovering valid e-mail accounts using Google Search
              • Detecting open relays
              • Brute forcing SMTP passwords
              • Enumerating users in an SMTP server
              • Detecting backdoor SMTP servers
              • Brute forcing IMAP passwords
              • Retrieving the capabilities of an IMAP mail server
              • Brute forcing POP3 passwords
              • Retrieving the capabilities of a POP3 mail server
              • Detecting vulnerable Exim SMTP servers version 4.70 through 4.75
              • Chapter 7: Scanning Large Networks
                • Introduction
                • Scanning an IP address range
                • Reading targets from a text file
                • Scanning random targets
                • Skipping tests to speed up long scans
                • Selecting the correct timing template
                • Adjusting timing parameters
                • Adjusting performance parameters
                • Collecting signatures of web servers
                • Distributing a scan among several clients using Dnmap
                • Chapter 8: Generating Scan Reports
                  • Introduction
                  • Saving scan results in normal format
                  • Saving scan results in an XML format
                  • Saving scan results to a SQLite database
                  • Saving scan results in a grepable format
                  • Generating a network topology graph with Zenmap
                  • Generating an HTML scan report
                  • Reporting vulnerability checks performed during a scan
                  • Chapter 9: Writing Your Own NSE Scripts
                    • Introduction
                    • Making HTTP requests to identify vulnerable Trendnet webcams
                    • Sending UDP payloads by using NSE sockets
                    • Exploiting a path traversal vulnerability with NSE
                    • Writing a brute force script
                    • Working with the web crawling library
                    • Reporting vulnerabilities correctly in NSE scripts
                    • Writing your own NSE library
                    • Working with NSE threads, condition variables, and mutexes in NSE

                    Paulino Calderón Pale

                    Paulino Calderón Pale (@calderpwn) is a very passionate software developer and penetration tester from a Caribbean island near México called Cozumel. He learned how to write code and administer IT infrastructures early in his life, skills that came in handy when he joined the information security industry. Today, he loves learning about new technologies, pen-testing, conducting data gathering experiments, developing software, contributing to the open source community, and speaking and giving workshops at IT security conferences.

                    In the summer of 2011, Paulino joined Google's Summer of Code program to work on the Nmap project as an NSE (Nmap Scripting Engine) developer. He focused on improving the web scanning capabilities of Nmap, and since then has produced over 30 scripts for gathering information and detecting and exploiting security vulnerabilities.

                    Paulino is the co-founder of Websec, an information security company focused on web security operating in México (http://websec.mx) and Canada (http://websec.ca), where they help companies in different industries secure their IT infrastructures.

                    He has also written the book Nmap 6: Network Exploration and Security Auditing Cookbook. He maintains a blog where you can find out more about him at http://calderonpale.com.

                    Sorry, we don't have any reviews for this title yet.

                    Code Downloads

                    Download the code and support files for this book.


                    Submit Errata

                    Please let us know if you have found any errors not listed on this list by completing our errata submission form. Our editors will check them and add them to this list. Thank you.


                    Errata

                    - 1 submitted: last submission 05 Sep 2013

                    Errata category: Typo | Page no : 37% of the e-book on Kindle Fire HD

                    It is : The NSE script hhttp-methods

                    It should be : The NSE script http-methods

                    Sample chapters

                    You can view our sample chapters and prefaces of this title on PacktLib or download sample chapters in PDF format.

                    Frequently bought together

                    Nmap 6: Network Exploration and Security Auditing Cookbook +    Managing eZ Publish Web Content Management Projects =
                    50% Off
                    the second eBook
                    Price for both: $35.10

                    Buy both these recommended eBooks together and get 50% off the cheapest eBook.

                    What you will learn from this book

                    • Master the basic scanning techniques for port scanning and host discovery.
                    • Implement your own host monitoring system with Nmap
                    • Perform security checks to web applications, mail servers and databases
                    • Learn to gather interesting host information not included in a typical scan
                    • Tune scans to optimize performance
                    • Create reports from the scan results
                    • Run distributed scans through several clients
                    • Write your own NSE scripts

                    In Detail

                    Nmap is a well known security tool used by penetration testers and system administrators. The Nmap Scripting Engine (NSE) has added the possibility to perform additional tasks using the collected host information. Tasks like advanced fingerprinting and service discovery, information gathering, and detection of security vulnerabilities.

                    "Nmap 6: Network exploration and security auditing cookbook" will help you master Nmap and its scripting engine. You will learn how to use this tool to do a wide variety of practical tasks for pentesting and network monitoring. Finally, after harvesting the power of NSE, you will also learn how to write your own NSE scripts.

                    "Nmap 6: Network exploration and security auditing cookbook" is a book full of practical knowledge for every security consultant, administrator or enthusiast looking to master Nmap. The book overviews the most important port scanning and host discovery techniques supported by Nmap. You will learn how to detect mis-configurations in web, mail and database servers and also how to implement your own monitoring system.

                    The book also covers tasks for reporting, scanning numerous hosts, vulnerability detection and exploitation, and its strongest aspect; information gathering.

                    Approach

                    The book is a collection of easy to follow, practical recipes with explanations of the code, and links to further information.

                    Who this book is for

                    This book is for any security consultant, administrator or enthusiast looking to learn how to use and master Nmap and the Nmap Scripting Engine.

                    Code Download and Errata
                    Packt Anytime, Anywhere
                    Register Books
                    Print Upgrades
                    eBook Downloads
                    Video Support
                    Contact Us
                    Awards Voting Nominations Previous Winners
                    Judges Open Source CMS Hall Of Fame CMS Most Promising Open Source Project Open Source E-Commerce Applications Open Source JavaScript Library Open Source Graphics Software
                    Resources
                    Open Source CMS Hall Of Fame CMS Most Promising Open Source Project Open Source E-Commerce Applications Open Source JavaScript Library Open Source Graphics Software