Information Gathering and Vulnerability Scanning

Explore passive and active reconnaissance, and discover how to use Nmap to collect information about your targets efficiently.

This module explores the tools used for passive reconnaissance, i.e., collecting information without engaging with the target. Then it introduces various essential tools used in active reconnaissance. Finally, it explores Nmap usage in detail: discovering live hosts, conducting basic port scans, and conducting advanced port scans.

Passive Reconnaissance

Learn about the essential tools for passive reconnaissance, such as whois, nslookup, and dig.

Active Reconnaissance

Learn how to use simple tools such as traceroute, ping, telnet, and a web browser to gather information.

Nmap Live Host Discovery

Learn how to use Nmap to discover live hosts using ARP scan, ICMP scan, and TCP/UDP ping scan.

Nmap Basic Port Scans

Learn in-depth how nmap TCP connect scan, TCP SYN port scan, and UDP port scan work.

Nmap Advanced Port Scans

Learn advanced techniques such as null, FIN, Xmas, and idle (zombie) scans, spoofing, in addition to FW and IDS evasion.

Need to know

Tools and Code Analysis

Explore penetration testing tools like Metasploit, Wireshark, and Burp Suite. Furthermore, discover using Python for penetration testing.

Next steps

Attacks and Exploits

Discover the various attacks and exploits that can be used against web applications, MS Windows, MS Active Directory, and Linux.

What are modules?

A learning pathway is made up of modules, and a module is made of bite-sized rooms (think of a room like a mini security lab).