From the course: DevSecOps: Automated Security Testing

Unlock the full course today

Join today to access over 22,400 courses taught by industry experts or purchase this course individually.

Network testing on the fly

Network testing on the fly

From the course: DevSecOps: Automated Security Testing

Start my 1-month free trial

Network testing on the fly

- [Instructor] Ever leave the development or admin port open on production? Ever have admins or developers make changes to the network without approval? An easy way to make sure you don't have regressions or new ports being opened up is through network validation. Network validation is simple, and fun, with Nmap, an open source tool, which is short for Network mapper. Nmap is incredibly flexible, and able to do much more than check ports. It can also identify operating systems, and can fingerprint loads of things, from a MySQL database to a WordPress instance. It does this through the Nmap Scripting Engine, referred to as the NSE. There are hundreds of NSE scripts available on nmap.org. Since Nmap is a much beloved tool of network engineers and security testers alike, let's get on with automating it. I'm opening attacks/network/port.attack in my text editor, Vim. By now, this is old hat for you. In this attack, we have our standard feature and scenario, and we make sure Nmap is…

Contents