Nmap/Short Course: Difference between revisions
From charlesreid1
m (Admin moved page Nmap/2025 Short Course to Nmap/Short Course without leaving a redirect) |
No edit summary |
||
| Line 1: | Line 1: | ||
This short course consists of 12 short lectures | This is a 12-part short course on advanced nmap topics, intended for cybersecurity professionals. The course consists of 12 short lectures, with associated labs for each lecture (multiple scenarios for each lab). Each module builds on the last. | ||
= | ==Lab Scenarios== | ||
There are 3 scenarios that are covered in each lab. There is one lab for each lecture. | |||
Here are the lab scenarios: | |||
* '''Scenario 1 (Blue Team)''': Navigating, mapping, and auditing a corporate network with various laptops, desktops, printers, and office equipment connected to a few public and private subnets | |||
* '''Scenario 2 (Red Team)''': penetrating an pivoting inside of an industrial control system network | |||
* '''Scenario 3 (Web and Cloud Audit, Hybrid Red/Blue)''': Investigate an organization's publicly accessible web services and a small, simulated cloud environment (a few instances representing common services like servers, APIs, and storage). Red team will attempt to use nmap to identify exposed services, pinpoint versions or technology, and find security misconfigurations. Blue team will attempt to use nmap to verify only intended ports and service are exposed, audit for known vulnerabilities, identify services that are out of compliance with security policy, report findings and make recommendations. | |||
==Module 1: Nmap Mastery - Beyond the Basics== | ==Module 1: Nmap Mastery - Beyond the Basics== | ||
| Line 8: | Line 18: | ||
Lab Integration: Students will begin initial reconnaissance on all three lab scenarios using the techniques learned in this module. | Lab Integration: Students will begin initial reconnaissance on all three lab scenarios using the techniques learned in this module. | ||
Lectures: | |||
* [[Nmap/Short Course/Lecture 1]] - Precision Host Discovery & Initial Sweeps | * [[Nmap/Short Course/Lecture 1]] - Precision Host Discovery & Initial Sweeps | ||
| Line 14: | Line 26: | ||
* [[Nmap/Short Course/Lecture 4]] - Optimizing Nmap: Performance Tuning & Firewall Evasion Basics | * [[Nmap/Short Course/Lecture 4]] - Optimizing Nmap: Performance Tuning & Firewall Evasion Basics | ||
Labs: | |||
* [[Nmap/Short Course/Lab 1]] | |||
* [[Nmap/Short Course/Lab 2]] | |||
* [[Nmap/Short Course/Lab 3]] | |||
* [[Nmap/Short Course/Lab 4]] | |||
==Module 2: Red Team Nmap - Offensive Recon & Vuln Identification== | ==Module 2: Red Team Nmap - Offensive Recon & Vuln Identification== | ||
| Line 20: | Line 38: | ||
Lab Integration: Focus on applying offensive Nmap techniques within the ICS Penetration (Scenario 2) and Web/Cloud Audit (Scenario 3) labs. | Lab Integration: Focus on applying offensive Nmap techniques within the ICS Penetration (Scenario 2) and Web/Cloud Audit (Scenario 3) labs. | ||
Lectures: | |||
* [[Nmap/Short Course/Lecture 5]] - Introduction to the Nmap Scripting Engine (NSE) | * [[Nmap/Short Course/Lecture 5]] - Introduction to the Nmap Scripting Engine (NSE) | ||
| Line 25: | Line 45: | ||
* [[Nmap/Short Course/Lecture 7]] - Advanced NSE Usage & Nmap for Exploitation Support | * [[Nmap/Short Course/Lecture 7]] - Advanced NSE Usage & Nmap for Exploitation Support | ||
* [[Nmap/Short Course/Lecture 8]] - Nmap in Penetration Testing: Pivoting & Internal Recon | * [[Nmap/Short Course/Lecture 8]] - Nmap in Penetration Testing: Pivoting & Internal Recon | ||
Labs: | |||
* [[Nmap/Short Course/Lab 5]] | |||
* [[Nmap/Short Course/Lab 6]] | |||
* [[Nmap/Short Course/Lab 7]] | |||
* [[Nmap/Short Course/Lab 8]] | |||
==Module 3: Blue Team Nmap - Auditing, Defense & Network Monitoring== | ==Module 3: Blue Team Nmap - Auditing, Defense & Network Monitoring== | ||
| Line 31: | Line 58: | ||
Lab Integration: Focus on applying defensive Nmap techniques within the Corporate Network Audit (Scenario 1) and using data from all scenarios for defensive analysis. | Lab Integration: Focus on applying defensive Nmap techniques within the Corporate Network Audit (Scenario 1) and using data from all scenarios for defensive analysis. | ||
Lectures: | |||
* [[Nmap/Short Course/Lecture 9]] - Network Auditing & Inventory with Nmap | * [[Nmap/Short Course/Lecture 9]] - Network Auditing & Inventory with Nmap | ||
| Line 37: | Line 66: | ||
* [[Nmap/Short Course/Lecture 12]] - Detecting Scans, Defensive Strategies & Course Capstone | * [[Nmap/Short Course/Lecture 12]] - Detecting Scans, Defensive Strategies & Course Capstone | ||
Labs: | |||
* [[Nmap/Short Course/Lab 9]] | * [[Nmap/Short Course/Lab 9]] | ||
* [[Nmap/Short Course/Lab 10]] | * [[Nmap/Short Course/Lab 10]] | ||
| Line 71: | Line 73: | ||
* [[Nmap/Short Course/Lab 12]] | * [[Nmap/Short Course/Lab 12]] | ||
==Flags== | |||
{{NmapShortCourseFlag}} | |||
Revision as of 20:36, 26 May 2025
This is a 12-part short course on advanced nmap topics, intended for cybersecurity professionals. The course consists of 12 short lectures, with associated labs for each lecture (multiple scenarios for each lab). Each module builds on the last.
Lab Scenarios
There are 3 scenarios that are covered in each lab. There is one lab for each lecture.
Here are the lab scenarios:
- Scenario 1 (Blue Team): Navigating, mapping, and auditing a corporate network with various laptops, desktops, printers, and office equipment connected to a few public and private subnets
- Scenario 2 (Red Team): penetrating an pivoting inside of an industrial control system network
- Scenario 3 (Web and Cloud Audit, Hybrid Red/Blue): Investigate an organization's publicly accessible web services and a small, simulated cloud environment (a few instances representing common services like servers, APIs, and storage). Red team will attempt to use nmap to identify exposed services, pinpoint versions or technology, and find security misconfigurations. Blue team will attempt to use nmap to verify only intended ports and service are exposed, audit for known vulnerabilities, identify services that are out of compliance with security policy, report findings and make recommendations.
Module 1: Nmap Mastery - Beyond the Basics
Module Theme: Deep dive into Nmap's core scanning methodologies, output interpretation, and performance tuning.
Lab Integration: Students will begin initial reconnaissance on all three lab scenarios using the techniques learned in this module.
Lectures:
- Nmap/Short Course/Lecture 1 - Precision Host Discovery & Initial Sweeps
- Nmap/Short Course/Lecture 2 - Advanced Port Scanning Techniques & Service Probing
- Nmap/Short Course/Lecture 3 - OS Detection, Output Formats, and Scan Comparison
- Nmap/Short Course/Lecture 4 - Optimizing Nmap: Performance Tuning & Firewall Evasion Basics
Labs:
Module 2: Red Team Nmap - Offensive Recon & Vuln Identification
Module Theme: Leveraging Nmap for offensive security tasks, focusing on deep enumeration, vulnerability discovery using NSE, and mapping attack paths.
Lab Integration: Focus on applying offensive Nmap techniques within the ICS Penetration (Scenario 2) and Web/Cloud Audit (Scenario 3) labs.
Lectures:
- Nmap/Short Course/Lecture 5 - Introduction to the Nmap Scripting Engine (NSE)
- Nmap/Short Course/Lecture 6 - NSE for Vulnerability Discovery and Service Enumeration
- Nmap/Short Course/Lecture 7 - Advanced NSE Usage & Nmap for Exploitation Support
- Nmap/Short Course/Lecture 8 - Nmap in Penetration Testing: Pivoting & Internal Recon
Labs:
Module 3: Blue Team Nmap - Auditing, Defense & Network Monitoring
Module Theme: Employing Nmap for defensive security, including network auditing, change detection, compliance verification, and informing defensive strategies.
Lab Integration: Focus on applying defensive Nmap techniques within the Corporate Network Audit (Scenario 1) and using data from all scenarios for defensive analysis.
Lectures:
- Nmap/Short Course/Lecture 9 - Network Auditing & Inventory with Nmap
- Nmap/Short Course/Lecture 10 - Compliance, Policy Verification, and Rogue Device Detection
- Nmap/Short Course/Lecture 11 - Integrating Nmap with Defensive Tools (Wireshark, Snort/Suricata, SIEM)
- Nmap/Short Course/Lecture 12 - Detecting Scans, Defensive Strategies & Course Capstone
Labs:
Flags
