NMAP Revealed: Unleash the Ultimate Hacker Tool
ฝัง
- เผยแพร่เมื่อ 14 ก.ย. 2023
- Join this channel to get access to perks:
/ @pentest_tv
Let's take a look at the famous NMAP scanner - the ultimate hacker tool unleashed. NMAP is a powerful network scanning and penetration testing tool that can be used to identify security issues in your network.
If you're concerned about your network security or want to learn more about pentesting and penetration testing professionally, then this video is for you! We'll take a look at NMAP and discuss its many uses and potential pitfalls. By the end of this video, you'll have a better understanding of how NMAP can help you secure your network and protect your data!
very instructive and interesting video. I often used nmap before that is why i specially appreciate your lesson concerning the -A option. I believe that when learning (school, uni, cert, or by yourself), we seldom have to consider the fingerprints we leave or have to deal with a complex or sizeable system. We usually have a single practice target with existing vulnerabilities . Under such conditions the -A returns acceptable results without having to understand or learn about the other options and their differences. What i am trying to say is that -A is a good introduction option when starting on the security path but a bad option if we mostly rely on it as we progress
Very insightful comment and one I would 100% agree with. It's a really good point that the -A is very helpful when we're learning because it truly is. It spews forth a lot of really good information. But to your point most beginners (and some seniors) don't fully understand the totality of their actions or the tools themselves, which is one of the reasons I started doing videos again. If I can help just one person avoid some of the pitfalls I've encountered over the decades then the work to make these videos are worth it. :)
Thanks again for the comment - it is very much appreciated.
@@pentest_TV As a person who has actually benefited from watching this video, i am truly thankful to you and the efforts you made to share your wisdom and experience with us. This is why, as an aficionado of cybersecurity and pentesting in particular(my dream job), i am enthusiastically looking forward to any future videos you will share.
Thanks - we have a whole slew of videos in the queue to work on. Glad you enjoyed the video, and feel free to spread the word about this channel! I've pinned your post. :)
I watch a lot of videos about pentesting. I come across this one, and you are doing a really good job. The speed and the way how you explain things are on point. Most videos go off the point and make things to detailed or too complicated. I already know alot about Nmap, but this video would saved me so much time 😂.
Thanks for the feedback! It’s really great to hear your take on the video and I appreciate you taking the time to leave the comment. Happy hacking!… and lmk if there are any topics you’d like to see covered.
I’m in the same boat, stumbled onto this, and now watching a few others, I like the format.
I've been doing this long enough not to learn anything new here, but the information is ABSOLUTELY useful, accurate, and encourages people to understand what and why. Good job.
Thanks for the comment and validation of the contents of the video - really appreciate it! Yeah, I've been doing this a while as well and a lot of times I find misinformation or bad practices being regurgitated on videos within TH-cam. Felt it was a good time to provide my two cents based on my experience. Thanks again!!
Best video by far!
Thanks for watching and glad you enjoyed it!
Great explanation. Now i need to watch again and take notes! Keep up the good work.
Thanks for watching!... glad it helped and that you enjoyed it.
Enjoying this video. I've recently started my journey into learning cycber security basics and i'm just learning how to use Linux and Kali for the first time and I'm loving it. Looking for a career change after years of working in finance. Also the video quality and pace are really good and make it enjoyable to watch. Definitely will rewatch again when not at work. Subbed and looking forward to more videos. 🙏🏼
Hey, thanks for the comment! I'm truly glad you enjoyed it and I appreciate you subscribing! LMK if there are any topics you'd like to see and good luck with your career change!
This guy is awesome. Nmap is covered heavily at this point but this is a very good exploration of it. Great job
Glad I was able to provide a new perspective on the tool. Appreciate the feedback and comment!👍👍
another great channel with low sub number
I can't believe what I see, love that vid
Glad you enjoyed it! Just started a few weeks ago, so I’m hopeful 😄
Thanks for the comment - feel free to lmk if there is any topic you want covered.
Cool, I'm doing nmap in a bootcamp this week so I looked this up to gain some perspective.
Awesome - remember that there's a difference between real-world application and what is typically taught in course material. Real-world is so driven by being effective in your time management... courses don't really mention that much. Enjoy the journey!
Good explanations, looking forward to your other videos.
Thanks for watching - glad you found it useful!!
This was a great video. Gave me exactly the information I was looking for. Precise information, perfect examples and great advice regarding using -A. Thanks for a great video!
Hey, thanks for the feedback! I'm glad to know that the video gave you exactly what you were looking for. Stay tuned for more helpful content in the future!
Nice summary mate
Appreciate the feedback and thanks for watching! 👍👍👍
Great video Kevin!
Thanks! Name’s Thomas Wilhelm, though… appreciate your watching the video and glad you liked it.
Amazing video brother! 🤙🤙
Glad you liked it, and thanks for the comment! 👍👍
For a 439 + 1 (me) subscribers channel it's an impressive work you've done here, keep it up!
Thanks for the sub! Glad you enjoyed the video. Lmk if there’s any topic you’d like covered.
@@pentest_TV It would be a nice to see a series covering most of the red team utilities (packages), but instead of using Kali, installing them and doing their setup, which will certainly gain many views, especially that Kali is literally bloated in terms of amount of stuff in it, and I wouldn't want to depend on a distro, so I chose base Artix (systemd-less Arch) and got into installing Black Arch (Kali but for Arch) packages in it, and it's just an incredible experience, being able to man package everything and learn every technical detail and history about each package, taught me a lot of things and I'm very grateful for every moment I spent doing it.
i didnt know all that about -A. Thanks man!
Hey, thanks for the feedback! Yeah, it’s insidious 😜
Thanks for the crash course and warnings! 🙂
Thanks for watching! Glad it was helpful. 👍👍
Thank you for the class!
Thanks for watching and commenting! If there is anything you’re interested in me covering, don’t hesitate to lmk.
Great video, much appreciated, will help avoid some easily made mistakes. Very informative.
Glad you enjoyed it and thanks a lot for the comment! LMK if there are any topics you'd like to see.
Great video!
Glad you enjoyed it! And thanks for the comment… lmk if there is any other topic you want covered.
Just started my journey and this information is great
Thank you so much for your kind words! I'm glad you found the information helpful. Best of luck on your journey!
Great video! This definitely helped me use nmap more effectively!
Thanks for watching and I appreciate you commenting! Glad it helped and lmk if there are any other topics you'd like to see covered. Thanks again!
@@pentest_TV i love the theme of showing us how these tools are commonly mis used by professionals. I believe it'd help a-lot of beginners avoid these habits
Awesome - thanks for the feedback! I’ll keep doing more of that. 😃
thank you very informative and helpful
Glad it was helpful! Thanks for the comment and for watching!
Awesome video. I'm waiting for the next
Thanks! Coming very soon… make sure to click the bell for notification when it drops.
Geat explanation. Thank you
You’re very welcome. Thanks for watching and providing a comment!
Great tutorial! thank you
You are very welcome - glad you enjoyed it! Also, appreciate you letting me know.
this is some crazy stuff, thanks
Hope it helps and thanks for watching!!
Great video.
Thank you for making it.
Glad you liked it! Thanks for letting me know. 👍👍
good video sir , keep up !
Glad you enjoyed it, and seems like it’s beneficial to more than a few people… so guess I’ll keep making them. 🤗
very good video. it was all easy to understand
Oh good! Glad it was helpful. If you have any other tools you want me to highlight, lmk. Thanks for watching!
Great video. thank you.
My pleasure - thanks for letting me know you enjoyed it. 👍👍
great video sire
Much appreciated - thanks for watching and commenting!!
Ver insightful content
Thanks for letting me know!
Thanks for the knowledge shared. Good video & advise. Funny, engaging and educational.
My pleasure and glad you found it worthwhile! Thanks for watching!
you need more likes and followers, this is very educational and helpful for a career path in cybersecurity
Thank you… I really appreciate it! Just trying to share my experience and help others avoid some of the pitfalls and challenges I’ve encountered over the decades. Glad to know it’s valuable to others. 👍👍👍
Nice video. Is there any reason you used the TCP connect scan instead of the stealth scan?
Good question - unless there is a need to be quiet, such as in an adversarial red team trying to avoid detection by the blue team, there's no reason to be stealthy. Also, stealth scans dramatically slow down the pentest, so unless it's absolutely critical there is no reason to do it.
Useful 👍
Thanks for the feedback!
I get a sense that you actually loose your temper and "flip tables" on the regular
I’ve been told by my wife I’ve already hit that grumpy ol’ man phase… but truth be told I’ve never flipped a table. Wanted to, but never did. 😂
Point taken.
Thanks for watching!
like your video which are well explained
I appreciate the feedback and glad you enjoyed it!
Good video
Thanks for watching and glad you enjoyed it!
That was great info
Glad it was helpful! Thanks for watching. 👍👍👍
Awesome
Glad you enjoyed it!
Wow really good
Thanks for watching and commenting!!
why when i scan it shows all are in ignored states ??? doesnt show any ports or any other stuff
Could be because of the target's firewall, but I'd have to know more. This is a great question to bring over to the discord server: discord.gg/pee5WDfnxv
Thanks for posting the question and watching the video!
Hello 😅😅 i like your video from Thailand bro🎉🎉🎉❤
Thanks for watching! Lmk if there’s any topic you’d like to see.
is it possible to scan vms behind loadbalancer?
Really good question. Yes, but load balancers are a bit weird. the backend systems may not be identical or patched the same, so you might keep getting different results against the same IP. Just be aware that it's a possibility. Also, some scanning tools can identify load balancers (Nessus / openVAS) to give you a heads up as well.
Thanks for the question and thanks for watching!
How to make the same style of terminal? It s cool
It’s the Windows 11 command window connected to kali Linux on the AWS network.
Thanks, I will try it, btw - great course 👍
Awesome! Glad you enjoyed it!!
Can we use nmap Scripts on bug bounty to find vulnerabilities???
Really good question! The answer is “maybe? Probably?”… but it totally depends on the rules of engagement the the big bounty provides. So make sure you read and absolutely follow their rules. Some may not permit brute force, so you’ll have to exclude those, etc.
Thanks for the question!
Make video about Znmap bus got interface..🎉
I try to avoid GUI tools, especially since most internal pentests are conducted remotely through a jumphost and at the command line. Thanks for watching!
I try the commands and it's work accurately.but one thing I don't know.sir.dirctor.the command for chopping of the file.tnx for the info.
Thanks for watching and the question. Not sure exactly what you’re trying to do but I use the -oA flag for output, which allows me to export findings into other tools if necessary. The xml and grep files I use to programmatically identify potentially exploitable vulnerabilities, and the standard output is just easier for me to read.
Hope that helps. Thanks again!
I did script http along the video it took me 7736 sec (2+ hr) 🙂
Yeah… fine if you have the time but it’s a poor way to test. Thanks for letting us know!👍👍👍
Please tell me there is no need to be good in maths and coding for becoming the pentester 😂.......leave it aside to be honest i feel lucky to gain some knowledge from you sir..its my request to you please make some roadmap vedios like what should we beginners follow from early stages to get this feild
Roadmap videos… good idea! And no, math or coding isn’t really required unless you’re more interested in app pentesting or code reviews. As a network pentester, I haven’t written a script in years, and I lost all my math knowledge except for some algebra. Thanks for the comment and idea!
@@pentest_TV I don't feel sorry for your lost sir😆.... thankyou
Lmao!! Same. Thanks for watching and commenting!
I appreciate your channel and wisdom however I can not say positive things about your Alienware PC...
LMAO - don't get me started! Didn't want to make my own gaming system, ordered this, had it not work (random shutdown) for two months, and when they finally replaced it, they sent it in the wrong color! Geezus! I'll tell you what though... the 4090 kicks ass.
Thanks for watching and the comment!!
WE NEED PYTHON COURSE
PLEASE..........
My wife just said “well, yeah!” Guess I need to make a python course for hackers. 😝
@@pentest_TV sure u do :)
Idk why Network Chuck is so popular, very basic and barely goes into detail. This guy got the job done
Thanks for your vote of confidence! Glad you enjoyed the content as well. Lmk if there any topics you’d like to see, otherwise thanks for watching!👍👍👍
But aren't you exposing yourself to that website you are scanning? You are not using a vpn, proxy chains or tor, so you have not much anonymity. 🤔
You are 100 percent correct, but in all external, ethical pentests anonymity is not a concern. In fact, we ask customers beforehand if they block external connections, and if they do, to whitelist us so we don't get throttled or blocked. The only time we care about detection is during a red team so we don't alert the blue team (SOC). Remember, a pentest is a very short engagement so the fewer delays or obstacles we have, the better. Thanks for your question!
@@pentest_TV Thank you very much for your answer! But it would be pretty cool, if all this could be done anonymously. I don't know how it can function with proxychains, and I'm not even sure if proxychains actually are that anonymous.
May I also ask what you mean by red team and blue team, and what an SOC is?
Intrusion detection systems monitoring internet-facing servers usually have thresholds on what to report. You can use timing techniques to scan below those thresholds. Problem is the customer can change what those thresholds are, so what you think is “slow enough” can still get detected. The alarms that can get generated by scanning too fast is monitored by a Security Operations Center (SOC) and it’s with them that we try to avoid detection when doing red team exercises. Hope that helps a bit. Thanks for reaching back out!
Incredible advice
Thank you so much!
@pentest_TV my pleasure. I hope to see much more content on your channel. I'd be on my knees begging for an internship and would work for free to learn all your secret if I could afford it! Keep up the great work brother
We have quite a videos lined up that we are working on. Make sure you swing by our discord server too where we’ve gathered many of my peers to help answer questions.
Hey this guy is really good
Glad you enjoyed the video, and thanks for the feedback!!