Believe it or not, many enterprises have devices and services that exist on their networks largely unbeknownst to anyone. Unfortunately, all too often these incognito assets are security vulnerabilities just waiting to be exploited by persistent attackers. But what's the fastest, easiest way to find these hidden devices and services without paying for an expensive product or service?
In this month’s SearchSecurity.com screencast video, expert penetration tester Mike McLaughlin of First Base Technologies offers this demo of the NMAP Scripting Engine (NSE). This brief NMAP NSE tutorial shows how to use NMAP NSE scripts to identify potential attack targets, detect versions of various devices and services, and much more.
Want more demos of free security tools? Visit our screencast page.
About the author:
Mike McLaughlin is a penetration tester working for First Base Technologies, an information security consultancy in the UK. Mike's daily work consists of both internal and external network based penetration testing, web application penetration testing, and social engineering.