SlideShare a Scribd company logo
"Hidden" Features
of the Tools We All Love
Vlad Styran
Plan
• Nmap stuff
– Running modes
– Timing
– Reporting
– Scaling
– Troubleshooting
• Other stuff (if any time left)
Nmap running modes
• Root vs User
– sudo to -sS; don’t sudo to -sT
– sudo --unprivileged to -sT
• Port groups
– --top-ports, --port-ratio, -p-
• Nmap Scripting Engine
– default (-sC), ssl-cert,ssl-date,ssl-known-key,’http-*
and discovery and safe’, ‘vuln and safe’ etc.
• Stats monitoring and debug level
Nmap timing
• -T3 by default
– paranoid|sneaky|polite|normal|aggressive|insane
• --minhostgroup 4 by default
• --min-parallelism, --max-parallelism
• --host-timeout, --script-timeout
• --min-rate, --max-rate
Nmap reporting
• Always save all reports (-oA)
– To have complete track and output
– To be able to resume scans
• XML is your friend. Seriously. I mean it.
– https://github.com/sapran/nmap-xsl
$ xsltproc report.xml > report.html
$ xsltproc template.xsl report.xml
Nmap reporting
• Join XML reports
$ head -8 results.xml-00 > results.xml
$ cat results.xml-* | grep -v '<!DOCTYPE' | grep -v '<?xml' |
grep -v '<!--' | grep -v '<nmaprun' | grep -v '<scaninfo' |
grep -v '<verbose' | grep -v '<debugging' | grep -v
'<runstats' | grep -v '</runstats>' | grep -v '</nmaprun>' >>
results.xml
$ tail -3 results.xml-00 >> results.xml
Nmap scaling
• Taras Bobalo’s talk
– Application Security Automation with DevOps
Tools and Clouds
https://www.youtube.com/watch?v=EYEwhwsVjJ0
• Distributed Nmap Framework (dnmap)
– https://sourceforge.net/p/dnmap/wiki/Home/
• Docker
– instrumentisto/nmap
Nmap troubleshooting
• 99% of the time – it ’hangs’
• Change debug level: d = up, shift+d = down
• Press any key for stats incl. NSE scripts
• Restart with --resume from XML results
• Use timing optimization
– --script-timeout, --host-timeout,
– --min-rate, --max-retries
• https://secwiki.org/w/FAQ_long_running
CLI stuff
• more, less, tail -f
• openssl s_client
• ncat
• for u in $(cat usrl.lst); do curl -x
127.0.0.1:8080 $u > /dev/null & done
• You name it!

More Related Content

Similar to Vlad Styran - "Hidden" Features of the Tools We All Love

Server Tips
Server TipsServer Tips
Server Tips
liqingfang126
 
Nmap5.cheatsheet.eng.v1
Nmap5.cheatsheet.eng.v1Nmap5.cheatsheet.eng.v1
Nmap5.cheatsheet.eng.v1
Arduino Aficionado
 
CNIT 50: 6. Command Line Packet Analysis Tools
CNIT 50: 6. Command Line Packet Analysis ToolsCNIT 50: 6. Command Line Packet Analysis Tools
CNIT 50: 6. Command Line Packet Analysis Tools
Sam Bowne
 
DerbyCon - APT2
DerbyCon - APT2DerbyCon - APT2
DerbyCon - APT2
Adam Compton
 
Practical White Hat Hacker Training - Active Information Gathering
Practical White Hat Hacker Training - Active Information GatheringPractical White Hat Hacker Training - Active Information Gathering
Practical White Hat Hacker Training - Active Information Gathering
PRISMA CSI
 
Nmap and metasploitable
Nmap and metasploitableNmap and metasploitable
Nmap and metasploitable
Mohammed Akbar Shariff
 
Footprinting tools for security auditors
Footprinting tools for security auditorsFootprinting tools for security auditors
Footprinting tools for security auditors
Jose Manuel Ortega Candel
 
Network Mapper (NMAP)
Network Mapper (NMAP)Network Mapper (NMAP)
Network Mapper (NMAP)
KHNOG
 
Bsides Knoxville - APT2
Bsides Knoxville - APT2Bsides Knoxville - APT2
Bsides Knoxville - APT2
Adam Compton
 
Network Security Testing Tools
Network Security Testing ToolsNetwork Security Testing Tools
Network Security Testing Tools
praveen_recker
 
Nmap
NmapNmap
DC612 Day - Hands on Penetration Testing 101
DC612 Day - Hands on Penetration Testing 101DC612 Day - Hands on Penetration Testing 101
DC612 Day - Hands on Penetration Testing 101
dc612
 
Null Delhi chapter - Feb 2019
Null Delhi chapter - Feb 2019Null Delhi chapter - Feb 2019
Null Delhi chapter - Feb 2019
Nikhil Raj
 
Recon with Nmap
Recon with Nmap Recon with Nmap
Recon with Nmap
OWASP Delhi
 
The Dirty Little Secrets They Didn’t Teach You In Pentesting Class
The Dirty Little Secrets They Didn’t Teach You In Pentesting Class The Dirty Little Secrets They Didn’t Teach You In Pentesting Class
The Dirty Little Secrets They Didn’t Teach You In Pentesting Class
Chris Gates
 
Why internal pen tests are still fun
Why internal pen tests are still funWhy internal pen tests are still fun
Why internal pen tests are still fun
pyschedelicsupernova
 
NMap
NMapNMap
BSides Algiers - Nmap Scripting Engine - Hani Benhabiles
BSides Algiers - Nmap Scripting Engine - Hani BenhabilesBSides Algiers - Nmap Scripting Engine - Hani Benhabiles
BSides Algiers - Nmap Scripting Engine - Hani Benhabiles
Shellmates
 
Linux Hardening - nullhyd
Linux Hardening - nullhydLinux Hardening - nullhyd
Linux Hardening - nullhyd
n|u - The Open Security Community
 
Linux Performance Tools 2014
Linux Performance Tools 2014Linux Performance Tools 2014
Linux Performance Tools 2014
Brendan Gregg
 

Similar to Vlad Styran - "Hidden" Features of the Tools We All Love (20)

Server Tips
Server TipsServer Tips
Server Tips
 
Nmap5.cheatsheet.eng.v1
Nmap5.cheatsheet.eng.v1Nmap5.cheatsheet.eng.v1
Nmap5.cheatsheet.eng.v1
 
CNIT 50: 6. Command Line Packet Analysis Tools
CNIT 50: 6. Command Line Packet Analysis ToolsCNIT 50: 6. Command Line Packet Analysis Tools
CNIT 50: 6. Command Line Packet Analysis Tools
 
DerbyCon - APT2
DerbyCon - APT2DerbyCon - APT2
DerbyCon - APT2
 
Practical White Hat Hacker Training - Active Information Gathering
Practical White Hat Hacker Training - Active Information GatheringPractical White Hat Hacker Training - Active Information Gathering
Practical White Hat Hacker Training - Active Information Gathering
 
Nmap and metasploitable
Nmap and metasploitableNmap and metasploitable
Nmap and metasploitable
 
Footprinting tools for security auditors
Footprinting tools for security auditorsFootprinting tools for security auditors
Footprinting tools for security auditors
 
Network Mapper (NMAP)
Network Mapper (NMAP)Network Mapper (NMAP)
Network Mapper (NMAP)
 
Bsides Knoxville - APT2
Bsides Knoxville - APT2Bsides Knoxville - APT2
Bsides Knoxville - APT2
 
Network Security Testing Tools
Network Security Testing ToolsNetwork Security Testing Tools
Network Security Testing Tools
 
Nmap
NmapNmap
Nmap
 
DC612 Day - Hands on Penetration Testing 101
DC612 Day - Hands on Penetration Testing 101DC612 Day - Hands on Penetration Testing 101
DC612 Day - Hands on Penetration Testing 101
 
Null Delhi chapter - Feb 2019
Null Delhi chapter - Feb 2019Null Delhi chapter - Feb 2019
Null Delhi chapter - Feb 2019
 
Recon with Nmap
Recon with Nmap Recon with Nmap
Recon with Nmap
 
The Dirty Little Secrets They Didn’t Teach You In Pentesting Class
The Dirty Little Secrets They Didn’t Teach You In Pentesting Class The Dirty Little Secrets They Didn’t Teach You In Pentesting Class
The Dirty Little Secrets They Didn’t Teach You In Pentesting Class
 
Why internal pen tests are still fun
Why internal pen tests are still funWhy internal pen tests are still fun
Why internal pen tests are still fun
 
NMap
NMapNMap
NMap
 
BSides Algiers - Nmap Scripting Engine - Hani Benhabiles
BSides Algiers - Nmap Scripting Engine - Hani BenhabilesBSides Algiers - Nmap Scripting Engine - Hani Benhabiles
BSides Algiers - Nmap Scripting Engine - Hani Benhabiles
 
Linux Hardening - nullhyd
Linux Hardening - nullhydLinux Hardening - nullhyd
Linux Hardening - nullhyd
 
Linux Performance Tools 2014
Linux Performance Tools 2014Linux Performance Tools 2014
Linux Performance Tools 2014
 

More from OWASP Kyiv

Is there a penetration testing within PCI DSS certification? (Dmytro Diordiyc...
Is there a penetration testing within PCI DSS certification? (Dmytro Diordiyc...Is there a penetration testing within PCI DSS certification? (Dmytro Diordiyc...
Is there a penetration testing within PCI DSS certification? (Dmytro Diordiyc...
OWASP Kyiv
 
Software Supply Chain Security та компоненти з відомими вразливостями
Software Supply Chain Security та компоненти з відомими вразливостямиSoftware Supply Chain Security та компоненти з відомими вразливостями
Software Supply Chain Security та компоненти з відомими вразливостями
OWASP Kyiv
 
Cloud Security Hardening та аудит хмарної безпеки за допомогою Scout Suite
Cloud Security Hardening та аудит хмарної безпеки за допомогою Scout SuiteCloud Security Hardening та аудит хмарної безпеки за допомогою Scout Suite
Cloud Security Hardening та аудит хмарної безпеки за допомогою Scout Suite
OWASP Kyiv
 
Threat Modeling with OWASP Threat Dragon
Threat Modeling with OWASP Threat DragonThreat Modeling with OWASP Threat Dragon
Threat Modeling with OWASP Threat Dragon
OWASP Kyiv
 
Anastasia Vixentael - Don't Waste Time on Learning Cryptography: Better Use I...
Anastasia Vixentael - Don't Waste Time on Learning Cryptography: Better Use I...Anastasia Vixentael - Don't Waste Time on Learning Cryptography: Better Use I...
Anastasia Vixentael - Don't Waste Time on Learning Cryptography: Better Use I...
OWASP Kyiv
 
Vlad Styran - Cyber Security Economics 101
Vlad Styran - Cyber Security Economics 101Vlad Styran - Cyber Security Economics 101
Vlad Styran - Cyber Security Economics 101
OWASP Kyiv
 
Pavlo Radchuk - OWASP SAMM: Understanding Agile in Security
Pavlo Radchuk - OWASP SAMM: Understanding Agile in SecurityPavlo Radchuk - OWASP SAMM: Understanding Agile in Security
Pavlo Radchuk - OWASP SAMM: Understanding Agile in Security
OWASP Kyiv
 
Ivan Vyshnevskyi - Not So Quiet Git Push
Ivan Vyshnevskyi - Not So Quiet Git PushIvan Vyshnevskyi - Not So Quiet Git Push
Ivan Vyshnevskyi - Not So Quiet Git Push
OWASP Kyiv
 
Dima Kovalenko - Modern SSL Pinning
Dima Kovalenko - Modern SSL PinningDima Kovalenko - Modern SSL Pinning
Dima Kovalenko - Modern SSL Pinning
OWASP Kyiv
 
Yevhen Teleshyk - OAuth Phishing
Yevhen Teleshyk - OAuth PhishingYevhen Teleshyk - OAuth Phishing
Yevhen Teleshyk - OAuth Phishing
OWASP Kyiv
 
Vlada Kulish - Why So Serial?
Vlada Kulish - Why So Serial?Vlada Kulish - Why So Serial?
Vlada Kulish - Why So Serial?
OWASP Kyiv
 
Vlad Styran - OWASP Kyiv 2017 Report and 2018 Plans
Vlad Styran - OWASP Kyiv 2017 Report and 2018 PlansVlad Styran - OWASP Kyiv 2017 Report and 2018 Plans
Vlad Styran - OWASP Kyiv 2017 Report and 2018 Plans
OWASP Kyiv
 
Roman Borodin - ISC2 & ISACA Certification Programs First-hand Experience
Roman Borodin - ISC2 & ISACA Certification Programs First-hand ExperienceRoman Borodin - ISC2 & ISACA Certification Programs First-hand Experience
Roman Borodin - ISC2 & ISACA Certification Programs First-hand Experience
OWASP Kyiv
 
Ihor Bliumental - WebSockets
Ihor Bliumental - WebSocketsIhor Bliumental - WebSockets
Ihor Bliumental - WebSockets
OWASP Kyiv
 
Viktor Zhora - Cyber and Geopolitics: Ukrainian factor
Viktor Zhora - Cyber and Geopolitics: Ukrainian factorViktor Zhora - Cyber and Geopolitics: Ukrainian factor
Viktor Zhora - Cyber and Geopolitics: Ukrainian factor
OWASP Kyiv
 
Volodymyr Ilibman - Close Look at Nyetya Investigation
Volodymyr Ilibman - Close Look at Nyetya InvestigationVolodymyr Ilibman - Close Look at Nyetya Investigation
Volodymyr Ilibman - Close Look at Nyetya Investigation
OWASP Kyiv
 
Ihor Bliumental - Collision CORS
Ihor Bliumental - Collision CORSIhor Bliumental - Collision CORS
Ihor Bliumental - Collision CORS
OWASP Kyiv
 
Lidiia 'Alice' Skalytska - Security Checklist for Web Developers
Lidiia 'Alice' Skalytska - Security Checklist for Web DevelopersLidiia 'Alice' Skalytska - Security Checklist for Web Developers
Lidiia 'Alice' Skalytska - Security Checklist for Web Developers
OWASP Kyiv
 
Ihor Bliumental – Is There Life Outside OWASP Top-10
Ihor Bliumental – Is There Life Outside OWASP Top-10Ihor Bliumental – Is There Life Outside OWASP Top-10
Ihor Bliumental – Is There Life Outside OWASP Top-10
OWASP Kyiv
 
Roman Rott – Ruby for Pentesters
Roman Rott – Ruby for PentestersRoman Rott – Ruby for Pentesters
Roman Rott – Ruby for Pentesters
OWASP Kyiv
 

More from OWASP Kyiv (20)

Is there a penetration testing within PCI DSS certification? (Dmytro Diordiyc...
Is there a penetration testing within PCI DSS certification? (Dmytro Diordiyc...Is there a penetration testing within PCI DSS certification? (Dmytro Diordiyc...
Is there a penetration testing within PCI DSS certification? (Dmytro Diordiyc...
 
Software Supply Chain Security та компоненти з відомими вразливостями
Software Supply Chain Security та компоненти з відомими вразливостямиSoftware Supply Chain Security та компоненти з відомими вразливостями
Software Supply Chain Security та компоненти з відомими вразливостями
 
Cloud Security Hardening та аудит хмарної безпеки за допомогою Scout Suite
Cloud Security Hardening та аудит хмарної безпеки за допомогою Scout SuiteCloud Security Hardening та аудит хмарної безпеки за допомогою Scout Suite
Cloud Security Hardening та аудит хмарної безпеки за допомогою Scout Suite
 
Threat Modeling with OWASP Threat Dragon
Threat Modeling with OWASP Threat DragonThreat Modeling with OWASP Threat Dragon
Threat Modeling with OWASP Threat Dragon
 
Anastasia Vixentael - Don't Waste Time on Learning Cryptography: Better Use I...
Anastasia Vixentael - Don't Waste Time on Learning Cryptography: Better Use I...Anastasia Vixentael - Don't Waste Time on Learning Cryptography: Better Use I...
Anastasia Vixentael - Don't Waste Time on Learning Cryptography: Better Use I...
 
Vlad Styran - Cyber Security Economics 101
Vlad Styran - Cyber Security Economics 101Vlad Styran - Cyber Security Economics 101
Vlad Styran - Cyber Security Economics 101
 
Pavlo Radchuk - OWASP SAMM: Understanding Agile in Security
Pavlo Radchuk - OWASP SAMM: Understanding Agile in SecurityPavlo Radchuk - OWASP SAMM: Understanding Agile in Security
Pavlo Radchuk - OWASP SAMM: Understanding Agile in Security
 
Ivan Vyshnevskyi - Not So Quiet Git Push
Ivan Vyshnevskyi - Not So Quiet Git PushIvan Vyshnevskyi - Not So Quiet Git Push
Ivan Vyshnevskyi - Not So Quiet Git Push
 
Dima Kovalenko - Modern SSL Pinning
Dima Kovalenko - Modern SSL PinningDima Kovalenko - Modern SSL Pinning
Dima Kovalenko - Modern SSL Pinning
 
Yevhen Teleshyk - OAuth Phishing
Yevhen Teleshyk - OAuth PhishingYevhen Teleshyk - OAuth Phishing
Yevhen Teleshyk - OAuth Phishing
 
Vlada Kulish - Why So Serial?
Vlada Kulish - Why So Serial?Vlada Kulish - Why So Serial?
Vlada Kulish - Why So Serial?
 
Vlad Styran - OWASP Kyiv 2017 Report and 2018 Plans
Vlad Styran - OWASP Kyiv 2017 Report and 2018 PlansVlad Styran - OWASP Kyiv 2017 Report and 2018 Plans
Vlad Styran - OWASP Kyiv 2017 Report and 2018 Plans
 
Roman Borodin - ISC2 & ISACA Certification Programs First-hand Experience
Roman Borodin - ISC2 & ISACA Certification Programs First-hand ExperienceRoman Borodin - ISC2 & ISACA Certification Programs First-hand Experience
Roman Borodin - ISC2 & ISACA Certification Programs First-hand Experience
 
Ihor Bliumental - WebSockets
Ihor Bliumental - WebSocketsIhor Bliumental - WebSockets
Ihor Bliumental - WebSockets
 
Viktor Zhora - Cyber and Geopolitics: Ukrainian factor
Viktor Zhora - Cyber and Geopolitics: Ukrainian factorViktor Zhora - Cyber and Geopolitics: Ukrainian factor
Viktor Zhora - Cyber and Geopolitics: Ukrainian factor
 
Volodymyr Ilibman - Close Look at Nyetya Investigation
Volodymyr Ilibman - Close Look at Nyetya InvestigationVolodymyr Ilibman - Close Look at Nyetya Investigation
Volodymyr Ilibman - Close Look at Nyetya Investigation
 
Ihor Bliumental - Collision CORS
Ihor Bliumental - Collision CORSIhor Bliumental - Collision CORS
Ihor Bliumental - Collision CORS
 
Lidiia 'Alice' Skalytska - Security Checklist for Web Developers
Lidiia 'Alice' Skalytska - Security Checklist for Web DevelopersLidiia 'Alice' Skalytska - Security Checklist for Web Developers
Lidiia 'Alice' Skalytska - Security Checklist for Web Developers
 
Ihor Bliumental – Is There Life Outside OWASP Top-10
Ihor Bliumental – Is There Life Outside OWASP Top-10Ihor Bliumental – Is There Life Outside OWASP Top-10
Ihor Bliumental – Is There Life Outside OWASP Top-10
 
Roman Rott – Ruby for Pentesters
Roman Rott – Ruby for PentestersRoman Rott – Ruby for Pentesters
Roman Rott – Ruby for Pentesters
 

Recently uploaded

(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...
(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...
(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...
Priyanka Aash
 
Using LLM Agents with Llama 3, LangGraph and Milvus
Using LLM Agents with Llama 3, LangGraph and MilvusUsing LLM Agents with Llama 3, LangGraph and Milvus
Using LLM Agents with Llama 3, LangGraph and Milvus
Zilliz
 
Best Practices for Effectively Running dbt in Airflow.pdf
Best Practices for Effectively Running dbt in Airflow.pdfBest Practices for Effectively Running dbt in Airflow.pdf
Best Practices for Effectively Running dbt in Airflow.pdf
Tatiana Al-Chueyr
 
(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf
(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf
(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf
Priyanka Aash
 
Dublin_mulesoft_meetup_Mulesoft_Salesforce_Integration (1).pptx
Dublin_mulesoft_meetup_Mulesoft_Salesforce_Integration (1).pptxDublin_mulesoft_meetup_Mulesoft_Salesforce_Integration (1).pptx
Dublin_mulesoft_meetup_Mulesoft_Salesforce_Integration (1).pptx
Kunal Gupta
 
“Deploying Large Language Models on a Raspberry Pi,” a Presentation from Usef...
“Deploying Large Language Models on a Raspberry Pi,” a Presentation from Usef...“Deploying Large Language Models on a Raspberry Pi,” a Presentation from Usef...
“Deploying Large Language Models on a Raspberry Pi,” a Presentation from Usef...
Edge AI and Vision Alliance
 
Use Cases & Benefits of RPA in Manufacturing in 2024.pptx
Use Cases & Benefits of RPA in Manufacturing in 2024.pptxUse Cases & Benefits of RPA in Manufacturing in 2024.pptx
Use Cases & Benefits of RPA in Manufacturing in 2024.pptx
SynapseIndia
 
Litestack talk at Brighton 2024 (Unleashing the power of SQLite for Ruby apps)
Litestack talk at Brighton 2024 (Unleashing the power of SQLite for Ruby apps)Litestack talk at Brighton 2024 (Unleashing the power of SQLite for Ruby apps)
Litestack talk at Brighton 2024 (Unleashing the power of SQLite for Ruby apps)
Muhammad Ali
 
EuroPython 2024 - Streamlining Testing in a Large Python Codebase
EuroPython 2024 - Streamlining Testing in a Large Python CodebaseEuroPython 2024 - Streamlining Testing in a Large Python Codebase
EuroPython 2024 - Streamlining Testing in a Large Python Codebase
Jimmy Lai
 
The Role of IoT in Australian Mobile App Development - PDF Guide
The Role of IoT in Australian Mobile App Development - PDF GuideThe Role of IoT in Australian Mobile App Development - PDF Guide
The Role of IoT in Australian Mobile App Development - PDF Guide
Shiv Technolabs
 
BLOCKCHAIN TECHNOLOGY - Advantages and Disadvantages
BLOCKCHAIN TECHNOLOGY - Advantages and DisadvantagesBLOCKCHAIN TECHNOLOGY - Advantages and Disadvantages
BLOCKCHAIN TECHNOLOGY - Advantages and Disadvantages
SAI KAILASH R
 
How Social Media Hackers Help You to See Your Wife's Message.pdf
How Social Media Hackers Help You to See Your Wife's Message.pdfHow Social Media Hackers Help You to See Your Wife's Message.pdf
How Social Media Hackers Help You to See Your Wife's Message.pdf
HackersList
 
July Patch Tuesday
July Patch TuesdayJuly Patch Tuesday
July Patch Tuesday
Ivanti
 
CiscoIconsLibrary cours de réseau VLAN.ppt
CiscoIconsLibrary cours de réseau VLAN.pptCiscoIconsLibrary cours de réseau VLAN.ppt
CiscoIconsLibrary cours de réseau VLAN.ppt
moinahousna
 
Tirana Tech Meetup - Agentic RAG with Milvus, Llama3 and Ollama
Tirana Tech Meetup - Agentic RAG with Milvus, Llama3 and OllamaTirana Tech Meetup - Agentic RAG with Milvus, Llama3 and Ollama
Tirana Tech Meetup - Agentic RAG with Milvus, Llama3 and Ollama
Zilliz
 
Data Integration Basics: Merging & Joining Data
Data Integration Basics: Merging & Joining DataData Integration Basics: Merging & Joining Data
Data Integration Basics: Merging & Joining Data
Safe Software
 
High Profile Girls call Service Pune 000XX00000 Provide Best And Top Girl Ser...
High Profile Girls call Service Pune 000XX00000 Provide Best And Top Girl Ser...High Profile Girls call Service Pune 000XX00000 Provide Best And Top Girl Ser...
High Profile Girls call Service Pune 000XX00000 Provide Best And Top Girl Ser...
bhumivarma35300
 
Evolution of iPaaS - simplify IT workloads to provide a unified view of data...
Evolution of iPaaS - simplify IT workloads to provide a unified view of  data...Evolution of iPaaS - simplify IT workloads to provide a unified view of  data...
Evolution of iPaaS - simplify IT workloads to provide a unified view of data...
Torry Harris
 
How to Build a Profitable IoT Product.pptx
How to Build a Profitable IoT Product.pptxHow to Build a Profitable IoT Product.pptx
How to Build a Profitable IoT Product.pptx
Adam Dunkels
 
Introduction-to-the-IAM-Platform-Implementation-Plan.pptx
Introduction-to-the-IAM-Platform-Implementation-Plan.pptxIntroduction-to-the-IAM-Platform-Implementation-Plan.pptx
Introduction-to-the-IAM-Platform-Implementation-Plan.pptx
313mohammedarshad
 

Recently uploaded (20)

(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...
(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...
(CISOPlatform Summit & SACON 2024) Keynote _ Power Digital Identities With AI...
 
Using LLM Agents with Llama 3, LangGraph and Milvus
Using LLM Agents with Llama 3, LangGraph and MilvusUsing LLM Agents with Llama 3, LangGraph and Milvus
Using LLM Agents with Llama 3, LangGraph and Milvus
 
Best Practices for Effectively Running dbt in Airflow.pdf
Best Practices for Effectively Running dbt in Airflow.pdfBest Practices for Effectively Running dbt in Airflow.pdf
Best Practices for Effectively Running dbt in Airflow.pdf
 
(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf
(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf
(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf
 
Dublin_mulesoft_meetup_Mulesoft_Salesforce_Integration (1).pptx
Dublin_mulesoft_meetup_Mulesoft_Salesforce_Integration (1).pptxDublin_mulesoft_meetup_Mulesoft_Salesforce_Integration (1).pptx
Dublin_mulesoft_meetup_Mulesoft_Salesforce_Integration (1).pptx
 
“Deploying Large Language Models on a Raspberry Pi,” a Presentation from Usef...
“Deploying Large Language Models on a Raspberry Pi,” a Presentation from Usef...“Deploying Large Language Models on a Raspberry Pi,” a Presentation from Usef...
“Deploying Large Language Models on a Raspberry Pi,” a Presentation from Usef...
 
Use Cases & Benefits of RPA in Manufacturing in 2024.pptx
Use Cases & Benefits of RPA in Manufacturing in 2024.pptxUse Cases & Benefits of RPA in Manufacturing in 2024.pptx
Use Cases & Benefits of RPA in Manufacturing in 2024.pptx
 
Litestack talk at Brighton 2024 (Unleashing the power of SQLite for Ruby apps)
Litestack talk at Brighton 2024 (Unleashing the power of SQLite for Ruby apps)Litestack talk at Brighton 2024 (Unleashing the power of SQLite for Ruby apps)
Litestack talk at Brighton 2024 (Unleashing the power of SQLite for Ruby apps)
 
EuroPython 2024 - Streamlining Testing in a Large Python Codebase
EuroPython 2024 - Streamlining Testing in a Large Python CodebaseEuroPython 2024 - Streamlining Testing in a Large Python Codebase
EuroPython 2024 - Streamlining Testing in a Large Python Codebase
 
The Role of IoT in Australian Mobile App Development - PDF Guide
The Role of IoT in Australian Mobile App Development - PDF GuideThe Role of IoT in Australian Mobile App Development - PDF Guide
The Role of IoT in Australian Mobile App Development - PDF Guide
 
BLOCKCHAIN TECHNOLOGY - Advantages and Disadvantages
BLOCKCHAIN TECHNOLOGY - Advantages and DisadvantagesBLOCKCHAIN TECHNOLOGY - Advantages and Disadvantages
BLOCKCHAIN TECHNOLOGY - Advantages and Disadvantages
 
How Social Media Hackers Help You to See Your Wife's Message.pdf
How Social Media Hackers Help You to See Your Wife's Message.pdfHow Social Media Hackers Help You to See Your Wife's Message.pdf
How Social Media Hackers Help You to See Your Wife's Message.pdf
 
July Patch Tuesday
July Patch TuesdayJuly Patch Tuesday
July Patch Tuesday
 
CiscoIconsLibrary cours de réseau VLAN.ppt
CiscoIconsLibrary cours de réseau VLAN.pptCiscoIconsLibrary cours de réseau VLAN.ppt
CiscoIconsLibrary cours de réseau VLAN.ppt
 
Tirana Tech Meetup - Agentic RAG with Milvus, Llama3 and Ollama
Tirana Tech Meetup - Agentic RAG with Milvus, Llama3 and OllamaTirana Tech Meetup - Agentic RAG with Milvus, Llama3 and Ollama
Tirana Tech Meetup - Agentic RAG with Milvus, Llama3 and Ollama
 
Data Integration Basics: Merging & Joining Data
Data Integration Basics: Merging & Joining DataData Integration Basics: Merging & Joining Data
Data Integration Basics: Merging & Joining Data
 
High Profile Girls call Service Pune 000XX00000 Provide Best And Top Girl Ser...
High Profile Girls call Service Pune 000XX00000 Provide Best And Top Girl Ser...High Profile Girls call Service Pune 000XX00000 Provide Best And Top Girl Ser...
High Profile Girls call Service Pune 000XX00000 Provide Best And Top Girl Ser...
 
Evolution of iPaaS - simplify IT workloads to provide a unified view of data...
Evolution of iPaaS - simplify IT workloads to provide a unified view of  data...Evolution of iPaaS - simplify IT workloads to provide a unified view of  data...
Evolution of iPaaS - simplify IT workloads to provide a unified view of data...
 
How to Build a Profitable IoT Product.pptx
How to Build a Profitable IoT Product.pptxHow to Build a Profitable IoT Product.pptx
How to Build a Profitable IoT Product.pptx
 
Introduction-to-the-IAM-Platform-Implementation-Plan.pptx
Introduction-to-the-IAM-Platform-Implementation-Plan.pptxIntroduction-to-the-IAM-Platform-Implementation-Plan.pptx
Introduction-to-the-IAM-Platform-Implementation-Plan.pptx
 

Vlad Styran - "Hidden" Features of the Tools We All Love

  • 1. "Hidden" Features of the Tools We All Love Vlad Styran
  • 2. Plan • Nmap stuff – Running modes – Timing – Reporting – Scaling – Troubleshooting • Other stuff (if any time left)
  • 3. Nmap running modes • Root vs User – sudo to -sS; don’t sudo to -sT – sudo --unprivileged to -sT • Port groups – --top-ports, --port-ratio, -p- • Nmap Scripting Engine – default (-sC), ssl-cert,ssl-date,ssl-known-key,’http-* and discovery and safe’, ‘vuln and safe’ etc. • Stats monitoring and debug level
  • 4. Nmap timing • -T3 by default – paranoid|sneaky|polite|normal|aggressive|insane • --minhostgroup 4 by default • --min-parallelism, --max-parallelism • --host-timeout, --script-timeout • --min-rate, --max-rate
  • 5. Nmap reporting • Always save all reports (-oA) – To have complete track and output – To be able to resume scans • XML is your friend. Seriously. I mean it. – https://github.com/sapran/nmap-xsl $ xsltproc report.xml > report.html $ xsltproc template.xsl report.xml
  • 6. Nmap reporting • Join XML reports $ head -8 results.xml-00 > results.xml $ cat results.xml-* | grep -v '<!DOCTYPE' | grep -v '<?xml' | grep -v '<!--' | grep -v '<nmaprun' | grep -v '<scaninfo' | grep -v '<verbose' | grep -v '<debugging' | grep -v '<runstats' | grep -v '</runstats>' | grep -v '</nmaprun>' >> results.xml $ tail -3 results.xml-00 >> results.xml
  • 7. Nmap scaling • Taras Bobalo’s talk – Application Security Automation with DevOps Tools and Clouds https://www.youtube.com/watch?v=EYEwhwsVjJ0 • Distributed Nmap Framework (dnmap) – https://sourceforge.net/p/dnmap/wiki/Home/ • Docker – instrumentisto/nmap
  • 8. Nmap troubleshooting • 99% of the time – it ’hangs’ • Change debug level: d = up, shift+d = down • Press any key for stats incl. NSE scripts • Restart with --resume from XML results • Use timing optimization – --script-timeout, --host-timeout, – --min-rate, --max-retries • https://secwiki.org/w/FAQ_long_running
  • 9. CLI stuff • more, less, tail -f • openssl s_client • ncat • for u in $(cat usrl.lst); do curl -x 127.0.0.1:8080 $u > /dev/null & done • You name it!