Discover and Enumerate Targets with Nmap
Based on information gathered through passive reconnaissance, you have identified subnets owned by the company you are pen-testing. Using Nmap, you now need to do the following: actively scan for hosts (target enumeration), identify operating systems and open ports (host identification), and enumerate services. To ensure you are testing the firewall configurations and the security team’s detection capability, you will mimic a stealthy attacker attempting to bypass protections without being noticed.
Terms and conditions apply.
Challenge
Getting Started in the Lab Environment
Here are the initial instructions and explanation of the lab environment. Read this while your environment is busy creating itself from nothing. Yes, this violates physics; we know. How fun!
Challenge
Discover Live Hosts
The general concept for target enumeration is to take a scope, like a set of subnets or domains, and narrow it down to a target list of only the hosts with services that respond. Then you enumerate those services.
Challenge
Host OS and Open Port Identification
Run Nmap and Snort simultaneously to learn how to identify hosts and their open ports without being detected by standard IDS signatures.
Challenge
Service Enumeration
With open ports enumerated on each host, now you leverage targeted scans to enumerate and identify the services running on each port.
Challenge
Vulnerability Enumeration and Exploitation with NSE
Leverage the Nmap script engine to identify and exploit weaknesses in the previously enumerated services.
Challenge
The Last Challenge
This is the last challenge of this lab, and your last chance to experience the environment before clicking finish lab, ending this small little world that flittered into existence just for you.
Provided environment for hands-on practice
We will provide the credentials and environment necessary for you to practice right within your browser.
Guided walkthrough
Follow along with the author’s guided walkthrough and build something new in your provided environment!
Did you know?
On average, you retain 75% more of your learning if you get time for practice.
Recommended prerequisites
- The lab, Discover and Enumerate Targets with Nmap, requires an understanding of Nmap use cases, basic functions, and basic command operations. Further, an understanding of reconnaissance, scanning and evasion techniques, as well as enumeration and knowledge of the penetration testing process is essential.