Nmap 6 Network Exploration and Security Auditing Cookbook

  • 5 Respuestas
  • 4115 Vistas

0 Usuarios y 1 Visitante están viendo este tema.

Desconectado Stuxnet

  • *
  • Underc0der
  • Mensajes: 261
  • Actividad:
  • Reputación 2
  • Twitter: _stuxnet
    • Ver Perfil
    • Devel Security

Nmap 6: Network Exploration and Security Auditing Cookbook de Paulino Calderón Pale es un excelente y específico libro sobre el uso de Nmap como herramienta indispensable en proyectos de Test de Penetración.

Contenido Temático:

Chapter 1: Nmap Fundamentals

    Downloading Nmap from the official source code repository
    Compiling Nmap from source code
    Listing open ports on a remote host
    Fingerprinting services of a remote host
    Finding live hosts in your network
    Scanning using specific port ranges
    Running NSE scripts
    Scanning using a specified network interface
    Comparing scan results with Ndiff
    Managing multiple scanning profiles with Zenmap
    Detecting NAT with Nping
    Monitoring servers remotely with Nmap and Ndiff

Chapter 2: Network Exploration

    Discovering hosts with TCP SYN ping scans
    Discovering hosts with TCP ACK ping scans
    Discovering hosts with UDP ping scans
    Discovering hosts with ICMP ping scans
    Discovering hosts with IP protocol ping scans
    Discovering hosts with ARP ping scans
    Discovering hosts using broadcast pings
    Hiding our traffic with additional random data
    Forcing DNS resolution
    Excluding hosts from your scans
    Scanning IPv6 addresses
    Gathering network information with broadcast scripts

Chapter 3: Gathering Additional Host Information

    Geolocating an IP address
    Getting information from WHOIS records
    Checking if a host is known for malicious activities
    Collecting valid e-mail accounts
    Discovering hostnames pointing to the same IP address
    Brute forcing DNS records
    Fingerprinting the operating system of a host
    Discovering UDP services
    Listing protocols supported by a remote host
    Discovering stateful firewalls by using a TCP ACK scan
    Matching services with known security vulnerabilities
    Spoofing the origin IP of a port scan

Chapter 4: Auditing Web Servers

    Listing supported HTTP methods
    Checking if an HTTP proxy is open
    Discovering interesting files and directories in various web servers
    Brute forcing HTTP authentication
    Abusing mod_userdir to enumerate user accounts
    Testing default credentials in web applications
    Brute-force password auditing WordPress installations
    Brute-force password auditing Joomla! installations
    Detecting web application firewalls
    Detecting possible XST vulnerabilities
    Detecting Cross Site Scripting vulnerabilities in web applications
    Finding SQL injection vulnerabilities in web applications
    Detecting web servers vulnerable to slowloris denial of service attacks

Chapter 5: Auditing Databases

    Listing MySQL databases
    Listing MySQL users
    Listing MySQL variables
    Finding root accounts with empty passwords in MySQL servers
    Brute forcing MySQL passwords
    Detecting insecure configurations in MySQL servers
    Brute forcing Oracle passwords
    Brute forcing Oracle SID names
    Retrieving MS SQL server information
    Brute forcing MS SQL passwords
    Dumping the password hashes of an MS SQL server
    Running commands through the command shell on MS SQL servers
    Finding sysadmin accounts with empty passwords on MS SQL servers
    Listing MongoDB databases
    Retrieving MongoDB server information
    Listing CouchDB databases
    Retrieving CouchDB database statistics

Chapter 6: Auditing Mail Servers

    Discovering valid e-mail accounts using Google Search
    Detecting open relays
    Brute forcing SMTP passwords
    Enumerating users in an SMTP server
    Detecting backdoor SMTP servers
    Brute forcing IMAP passwords
    Retrieving the capabilities of an IMAP mail server
    Brute forcing POP3 passwords
    Retrieving the capabilities of a POP3 mail server
    Detecting vulnerable Exim SMTP servers version 4.70 through 4.75

Chapter 7: Scanning Large Networks

    Scanning an IP address range
    Reading targets from a text file
    Scanning random targets
    Skipping tests to speed up long scans
    Selecting the correct timing template
    Adjusting timing parameters
    Adjusting performance parameters
    Collecting signatures of web servers
    Distributing a scan among several clients using Dnmap

Chapter 8: Generating Scan Reports

    Saving scan results in normal format
    Saving scan results in an XML format
    Saving scan results to a SQLite database
    Saving scan results in a grepable format
    Generating a network topology graph with Zenmap
    Generating an HTML scan report
    Reporting vulnerability checks performed during a scan

Chapter 9: Writing Your Own NSE Scripts

    Making HTTP requests to identify vulnerable Trendnet webcams
    Sending UDP payloads by using NSE sockets
    Exploiting a path traversal vulnerability with NSE
    Writing a brute force script
    Working with the web crawling library
    Reporting vulnerabilities correctly in NSE scripts
    Writing your own NSE library
    Working with NSE threads, condition variables, and mutexes in NSE

You are not allowed to view links. Register or Login
« Última modificación: Mayo 29, 2013, 06:44:39 pm por Stuxnet »
You are not allowed to view links. Register or Login

Desconectado StuXn3t

  • *
  • Underc0der
  • Mensajes: 201
  • Actividad:
  • Country: 00
  • Reputación 0
  • Twitter: @hackem
    • Ver Perfil
    • Ethical Hacking, Malware Analysis, Disinfection Techniques and more...
Excelente Libro, gracias por el aporte!  :D
You are not allowed to view links. Register or Login

Desconectado [3V1L]

  • *
  • Underc0der
  • Mensajes: 18
  • Actividad:
  • Reputación 0
    • Ver Perfil
gracias man

Desconectado xxxcoenxxx

  • *
  • Underc0der
  • Mensajes: 22
  • Actividad:
  • Reputación 0
    • Ver Perfil
gracias!  :D :D :D

Desconectado hkm

  • *
  • Underc0der
  • Mensajes: 8
  • Actividad:
  • Reputación 0
    • Ver Perfil
eaeaea borraron el post donde les pongo donde comprar de manera legal el libro!! Que mi**** , con esto termina mi participación en underc0de.

You are not allowed to view links. Register or Login
« Última modificación: Julio 11, 2013, 03:15:10 pm por Snifer »

Desconectado Snifer

  • *
  • Ex-Staff
  • *****
  • Mensajes: 1439
  • Actividad:
  • Reputación 1
  • [email protected]'s
  • Twitter: sniferl4bs
    • Ver Perfil
    • Snifer@L4bs
Respetos guardan respetos! :)...

Dale la puerta esta abierta si gustas salir como tambien cuando desees ingresar.

You are not allowed to view links. Register or Login

Llaman traidor a la persona que evito que caiga el foro, gente bruta!


[Manual] Instalando ESET Linux Security en Distros Linux

Iniciado por LucaSthefano

Respuestas: 1
Vistas: 2673
Último mensaje Julio 22, 2012, 02:05:04 pm
por WasabiZ303
Hacking Exposed Mobile Security Secrets & Solutions

Iniciado por ZanGetsu

Respuestas: 0
Vistas: 2708
Último mensaje Julio 24, 2017, 09:27:06 pm
por ZanGetsu
LIbros / Guias - [Offensive Security] [Ingles-Español]

Iniciado por xyz

Respuestas: 0
Vistas: 3591
Último mensaje Marzo 05, 2018, 10:41:13 pm
por xyz
[Libro] Security Power tools

Iniciado por ZanGetsu

Respuestas: 1
Vistas: 2292
Último mensaje Enero 04, 2018, 08:34:49 pm
por Sanji
[LIBRO] Pro PHP Security - Second Edition

Iniciado por graphixx

Respuestas: 0
Vistas: 1565
Último mensaje Septiembre 22, 2015, 12:01:58 am
por graphixx