Chapter Goal: Get a detailed on NMAP and learn how to conduct penetrations tests with it.
Sub -Topics
• Introduction to NMAP and ZENMAP
• Basic scanning with NMAP
• TCP scan Vs UDP scan
• Enumerating target operating systems and services
• Fine tuning the scans
• Using NMAP scripts
• Invoking NMAP from Python
Chapter 2: OpenVAS and Kali Linux
Chapter Goal: Learn vulnerability scanning and reporting with OpenVAS and get to know how it can work with NMAP
Sub - Topics
• Introduction to OpenVAS
• Installation on Kali Linux
• Importing NMAP results into OpenVAS
• Vulnerability Scanning
• Reporting
Chapter 3: Scanning with Metasploit
Chapter Goal: Get a detailed view of Metasploit’s common commands and scanning services and integrate Metasploit, NMAP and OpenVAS for efficient tests.
Sub - Topics:
1. Introduction to Metasploit
2. Overview of Metasploit Structure
3. Basic commands and configuration
4. Invoking NMAP and OpenVAS scans from Metasploit
5. Scanning services with Metasploit
6. Meterpreter Basics
Sagar Rahalkar is a seasoned information security professional having more than 11 years of comprehensive experience in various verticals of information security. His domain expertise is mainly in cyber crime investigations, digital forensics, application security, vulnerability assessment and penetration testing, compliance for mandates and regulations, and IT GRC. He holds a master’s degree in computer science and several industry recognized certifications such as Certified Cyber Crime Investigator, Certified Ethical Hacker, Certified Security Analyst, ISO 27001 Lead Auditor, IBM certified Specialist- Rational AppScan, Certified Information Security Manager (CISM), and PRINCE2 to name a few. He has been closely associated with Indian law enforcement agencies for over four years, dealing with digital crime investigations and related training for officers and has received several awards and appreciations from senior officials from police and defense organizations in India. He has written several books and articles on information security.
Get started with NMAP, OpenVAS, and Metasploit and understand how NMAP, OpenVAS, and Metasploit can be integrated with each other for greater flexibility and efficiency. In this short book you will begin by working with NMAP and ZENMAP and learning the basic scanning and enumeration process. After getting to know the differences between TCP and UDP scans, you will learn to fine tune your scans and efficiently use NMAP scripts. This will be followed by an introduction to OpenVAS vulnerability management system. You will then learn to configure OpenVAS and scan for and report vulnerabilities.
The next chapter takes you on a detailed tour of Metasploit and its basic commands and configuration. You will then invoke NMAP and OpenVAS scans from Metasploit. Lastly, you will take a look at scanning services with Metasploit and get to know more about Meterpreter, an advanced, dynamically extensible payload that is extended over the network at runtime.
The final part of the book concludes by pentesting a system in a real-world scenario, where you will apply the skills you have learnt.
You will:
Carryout basic scanning with NMAP
Invoke NMAP from Python
Use vulnerability scanning and reporting with OpenVAS