Learning Path: How to Use Nmap and Zenmap
Objective
I needed to learn how to use the Nmap and Zenmap tools for devices connected to my network. The first video below is by far the one I would consider to be the most valuable. The others had good nuggets that can be used with Nmap.
Takeaways
Nmap is a very powerful, open-source utility that allows you to discover and audit computers and devices on your network. That, coupled with a host of prebuilt scripts, will produce even more information without you having to do a tremendous amount of work.
Nmap, despite the 90’s look of their website, is not a new tool and has a huge following.
After installing Nmap on your computer, it would be wise to read the “man page” in Terminal or Command Prompt by using the following command: man nmap. This will show you all the potential flags that can be added to a Nmap command.
Nmap Scripting Engine (NSE) Libraries
Resources
Website: A very comprehensive guide from ByteXD on how to use Nmap
This video from NetworkChuck is very comprehensive and provides a great deal of information on Nmap usage.
This video from HackerSploit was good to learn the syntax for running scripts in Nmap.
Good walkthrough of Zenmap (GUI to Nmap) by Alpine Security.
Another good video from HackerSploit showing how the vulners script can be used in Nmap to discover vulnerabilities on your network. After the scan is complete, you will be presented with a list of vulnerabilites and their corresponding CVE report on the vulners.com website.
Another good Zenmap walkthrough by quidsup.
This video from Skills Build Training is long and full of information. I think it was so long because it was, at one point, a live session and some Nmap commands took a long time to run. I skipped around in this video, but found it helpful.