Advanced NMap Techniques

Advanced NMap Techniques - Hak5 2415

Рет қаралды 167,197

Күн бұрын

Hak5 -- Cyber Security Education, Inspiration, News & Community since 2005:
____________________________________________
Dan Tentler joins us to share some tips about NMap and Mass Scan!
phobos.io/
/ viss
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Shop → www.hakshop.com
Subscribe → / hak5
RSS Feeds → www.hak5.org/s...
Support → / threatwire
Amazon Associates → amzn.to/2pHgf8T
Our Site → www.hak5.org
Contact Us → / hak5
Threat Wire RSS → shannonmorse.p...
Threat Wire iTunes → itunes.apple.c...
Help us with Translations! → www.youtube.com...
For Business Inquiries, please use our contact forms → www.hak5.org/c...
Producer: Shannon Morse → / @sailorsnubs
Editor: Perrin M
Host: Shannon Morse → / snubs
Host: Darren Kitchen → / hak5darren
Host: Mubix → / mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community - where all hackers belong.

Пікірлер: 171

@ilimanjf 6 жыл бұрын

Please feature more folks like Viss on your show! Not only did we learn great technical skills but also got an insight into how these skills can be used and have been used in real-world situations. Got a lot from this one episode!

@Zubi_zoobster 5 жыл бұрын

Viss - explains things 100 miles an hour, yet still engaging and comprehensive. Legend !

@slackerengi2401 6 жыл бұрын

Can we have a Viss segment on the show? Like metasploit minute and linux terminal? Hell, why not extend it to other pen testers and have them talk about their methods and experiences

@traviscollins3682 6 жыл бұрын

Hell yeah! Keep bringing back Viss! Love that dude's talks

@mark9900 6 жыл бұрын

Finally I found out why my web is so slow here in Shenzhen, China . You were scanning me . Lol . Learn a lot from you guys . 👍

@HackerPaints 6 жыл бұрын

You guys have great on-screen chemistry. More Viss + Shannon shows please! The content of these shows is fantastic, too. :)

@SOulDie22 5 жыл бұрын

this guys a legend! very good at explaining what hes on about

@bakkasur9614 6 жыл бұрын

This is why I love hak5. Gurus showing real stuff.

@MauricioMartinez0707 6 жыл бұрын

This guy knows so much, keep him on the show more often please

@Vinayak123-q8p 2 жыл бұрын

amazing, this could be probably one of the biggest information that i have ever been given. we need such playlist more and more in upcoming days. i hope i made you understand the things that i wanted to make you understand. we need such techniques more and more in upcoming days.

@volksbugly 6 жыл бұрын

xargs is probably my favorite cmdline tool :D but word of advice, first always run your xarged command with an echo first to make sure you set it up right :D

@snkd8224 5 жыл бұрын

my left ear really loved this episode

@thecomputerinside 6 жыл бұрын

Viss: Master of FPV drones, tinywhooping, Shodan, and destroying things with LAZERS

@MilanAntonijevic 6 жыл бұрын

nice video, thanks for the tips. Just as a hint, grep has a feature that can exclude it from the results, using, for example "grep [n]map", instead of "grep nmap | grep -v grep". Cheers

@vb6code 4 жыл бұрын

one of the best videos I have ever seen

@MrWilde 6 жыл бұрын

Once you've done the sweeps then you can do the bleeps and the creeps. ;)

@vissago 6 жыл бұрын

i straight thought this in my head while i was saying it, but im no where good as michael winslow so I didn't even try :D

@captainblood9616 5 жыл бұрын

:D Respect + .. I fully lol'd on that one

@szmonszmon 6 жыл бұрын

Good for you that we not switched to IPv6 :P Thank you Hak5!

@Cygnus0lor 6 жыл бұрын

"This is a laptop..." "Oh wow."

@mookmerkin1 5 жыл бұрын

Agreed. A little less fake "wonderment" vocalized on every other sentence would make this much more useful and tolerable video.

@Kenneth_the_Philosopher 5 жыл бұрын

She's nice! Cool it, man.

@mookmerkin1 5 жыл бұрын

@@Kenneth_the_Philosopher Guys like you are the reason she's there, it seems. Why not let her show her brains and add to the video, being something other than a cheerleader?

@bendover4728 4 жыл бұрын

This was like a pr0n video.. "Oh wow! Oh nice! Yeah, yeah! Oh, oh, yes yes.."

@mysticgod7406 4 жыл бұрын

@@bendover4728 Not wanna ruin the purpose of the video.....But Bruh....you're damn right😂😂😂

@m1stax-pl01t7 6 жыл бұрын

Viss has been the man for a while haha.

@tzisorey 6 жыл бұрын

All cool stuff, but the thing that impressed me the most, was his ability to spell parallellelism.

@tzisorey 6 жыл бұрын

Might implement the thing about scanning the office's internal network for newly opened ports, though - I do work for a lot of real estate agencies, and not only is the sales staff turnover ridiculously high, but they're all BYO laptops. I've gone bald from the frustrations.

@tzisorey 6 жыл бұрын

And don't even get me started on the GeeDee software they insist on using. Not only does it require Borland Database Engine to be in Win3.1 compatibility mode, with Write Cache disabled on all computers, and the /Program Files/GeeDee folder to be excluded from all virus scans - but they only recently got rid of the _requirement_ that PC Anywhere be installed on "the main computer", open to the internet, with _a specific username and password,_ that are *published in their documentation freely available on the internet.* ...Not to suggest that these things could be problematic...

@ugli1440 2 жыл бұрын

when he asked if she was familiar with syn/ack handshake hahaha she looked like she died inside. 🤣

@SharpRaccoonTeeth 6 жыл бұрын

Can viss become a host ? He is legend

@pfsmith007 5 жыл бұрын

He's talented. Fun to watch.

@dhombios 6 жыл бұрын

An episode about analyzing information gathered through nmap and osint tools like spiderfoot or the harvester with elasticsearch (or any big data analysis tool) would be really interesting as all of them just provide a just small piece of information which becomes meaningful when it is integrated with the one found by the other programs used

@mikereid8425 6 жыл бұрын

AWESOME video, learning so much

@3x3Qt 6 жыл бұрын

I wish Shannon wouldn’t say “of course” so often. It doesn’t add much to the show, belittles the audience, and makes the guest sound like they’re stating the obvious. Dan is my hero, and he’s very good at explaining things too.

@user-ef5zk5on3d 6 жыл бұрын

Very useful video, high level of giving knowledges. Do more vids, please, in this way.

@llortaton2834 2 жыл бұрын

Viss : *talks* Girl : *oh wow*

@nissanpacific9793 6 жыл бұрын

lmao the motion fx in this episode crack me up hahaha

@ericsmith1801 6 жыл бұрын

Hey Shannon, how about a segment on machine learning applied to penetration testing? I am thinking of finding patterns in traffic analysis perhaps

@abnerkantasingh5516 8 ай бұрын

Great gold reference

@xlr555usa 6 жыл бұрын

So only ipv4 was being scanned? What about ipv6 addresses?

@guneshshanbhag6208 6 жыл бұрын

Ohhhh boy...10 to 2 is 4 hours:)

@BruceWayne-ep9hp 6 жыл бұрын

"I also have problems with reading comprehension."

@jakethewoz 6 жыл бұрын

Not used to watching Viss without the doc anymore...

@ewookiis 6 жыл бұрын

So... Cutting is brutal, but I know Viss have a bit of a overload of info to burp ;).

@Warlock1515 5 жыл бұрын

Best nmap video ever♥️😍

@clarenceyoung3041 5 жыл бұрын

Awesome!! This will help greatly with work!

@ariafathi5683 5 жыл бұрын

Which one is the most reliable tool to scan for rdp(3389)? zmap, masscan, nmap or anything else?

@craxxysum1264 4 жыл бұрын

from 10 to 14 are 4 hour dude, the count doesn't start from zero when we are in the time domain :) :) :)

@1nf3c7-tious 4 жыл бұрын

Eternal blue almost get me caught by the feds.

@lukasandresson3990 4 жыл бұрын

I Wonder how many times they have to route the packages to get to the destination. Nmap has a built in function for scanning the subnet.

@tubemasterninja01 6 жыл бұрын

love the name of the mounted drive on viss' desktop

@vissago 6 жыл бұрын

I did that on purpose hoping someone would catch it and frankly im surprised the os let me do that - your'e the first to mention it :D

@tubemasterninja01 6 жыл бұрын

vissago that’s hilarious! I had to stop and think if I had missed a new way of injecting code :) that made me think for a sec.

@stanly720 6 жыл бұрын

Someone explain this to me

@rev0luci0n 6 жыл бұрын

Awesome video need moar Viss!

@frankbaron1608 6 жыл бұрын

that look at the camera was so perfect

@chizukichan 6 жыл бұрын

Vissago Thank you for making Shodan. I'm working on a Kodi Plug-In (next step: screen saver) that let's one channel surf through random IP cams and Shodan has been incredibly useful for building a list of them that are online. What's a good way to make the plug-in scale? I'm worried about too many people connecting to the same camera or using the plug-in to "scrape" my API (rate-limiting already implemented but not tested with more than a few machines). Also, AWS does not seem like the place to put a REST API that is suggesting people access IP Cams that aren't theirs. Who might be okay with this?

@juliavanderkris5156 6 жыл бұрын

Viss didn't make shodan. Shodan is made by John Matherly (aka achillean). Viss is still awesome though.

@LakeVermilionDreams 6 жыл бұрын

If you're going to do jump cuts, maybe the animated screen in the back that makes it blatantly and distractingly obvious might need to be reconsidered. Small nitpick, I know, and I mean nothing but friendly advice, so please don't take me wrong! Just my observation

@stan464 6 жыл бұрын

LakeVermilionDreams rhheeeeeee??

@hak5 6 жыл бұрын

Meh.

@tombola3412 6 жыл бұрын

What the hell are you talking about at what time was there a jump cut?

@LakeVermilionDreams 6 жыл бұрын

Hak5 wow no wonder people hate the KZfaq comment sections when even the content creators can't even comment something on a productive manner. Normally this channel has been pretty good at interacting with fans, but this sarcasm leaves a bad taste in the mouth.

@ko-Daegu 6 жыл бұрын

LakeVermilionDreams Dude it’s not big of a deal ... If you have a problem creat your own hak5 ... How about that 👶...

@gogogravity 5 жыл бұрын

Tarpitting! Reminded me of LaBrea Tarpit which I used for over a decade and always worked perfectly.

@ncktyu 5 жыл бұрын

I have no idea what is going on. What's a good series of videos to begin to understand this

@Claeys67 4 жыл бұрын

29:19 Viss: So, the idea here is, this is gonna tell us what's up and what's not up, and then what we can do is, we can take that last script that we were using, and we can incorporate one into the other and say well, when we get the results of this, ... Shannon: ItS sO bEaUtIfUl! Viss: ... well it gets more interesting, check it out... Shannon: It LoOkS lIkE a UnIcOrN! Shannon Morse -- Video Host. Speaker.

@fuckyeahnigge 6 жыл бұрын

shannon mesmerized by viss lol XD

@TemperedWambat 6 жыл бұрын

I know you could tell by body language and eye movement

@gaflying3448 5 жыл бұрын

And where she whipped him with the blue cable.

@garynagle3093 6 жыл бұрын

Great show.

@crunchy1653 6 жыл бұрын

I love Viss!

@Kenneth_the_Philosopher 5 жыл бұрын

Smart Guy.

@spicybaguette7706 5 жыл бұрын

xargs is amaaaaaaaazing!

@xealit 5 жыл бұрын

Cool scripting in the video! But probably a more fitting title would be "techniques to scale nmap" or something alike. ("Scaling nmap to 100mbit"?)

@ericsmith1801 6 жыл бұрын

Let me guess, the 50 VMs doing portscans are going to be located on servers in India when scanning ports in China, since the two countries don't cooperate that much :)

@ajjmunoz 6 жыл бұрын

I wonder exactly what viss said that required a post production edit 38:31 maybe a "TMI" moment or a slip of the tongue? Trust your techno edit

@YuriNiitsuma 6 жыл бұрын

Greatest video.

@conceptrat 2 жыл бұрын

Would i have been better to use "parallel" instead of "xargs' unless you're backgrounding them all which isn't ideal. Using"parallel" will run all of the commands at the same time and track them.

@StuxNETozor 4 жыл бұрын

There's something I don't get. He said he's scanning hosts for Ethernablue, but how it is possible to scan host behind a public IP ? Is there weakness about NAT/PAT or firewalls ? Is there a way to find private IP behind a router ? Asking for documentation ofc, I won't learn it through a YT comment

@josephrex7766 5 жыл бұрын

@vissago I wonder what tools are in your tools directory besides ipscan

@fredtheilig9636 6 жыл бұрын

Tour Con? TOR Con? I'd love to watch the VNC scan talk.

@hak5 6 жыл бұрын

Toorcon

@ericsmith1801 6 жыл бұрын

How about randomly scanning 200 million IP addresses using something like the bubble sort algorithm to find live hosts? You might find a larger number of live hosts in a limited amount of time (you would not want to scan all of the 200 million hosts just find a large number of live hosts). A sequential search may not be ideal for efficiently finding live IP nodes.

@kingpaimon3644 6 жыл бұрын

love u hak5

@SourceCodeDeleted 6 жыл бұрын

Does the thumbnail for this video keep changing ?

@TheSakeCat 6 жыл бұрын

I like dan, let's see more dan.

@konate7131 5 жыл бұрын

I scan windows 10 with all its options and gives all the ports are filtered, you can help me

@Quick_and_Dirty 6 жыл бұрын

Hi. Gently pointing out that it's clear you two did the "Storytime With Viss! Offensive Security Fails" back-to-back with this one. From a production point of view, I get that it's convenient to shoot it like that, but couldn't you have at least changed your shirts? Maybe mussed up your hair a little? Changed the lighting? If you're going to bill something as being separate shows, maybe it could at least look like it was done on different days? :)

@EdwardVarner 2 жыл бұрын

33:58 What is a SIM (sp?)

@japrogramer 6 жыл бұрын

Why not use gnu parallel?

@saturnphp 4 жыл бұрын

looking a this I'm getting some ideas on how to get my friends internet down :))

@RAGHAVENDRASINGH17 6 жыл бұрын

Can you send me link to the machine you are referring?

@neotroncs 5 жыл бұрын

?? Dean Cain is a Hacker ??

@williamknight7608 4 жыл бұрын

Hey Shannon and team, what's the guest's name in this video?

@rujotheone 3 жыл бұрын

Viss

@shickster1 6 жыл бұрын

10-2=5 hours? off by one error.

@alby_alby 6 жыл бұрын

keep hakin :)

@Trev0rReznik 5 жыл бұрын

Парень реально крут

@bufordmaddogtannen 4 жыл бұрын

17:04 "So why do you wanna that a 256 as opposed to 128?“ Because - oh wow - to scan each /24 chunk in one go Dan must tell nmap to work on 256 IPs at once instead of 128, as he explained earlier? "Yeah wow. OK. Of course. Ooohhh cool". (😲🤔🤯)

@nemesisc6122 5 жыл бұрын

Skip to 9:24 to start the demo

@killivalavan3245 5 жыл бұрын

Bro in my vmware kalilinux does not show its wifi Option it shows only wire connection how to solve it

@indifferent1 5 жыл бұрын

are you using virtual machine without external wifi adapter ? [in that case it will not show wifi]

@shu172 6 жыл бұрын

is he using some 3rd party terminal on Mac?

@vissago 6 жыл бұрын

no, just regular old terminal, but the thing im running inside it is byobu

@shu172 6 жыл бұрын

Thanks, btw very interesting video, hoping for more soon

@juanj5681 6 жыл бұрын

He's ssh'd to his server.

@shu172 6 жыл бұрын

I know that Juan, just been asking about the nonstandard features you can see on the bottom of the window (and got the response from Viss above), cheers

@Gameek 6 жыл бұрын

isn't that how wanncry works it's scanns IPs and use eternalblue ??

@intel_da_developer4791 4 жыл бұрын

So hacking the hold internet on port 445 really take forever literally

@zxletul 4 жыл бұрын

Starts in 9:03. Thx me via Like!! Jejeje

@michaelgraff6978 6 жыл бұрын

IPv6 is part of the internet.

@killerskincanoe 6 жыл бұрын

oh wow

@tjbotes7401 2 жыл бұрын

what if you can make a bomb instead of flamethrower

@bobbyv3 6 жыл бұрын

Every time I watch these, I get the impression that Snubs is completely clueless as to what her guests are talking about. Lol.

@Claeys67 4 жыл бұрын

Look at her face when viss mentioned something as simple as whois (12:31). 😩️

@traggerosbourne6877 5 жыл бұрын

scanning china sounds fun

@wilgarcia1 6 жыл бұрын

Oh that's not going to tempt us down a rabbit hole, NOT AT ALL =0P

@user-xx2wv6wr8u 6 жыл бұрын

can install steam on kali

@stanly720 6 жыл бұрын

يآوطن غلآك كبير no

@mohitr5768 6 жыл бұрын

Heyyyyy....tentacle boooooiiiii.

@zealsika 5 жыл бұрын

neeeeeeeeerrrrrrrrrrrrrrrrd

@grosgogogogt 2 жыл бұрын

what she don't know about screen. this shows you never worked as a sys admin

6 жыл бұрын

skip to 9 mins in when it gets interesting.

@Atom_007 6 жыл бұрын

Legit

@socat9311 4 жыл бұрын

She is adorable but the comments "wow" etc all.the time distract me a bit

@Slartibartfas042 4 жыл бұрын

Hmm, and where is the advanced NMap technique then? I'm half through the video and see just a bit of half-decent scripting, some applyance for the "useless-use-of-cat-award" but no real ground-breaking news or tricks or nifty stuff. Sorry to say that, but that was really disappointing.