In this comprehensive course, you will embark on a journey through the fundamentals and advanced techniques of Nmap, a critical tool for network scanning and penetration testing. Starting with an introduction and the setup of your working environment, you'll quickly move into compiling Nmap from source and understanding its significance in network scanning. This course is meticulously updated for 2021, ensuring you are equipped with the latest knowledge and techniques.
Nmap for Penetration Testing: From Beginner to Advanced
Nmap for Penetration Testing: From Beginner to Advanced
Gain insight into a topic and learn the fundamentals.
Intermediate level
Recommended experience
8 hours to complete
3 weeks at 2 hours a week
Flexible schedule
Learn at your own pace
What you'll learn
Define key terms related to Nmap and network scanning
Explain the purpose and functionality of various Nmap commands and options
Conduct basic and advanced network scans using Nmap in real-world scenarios.
Interpret scan results to identify network vulnerabilities and potential security threats
Skills you'll gain
Details to know
Shareable certificate
Add to your LinkedIn profile
Recently updated!
October 2024
Assessments
4 assignments
Taught in English
See how employees at top companies are mastering in-demand skills
Earn a career certificate
Add this credential to your LinkedIn profile, resume, or CV
Share it on social media and in your performance review
There are 8 modules in this course
In this module, we will explore the foundational aspects of Nmap, starting with an introduction to its capabilities and features. We will then guide you through setting up your working environment, compiling Nmap from source, and discussing its critical role in network scanning. This section sets the stage for a comprehensive understanding of Nmap and its applications.
What's included
4 videos1 reading
In this module, we will delve into the core concepts of networking that are essential for effective network scanning and security. We will begin with an overview of port scanning techniques, followed by an in-depth look at the OSI Model. You'll gain a solid understanding of the Network and Transport Layers, and we will conclude with a detailed analysis of TCP header flags and the TCP 3-way handshake, critical for ensuring reliable data communication.
What's included
5 videos
In this module, we will explore a range of host discovery techniques crucial for network reconnaissance. Starting with ping sweeps, we will cover various methods including TCP SYN and ACK pings, UDP ping scans, and ARP ping. We will also delve into the use of ICMP ECHO and Timestamp pings, IP Protocol pings, and conclude with an in-depth look at traceroute and reverse DNS resolution. This section provides the tools needed to effectively discover and map hosts within a network
What's included
8 videos1 assignment
In this module, we will dive into advanced scanning techniques using Nmap. You'll learn to set up a virtual hacking lab and deploy Metasploitable3 VM images for hands-on practice. We'll cover a variety of scan types, including default scans, TCP Connect, SYN, and UDP scans, as well as more sophisticated techniques like OS detection, service detection, and aggressive scanning. Additionally, you'll explore options for verbosity, output, logging, and visualizing scan results with WebMap. This section equips you with the skills to conduct thorough and efficient network scans.
What's included
14 videos
In this module, we will cover the techniques for detecting and evading firewalls during network scanning activities. You will learn how to use ACK probing to identify firewall presence, employ packet fragmentation to circumvent security barriers, and specify MTU settings to fine-tune your evasion methods. Additionally, we will explore the use of IP decoys to mask scanning origins and MAC address spoofing to conceal the identity of your devices. This section equips you with advanced strategies to navigate and bypass network defenses.In this module, we will cover the techniques for detecting and evading firewalls during network scanning activities. You will learn how to use ACK probing to identify firewall presence, employ packet fragmentation to circumvent security barriers, and specify MTU settings to fine-tune your evasion methods. Additionally, we will explore the use of IP decoys to mask scanning origins and MAC address spoofing to conceal the identity of your devices. This section equips you with advanced strategies to navigate and bypass network defenses.
What's included
5 videos
In this module, we will focus on enhancing the timing and performance of your scans using Nmap. You'll learn how to apply timing templates to streamline scan operations, utilize parallelism to execute multiple scans concurrently, and configure host timeout settings to control scan durations. Additionally, we will explore adjusting scan delay to ensure efficient scanning without overloading the network. This section provides the tools to maximize the effectiveness and efficiency of your scanning activities
What's included
4 videos1 assignment
In this module, we will introduce you to the Nmap Scripting Engine (NSE) and its powerful capabilities for network scanning and automation. You'll learn the syntax and structure of NSE scripts, making it easier to understand and modify them. We'll explore the different script categories and their specific uses, enabling you to select the right scripts for your tasks. Additionally, you'll gain the skills to develop custom NSE scripts, enhancing Nmap's functionality to suit your unique requirements. This section equips you with the knowledge to leverage NSE for advanced scanning and automation.
What's included
3 videos
In this module, we will dive into service enumeration techniques to extract detailed information about network services. You'll learn to perform banner grabbing, utilize Whois and traceroute for network enumeration, and conduct FTP and SMTP enumeration. We will explore DNS enumeration techniques, including zone transfers and brute-forcing, and delve into HTTP enumeration for identifying methods, hidden files, and WAFs. Additionally, we'll cover SMB and MySQL enumeration, and conclude with vulnerability scanning using Nmap. This section equips you with the skills to thoroughly investigate and analyze network services for security assessments
What's included
11 videos2 assignments
Why people choose Coursera for their career
Felipe M.
Learner since 2018
"To be able to take courses at my own pace and rhythm has been an amazing experience. I can learn whenever it fits my schedule and mood."
Jennifer J.
Learner since 2020
"I directly applied the concepts and skills I learned from my courses to an exciting new project at work."
Larry W.
Learner since 2021
"When I need courses on topics that my university doesn't offer, Coursera is one of the best places to go."
Chaitanya A.
"Learning isn't just about being better at your job: it's so much more than that. Coursera allows me to learn without limits."
New to Security? Start here.
Open new doors with Coursera Plus
Unlimited access to 7,000+ world-class courses, hands-on projects, and job-ready certificate programs - all included in your subscription
Advance your career with an online degree
Earn a degree from world-class universities - 100% online
Join over 3,400 global companies that choose Coursera for Business
Upskill your employees to excel in the digital economy
Frequently asked questions
Yes, you can preview the first video and view the syllabus before you enroll. You must purchase the course to access content not included in the preview.
If you decide to enroll in the course before the session start date, you will have access to all of the lecture videos and readings for the course. You’ll be able to submit assignments once the session starts.
Once you enroll and your session begins, you will have access to all videos and other resources, including reading items and the course discussion forum. You’ll be able to view and submit practice assessments, and complete required graded assignments to earn a grade and a Course Certificate.