Subscription

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Conferences

Free Learning

You're reading from Nmap: Network Exploration and Security Auditing Cookbook Network discovery and security scanning at your fingertips

Product type Paperback

Published in May 2017

Publisher

ISBN-13 9781786467454

Length 416 pages

Edition 2nd Edition

Languages

Lua

Tools

Nmap

Concepts

Penetration Testing

Author (1):

Paulino Calderon

View More author details

Table of Contents (18) Chapters

Preface

1. Nmap Fundamentals

2. Network Exploration FREE CHAPTER

3. Reconnaissance Tasks

4. Scanning Web Servers

5. Scanning Databases

6. Scanning Mail Servers

7. Scanning Windows Systems

8. Scanning ICS SCADA Systems

9. Optimizing Scans

10. Generating Scan Reports

11. Writing Your Own NSE Scripts

12. HTTP, HTTP Pipelining, and Web Crawling Configuration Options

13. Brute Force Password Auditing Options

Brute modes

14. NSE Debugging

15. Additional Output Options

16. Introduction to Lua

17. References and Additional Reading

Scanning Web Servers

This chapter covers the following recipes:

Listing supported HTTP methods
Checking whether a web server is an open proxy
Discovering interesting files and folders in web servers
Abusing mod_userdir to enumerate user accounts
Brute forcing HTTP authentication
Brute forcing web applications
Detecting web application firewalls
Detecting possible XST vulnerabilities
Detecting XSS vulnerabilities
Finding SQL injection vulnerabilities
Detecting web servers vulnerable to slowloris denial of service attacks
Finding web applications with default credentials
Detecting web applications vulnerable to Shellshock
Detecting insecure cross-domain policies
Detecting exposed source code control systems
Auditing the strength of cipher suites in SSL servers
Scrapping e-mail accounts from web servers

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at $19.99/month. Cancel anytime

Authors (1)

Paulino Calderon

Paulino Calderon (@calderpwn on Twitter) is the cofounder of Websec, a company offering information security consulting services based in Mexico and Canada. When he is not traveling to a security conference or conducting on-site consulting for Fortune 500 companies, he spends peaceful days in Cozumel, a beautiful small island in the Caribbean, learning new technologies, conducting big data experiments, developing new tools, and finding bugs in software. Paulino is active in the open source community, and his contributions are used by millions of people in the information security industry. In 2011, Paulino joined the Nmap team during the Google Summer of Code to work on the project as an NSE developer. He focused on improving the web scanning capabilities of Nmap, and he has kept contributing to the project since then. In addition, he has been a mentor for students who focused on vulnerability detection during the Google Summer of Code 2015 and 2017. He has published Nmap 6: Network Exploration and Security Auditing Cookbook and Mastering the Nmap Scripting Engine, which cover practical tasks with Nmap and NSE development in depth. He loves attending information security conferences, and he has given talks and participated in workshops in dozens of events in Canada, the United States, Mexico, Colombia, Peru, Bolivia, and Curacao.

See other products by Paulino Calderon