Vlad Styran - "Hidden" Features of the Tools We All Love

OWASP Kyiv
OWASP Kyiv
Sep. 11, 2017
Vlad Styran - "Hidden" Features of the Tools We All Love
Vlad Styran - "Hidden" Features of the Tools We All Love
Vlad Styran - "Hidden" Features of the Tools We All Love
Vlad Styran - "Hidden" Features of the Tools We All Love
Vlad Styran - "Hidden" Features of the Tools We All Love
Vlad Styran - "Hidden" Features of the Tools We All Love
Vlad Styran - "Hidden" Features of the Tools We All Love
Vlad Styran - "Hidden" Features of the Tools We All Love
Vlad Styran - "Hidden" Features of the Tools We All Love
1 of 9

Vlad Styran - "Hidden" Features of the Tools We All Love

Sep. 11, 2017
Download to read offline
Technology

Some efficient but mostly obscure NMap hints. Follow Vlad on Twitter: https://twitter.com/c2FwcmFu

OWASP Kyiv
OWASP Kyiv

Recommended

Hardening ssh configurationsHardening ssh configurations
Hardening ssh configurationsantitree875 views20 slides
Cryptography and secure systemsCryptography and secure systems
Cryptography and secure systemsVsevolod Stakhov1.3K views41 slides
Serhiy Korolenko - The Strength of Ukrainian Users’ P@ssw0rds2017Serhiy Korolenko - The Strength of Ukrainian Users’ P@ssw0rds2017
Serhiy Korolenko - The Strength of Ukrainian Users’ P@ssw0rds2017OWASP Kyiv1.1K views60 slides
Andriy Shalaenko - GO security tipsAndriy Shalaenko - GO security tips
Andriy Shalaenko - GO security tipsOWASP Kyiv1.5K views27 slides
Network scanningNetwork scanning
Network scanningMD SAQUIB KHAN119 views68 slides
Nmap for ScriptorsNmap for Scriptors
Nmap for Scriptorsn|u - The Open Security Community2.7K views19 slides

More Related Content

Similar to Vlad Styran - "Hidden" Features of the Tools We All Love

Server TipsServer Tips
Server Tipsliqingfang126992 views35 slides
Nmap5.cheatsheet.eng.v1Nmap5.cheatsheet.eng.v1
Nmap5.cheatsheet.eng.v1Arduino Aficionado186 views1 slide
CNIT 50: 6. Command Line Packet Analysis ToolsCNIT 50: 6. Command Line Packet Analysis Tools
CNIT 50: 6. Command Line Packet Analysis ToolsSam Bowne1.2K views61 slides
DerbyCon - APT2DerbyCon - APT2
DerbyCon - APT2Adam Compton45 views39 slides
Practical White Hat Hacker Training - Active Information GatheringPractical White Hat Hacker Training - Active Information Gathering
Practical White Hat Hacker Training - Active Information GatheringPRISMA CSI911 views58 slides
Nmap and metasploitableNmap and metasploitable
Nmap and metasploitableMohammed Akbar Shariff2.5K views28 slides

Similar to Vlad Styran - "Hidden" Features of the Tools We All Love(20)

Server TipsServer Tips
Server Tips
liqingfang126992 views
Nmap5.cheatsheet.eng.v1Nmap5.cheatsheet.eng.v1
Nmap5.cheatsheet.eng.v1
Arduino Aficionado186 views
CNIT 50: 6. Command Line Packet Analysis ToolsCNIT 50: 6. Command Line Packet Analysis Tools
CNIT 50: 6. Command Line Packet Analysis Tools
Sam Bowne1.2K views
DerbyCon - APT2DerbyCon - APT2
DerbyCon - APT2
Adam Compton45 views
Practical White Hat Hacker Training - Active Information GatheringPractical White Hat Hacker Training - Active Information Gathering
Practical White Hat Hacker Training - Active Information Gathering
PRISMA CSI911 views
Nmap and metasploitableNmap and metasploitable
Nmap and metasploitable
Mohammed Akbar Shariff2.5K views
Footprinting tools for security auditorsFootprinting tools for security auditors
Footprinting tools for security auditors
Jose Manuel Ortega Candel2K views
Network Mapper (NMAP)Network Mapper (NMAP)
Network Mapper (NMAP)
KHNOG665 views
Bsides Knoxville - APT2Bsides Knoxville - APT2
Bsides Knoxville - APT2
Adam Compton40 views
Network Security Testing ToolsNetwork Security Testing Tools
Network Security Testing Tools
praveen_recker881 views
NmapNmap
Nmap
NishaYadav17777 views
DC612 Day - Hands on Penetration Testing 101DC612 Day - Hands on Penetration Testing 101
DC612 Day - Hands on Penetration Testing 101
dc6124.3K views
Null Delhi chapter - Feb 2019Null Delhi chapter - Feb 2019
Null Delhi chapter - Feb 2019
Nikhil Raj92 views
Recon with Nmap Recon with Nmap
Recon with Nmap
OWASP Delhi1.7K views
The Dirty Little Secrets They Didn’t Teach You In Pentesting Class The Dirty Little Secrets They Didn’t Teach You In Pentesting Class
The Dirty Little Secrets They Didn’t Teach You In Pentesting Class
Chris Gates2.6K views
Why internal pen tests are still funWhy internal pen tests are still fun
Why internal pen tests are still fun
pyschedelicsupernova6.5K views
NMapNMap
NMap
Pritesh Raka720 views
BSides Algiers - Nmap Scripting Engine - Hani BenhabilesBSides Algiers - Nmap Scripting Engine - Hani Benhabiles
BSides Algiers - Nmap Scripting Engine - Hani Benhabiles
Shellmates949 views
Linux Hardening - nullhydLinux Hardening - nullhyd
Linux Hardening - nullhyd
n|u - The Open Security Community2.3K views
Linux Performance Tools 2014Linux Performance Tools 2014
Linux Performance Tools 2014
Brendan Gregg116.6K views

More from OWASP Kyiv

Is there a penetration testing within PCI DSS certification? (Dmytro Diordiyc...Is there a penetration testing within PCI DSS certification? (Dmytro Diordiyc...
Is there a penetration testing within PCI DSS certification? (Dmytro Diordiyc...OWASP Kyiv246 views34 slides
Software Supply Chain Security та компоненти з відомими вразливостямиSoftware Supply Chain Security та компоненти з відомими вразливостями
Software Supply Chain Security та компоненти з відомими вразливостямиOWASP Kyiv197 views21 slides
Cloud Security Hardening та аудит хмарної безпеки за допомогою Scout SuiteCloud Security Hardening та аудит хмарної безпеки за допомогою Scout Suite
Cloud Security Hardening та аудит хмарної безпеки за допомогою Scout SuiteOWASP Kyiv153 views31 slides
Threat Modeling with OWASP Threat DragonThreat Modeling with OWASP Threat Dragon
Threat Modeling with OWASP Threat DragonOWASP Kyiv600 views12 slides
Anastasia Vixentael - Don't Waste Time on Learning Cryptography: Better Use I...Anastasia Vixentael - Don't Waste Time on Learning Cryptography: Better Use I...
Anastasia Vixentael - Don't Waste Time on Learning Cryptography: Better Use I...OWASP Kyiv693 views79 slides
Vlad Styran - Cyber Security Economics 101Vlad Styran - Cyber Security Economics 101
Vlad Styran - Cyber Security Economics 101OWASP Kyiv466 views17 slides

More from OWASP Kyiv(20)

Is there a penetration testing within PCI DSS certification? (Dmytro Diordiyc...Is there a penetration testing within PCI DSS certification? (Dmytro Diordiyc...
Is there a penetration testing within PCI DSS certification? (Dmytro Diordiyc...
OWASP Kyiv246 views
Software Supply Chain Security та компоненти з відомими вразливостямиSoftware Supply Chain Security та компоненти з відомими вразливостями
Software Supply Chain Security та компоненти з відомими вразливостями
OWASP Kyiv197 views
Cloud Security Hardening та аудит хмарної безпеки за допомогою Scout SuiteCloud Security Hardening та аудит хмарної безпеки за допомогою Scout Suite
Cloud Security Hardening та аудит хмарної безпеки за допомогою Scout Suite
OWASP Kyiv153 views
Threat Modeling with OWASP Threat DragonThreat Modeling with OWASP Threat Dragon
Threat Modeling with OWASP Threat Dragon
OWASP Kyiv600 views
Anastasia Vixentael - Don't Waste Time on Learning Cryptography: Better Use I...Anastasia Vixentael - Don't Waste Time on Learning Cryptography: Better Use I...
Anastasia Vixentael - Don't Waste Time on Learning Cryptography: Better Use I...
OWASP Kyiv693 views
Vlad Styran - Cyber Security Economics 101Vlad Styran - Cyber Security Economics 101
Vlad Styran - Cyber Security Economics 101
OWASP Kyiv466 views
Pavlo Radchuk - OWASP SAMM: Understanding Agile in SecurityPavlo Radchuk - OWASP SAMM: Understanding Agile in Security
Pavlo Radchuk - OWASP SAMM: Understanding Agile in Security
OWASP Kyiv2.4K views
Ivan Vyshnevskyi - Not So Quiet Git PushIvan Vyshnevskyi - Not So Quiet Git Push
Ivan Vyshnevskyi - Not So Quiet Git Push
OWASP Kyiv432 views
Dima Kovalenko - Modern SSL PinningDima Kovalenko - Modern SSL Pinning
Dima Kovalenko - Modern SSL Pinning
OWASP Kyiv525 views
Yevhen Teleshyk - OAuth PhishingYevhen Teleshyk - OAuth Phishing
Yevhen Teleshyk - OAuth Phishing
OWASP Kyiv362 views
Vlada Kulish - Why So Serial?Vlada Kulish - Why So Serial?
Vlada Kulish - Why So Serial?
OWASP Kyiv590 views
Vlad Styran - OWASP Kyiv 2017 Report and 2018 PlansVlad Styran - OWASP Kyiv 2017 Report and 2018 Plans
Vlad Styran - OWASP Kyiv 2017 Report and 2018 Plans
OWASP Kyiv344 views
Roman Borodin - ISC2 & ISACA Certification Programs First-hand ExperienceRoman Borodin - ISC2 & ISACA Certification Programs First-hand Experience
Roman Borodin - ISC2 & ISACA Certification Programs First-hand Experience
OWASP Kyiv815 views
Ihor Bliumental - WebSocketsIhor Bliumental - WebSockets
Ihor Bliumental - WebSockets
OWASP Kyiv343 views
Viktor Zhora - Cyber and Geopolitics: Ukrainian factorViktor Zhora - Cyber and Geopolitics: Ukrainian factor
Viktor Zhora - Cyber and Geopolitics: Ukrainian factor
OWASP Kyiv647 views
Volodymyr Ilibman - Close Look at Nyetya InvestigationVolodymyr Ilibman - Close Look at Nyetya Investigation
Volodymyr Ilibman - Close Look at Nyetya Investigation
OWASP Kyiv412 views
Ihor Bliumental - Collision CORSIhor Bliumental - Collision CORS
Ihor Bliumental - Collision CORS
OWASP Kyiv370 views
Lidiia 'Alice' Skalytska - Security Checklist for Web DevelopersLidiia 'Alice' Skalytska - Security Checklist for Web Developers
Lidiia 'Alice' Skalytska - Security Checklist for Web Developers
OWASP Kyiv548 views
Ihor Bliumental – Is There Life Outside OWASP Top-10Ihor Bliumental – Is There Life Outside OWASP Top-10
Ihor Bliumental – Is There Life Outside OWASP Top-10
OWASP Kyiv656 views
Roman Rott – Ruby for PentestersRoman Rott – Ruby for Pentesters
Roman Rott – Ruby for Pentesters
OWASP Kyiv1.7K views

Recently uploaded

ECE ANURANAN 2023ECE ANURANAN 2023
ECE ANURANAN 2023Bishal20Hazarika103448 views70 slides
GDSC INFO.pptxGDSC INFO.pptx
GDSC INFO.pptxAshishChanchal136 views15 slides
CloudStack Object Storage Framework & DemoCloudStack Object Storage Framework & Demo
CloudStack Object Storage Framework & DemoShapeBlue109 views12 slides
Doorsvision-The-Future-of-Smart-Communities gama adj.pdfDoorsvision-The-Future-of-Smart-Communities gama adj.pdf
Doorsvision-The-Future-of-Smart-Communities gama adj.pdfMustafa Kuğu84 views19 slides
Asterisk UpdateAsterisk Update
Asterisk UpdateOpenDireito15 views18 slides
[KCD GT 2023] Demystifying etcd failure scenarios for Kubernetes.pdf[KCD GT 2023] Demystifying etcd failure scenarios for Kubernetes.pdf
[KCD GT 2023] Demystifying etcd failure scenarios for Kubernetes.pdfWilliam Caban45 views15 slides

Recently uploaded(20)

ECE ANURANAN 2023ECE ANURANAN 2023
ECE ANURANAN 2023
Bishal20Hazarika103448 views
GDSC INFO.pptxGDSC INFO.pptx
GDSC INFO.pptx
AshishChanchal136 views
CloudStack Object Storage Framework & DemoCloudStack Object Storage Framework & Demo
CloudStack Object Storage Framework & Demo
ShapeBlue109 views
Doorsvision-The-Future-of-Smart-Communities gama adj.pdfDoorsvision-The-Future-of-Smart-Communities gama adj.pdf
Doorsvision-The-Future-of-Smart-Communities gama adj.pdf
Mustafa Kuğu84 views
Asterisk UpdateAsterisk Update
Asterisk Update
OpenDireito15 views
[KCD GT 2023] Demystifying etcd failure scenarios for Kubernetes.pdf[KCD GT 2023] Demystifying etcd failure scenarios for Kubernetes.pdf
[KCD GT 2023] Demystifying etcd failure scenarios for Kubernetes.pdf
William Caban45 views
OpenFOAM benchmark for EPYC server: cavity mediumOpenFOAM benchmark for EPYC server: cavity medium
OpenFOAM benchmark for EPYC server: cavity medium
takuyayamamoto180031 views
Daily Scrum, Sprint Review & Retrospective.pptxDaily Scrum, Sprint Review & Retrospective.pptx
Daily Scrum, Sprint Review & Retrospective.pptx
Md. Rakib Trofder90 views
AI and ML Series - Generative Extraction and Classification of Documents in S...AI and ML Series - Generative Extraction and Classification of Documents in S...
AI and ML Series - Generative Extraction and Classification of Documents in S...
DianaGray1067 views
AI and ML Series - Introduction to Generative AI and LLMs - Session 1AI and ML Series - Introduction to Generative AI and LLMs - Session 1
AI and ML Series - Introduction to Generative AI and LLMs - Session 1
DianaGray10179 views
Welcome and State of Apache CloudStack CommunityWelcome and State of Apache CloudStack Community
Welcome and State of Apache CloudStack Community
ShapeBlue149 views
Deploying CloudStack with CephDeploying CloudStack with Ceph
Deploying CloudStack with Ceph
ShapeBlue108 views
dvss.pptdvss.ppt
dvss.ppt
SaikrishnaCheruvu1354 views
GDSC_Info_Session_KITTiptur.pptxGDSC_Info_Session_KITTiptur.pptx
GDSC_Info_Session_KITTiptur.pptx
RadhikaNA38 views
CloudStack Managed User-data & DemoCloudStack Managed User-data & Demo
CloudStack Managed User-data & Demo
ShapeBlue107 views
Artificial Intelligence (AI).pptxArtificial Intelligence (AI).pptx
Artificial Intelligence (AI).pptx
SharifulShishir49 views
Generative AI PotentialGenerative AI Potential
Generative AI Potential
Kapil Khandelwal (KK)25 views
GDSC SRMCEM Info Session 2023GDSC SRMCEM Info Session 2023
GDSC SRMCEM Info Session 2023
HariOM Dwivedi56 views
Future of Virtual realityFuture of Virtual reality
Future of Virtual reality
mdpavel413 views
GDSC23 - Info Session GDSC KIET (1).pptxGDSC23 - Info Session GDSC KIET (1).pptx
GDSC23 - Info Session GDSC KIET (1).pptx
SnehaAggarwal40119 views

Vlad Styran - "Hidden" Features of the Tools We All Love

  1. "Hidden" Features of the Tools We All Love Vlad Styran
  2. Plan • Nmap stuff – Running modes – Timing – Reporting – Scaling – Troubleshooting • Other stuff (if any time left)
  3. Nmap running modes • Root vs User – sudo to -sS; don’t sudo to -sT – sudo --unprivileged to -sT • Port groups – --top-ports, --port-ratio, -p- • Nmap Scripting Engine – default (-sC), ssl-cert,ssl-date,ssl-known-key,’http-* and discovery and safe’, ‘vuln and safe’ etc. • Stats monitoring and debug level
  4. Nmap timing • -T3 by default – paranoid|sneaky|polite|normal|aggressive|insane • --minhostgroup 4 by default • --min-parallelism, --max-parallelism • --host-timeout, --script-timeout • --min-rate, --max-rate
  5. Nmap reporting • Always save all reports (-oA) – To have complete track and output – To be able to resume scans • XML is your friend. Seriously. I mean it. – https://github.com/sapran/nmap-xsl $ xsltproc report.xml > report.html $ xsltproc template.xsl report.xml
  6. Nmap reporting • Join XML reports $ head -8 results.xml-00 > results.xml $ cat results.xml-* | grep -v '<!DOCTYPE' | grep -v '<?xml' | grep -v '<!--' | grep -v '<nmaprun' | grep -v '<scaninfo' | grep -v '<verbose' | grep -v '<debugging' | grep -v '<runstats' | grep -v '</runstats>' | grep -v '</nmaprun>' >> results.xml $ tail -3 results.xml-00 >> results.xml
  7. Nmap scaling • Taras Bobalo’s talk – Application Security Automation with DevOps Tools and Clouds https://www.youtube.com/watch?v=EYEwhwsVjJ0 • Distributed Nmap Framework (dnmap) – https://sourceforge.net/p/dnmap/wiki/Home/ • Docker – instrumentisto/nmap
  8. Nmap troubleshooting • 99% of the time – it ’hangs’ • Change debug level: d = up, shift+d = down • Press any key for stats incl. NSE scripts • Restart with --resume from XML results • Use timing optimization – --script-timeout, --host-timeout, – --min-rate, --max-retries • https://secwiki.org/w/FAQ_long_running
  9. CLI stuff • more, less, tail -f • openssl s_client • ncat • for u in $(cat usrl.lst); do curl -x 127.0.0.1:8080 $u > /dev/null & done • You name it!