Nmap 6 Network Exploration and Security Auditing Cookbook

Iniciado por Stuxnet, Mayo 12, 2013, 01:54:45 AM

Tema anterior - Siguiente tema

0 Miembros y 1 Visitante están viendo este tema.

Mayo 12, 2013, 01:54:45 AM Ultima modificación: Mayo 29, 2013, 06:44:39 PM por Stuxnet

Nmap 6: Network Exploration and Security Auditing Cookbook de Paulino Calderón Pale es un excelente y específico libro sobre el uso de Nmap como herramienta indispensable en proyectos de Test de Penetración.

Contenido Temático:

Chapter 1: Nmap Fundamentals

    Introduction
    Downloading Nmap from the official source code repository
    Compiling Nmap from source code
    Listing open ports on a remote host
    Fingerprinting services of a remote host
    Finding live hosts in your network
    Scanning using specific port ranges
    Running NSE scripts
    Scanning using a specified network interface
    Comparing scan results with Ndiff
    Managing multiple scanning profiles with Zenmap
    Detecting NAT with Nping
    Monitoring servers remotely with Nmap and Ndiff

Chapter 2: Network Exploration

    Introduction
    Discovering hosts with TCP SYN ping scans
    Discovering hosts with TCP ACK ping scans
    Discovering hosts with UDP ping scans
    Discovering hosts with ICMP ping scans
    Discovering hosts with IP protocol ping scans
    Discovering hosts with ARP ping scans
    Discovering hosts using broadcast pings
    Hiding our traffic with additional random data
    Forcing DNS resolution
    Excluding hosts from your scans
    Scanning IPv6 addresses
    Gathering network information with broadcast scripts

Chapter 3: Gathering Additional Host Information

    Introduction
    Geolocating an IP address
    Getting information from WHOIS records
    Checking if a host is known for malicious activities
    Collecting valid e-mail accounts
    Discovering hostnames pointing to the same IP address
    Brute forcing DNS records
    Fingerprinting the operating system of a host
    Discovering UDP services
    Listing protocols supported by a remote host
    Discovering stateful firewalls by using a TCP ACK scan
    Matching services with known security vulnerabilities
    Spoofing the origin IP of a port scan

Chapter 4: Auditing Web Servers

    Introduction
    Listing supported HTTP methods
    Checking if an HTTP proxy is open
    Discovering interesting files and directories in various web servers
    Brute forcing HTTP authentication
    Abusing mod_userdir to enumerate user accounts
    Testing default credentials in web applications
    Brute-force password auditing WordPress installations
    Brute-force password auditing Joomla! installations
    Detecting web application firewalls
    Detecting possible XST vulnerabilities
    Detecting Cross Site Scripting vulnerabilities in web applications
    Finding SQL injection vulnerabilities in web applications
    Detecting web servers vulnerable to slowloris denial of service attacks

Chapter 5: Auditing Databases

    Introduction
    Listing MySQL databases
    Listing MySQL users
    Listing MySQL variables
    Finding root accounts with empty passwords in MySQL servers
    Brute forcing MySQL passwords
    Detecting insecure configurations in MySQL servers
    Brute forcing Oracle passwords
    Brute forcing Oracle SID names
    Retrieving MS SQL server information
    Brute forcing MS SQL passwords
    Dumping the password hashes of an MS SQL server
    Running commands through the command shell on MS SQL servers
    Finding sysadmin accounts with empty passwords on MS SQL servers
    Listing MongoDB databases
    Retrieving MongoDB server information
    Listing CouchDB databases
    Retrieving CouchDB database statistics

Chapter 6: Auditing Mail Servers

    Introduction
    Discovering valid e-mail accounts using Google Search
    Detecting open relays
    Brute forcing SMTP passwords
    Enumerating users in an SMTP server
    Detecting backdoor SMTP servers
    Brute forcing IMAP passwords
    Retrieving the capabilities of an IMAP mail server
    Brute forcing POP3 passwords
    Retrieving the capabilities of a POP3 mail server
    Detecting vulnerable Exim SMTP servers version 4.70 through 4.75

Chapter 7: Scanning Large Networks

    Introduction
    Scanning an IP address range
    Reading targets from a text file
    Scanning random targets
    Skipping tests to speed up long scans
    Selecting the correct timing template
    Adjusting timing parameters
    Adjusting performance parameters
    Collecting signatures of web servers
    Distributing a scan among several clients using Dnmap

Chapter 8: Generating Scan Reports

    Introduction
    Saving scan results in normal format
    Saving scan results in an XML format
    Saving scan results to a SQLite database
    Saving scan results in a grepable format
    Generating a network topology graph with Zenmap
    Generating an HTML scan report
    Reporting vulnerability checks performed during a scan

Chapter 9: Writing Your Own NSE Scripts

    Introduction
    Making HTTP requests to identify vulnerable Trendnet webcams
    Sending UDP payloads by using NSE sockets
    Exploiting a path traversal vulnerability with NSE
    Writing a brute force script
    Working with the web crawling library
    Reporting vulnerabilities correctly in NSE scripts
    Writing your own NSE library
    Working with NSE threads, condition variables, and mutexes in NSE


No tienes permitido ver los links. Registrarse o Entrar a mi cuenta
No tienes permitido ver los links. Registrarse o Entrar a mi cuenta

Excelente Libro, gracias por el aporte!  :D

No tienes permitido ver los links. Registrarse o Entrar a mi cuenta



Julio 10, 2013, 07:14:29 PM #4 Ultima modificación: Julio 11, 2013, 03:15:10 PM por Snifer
eaeaea borraron el post donde les pongo donde comprar de manera legal el libro!! Que mi**** , con esto termina mi participación en underc0de.


No tienes permitido ver los links. Registrarse o Entrar a mi cuenta

Respetos guardan respetos! :)...

Dale la puerta esta abierta si gustas salir como tambien cuando desees ingresar.

Regards,
Snifer
No tienes permitido ver los links. Registrarse o Entrar a mi cuenta


Llaman traidor a la persona que evito que caiga el foro, gente bruta!