From the course: DevSecOps: Automated Security Testing
Unlock the full course today
Join today to access over 22,400 courses taught by industry experts or purchase this course individually.
Network testing on the fly
From the course: DevSecOps: Automated Security Testing
Network testing on the fly
- [Instructor] Ever leave the development or admin port open on production? Ever have admins or developers make changes to the network without approval? An easy way to make sure you don't have regressions or new ports being opened up is through network validation. Network validation is simple, and fun, with Nmap, an open source tool, which is short for Network mapper. Nmap is incredibly flexible, and able to do much more than check ports. It can also identify operating systems, and can fingerprint loads of things, from a MySQL database to a WordPress instance. It does this through the Nmap Scripting Engine, referred to as the NSE. There are hundreds of NSE scripts available on nmap.org. Since Nmap is a much beloved tool of network engineers and security testers alike, let's get on with automating it. I'm opening attacks/network/port.attack in my text editor, Vim. By now, this is old hat for you. In this attack, we have our standard feature and scenario, and we make sure Nmap is…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.