Advanced NMap Techniques - Hak5 2415
HTML-код
- Опубликовано: 22 июн 2018
- Hak5 -- Cyber Security Education, Inspiration, News & Community since 2005:
____________________________________________
Dan Tentler joins us to share some tips about NMap and Mass Scan!
phobos.io/
/ viss
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
Shop → www.hakshop.com
Subscribe → / hak5
RSS Feeds → www.hak5.org/subscribe
Support → / threatwire
Amazon Associates → amzn.to/2pHgf8T
Our Site → www.hak5.org
Contact Us → / hak5
Threat Wire RSS → shannonmorse.podbean.com/feed/
Threat Wire iTunes → itunes.apple.com/us/podcast/t...
Help us with Translations! → ruclips.net/user/timedtext_cs_p...
For Business Inquiries, please use our contact forms → www.hak5.org/contact
Producer: Shannon Morse → / @sailorsnubs
Editor: Perrin M
Host: Shannon Morse → / snubs
Host: Darren Kitchen → / hak5darren
Host: Mubix → / mubix
-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community - where all hackers belong. Наука
Can we have a Viss segment on the show?
Like metasploit minute and linux terminal?
Hell, why not extend it to other pen testers and have them talk about their methods and experiences
Viss - explains things 100 miles an hour, yet still engaging and comprehensive. Legend !
Please feature more folks like Viss on your show! Not only did we learn great technical skills but also got an insight into how these skills can be used and have been used in real-world situations. Got a lot from this one episode!
Hell yeah! Keep bringing back Viss! Love that dude's talks
This is why I love hak5. Gurus showing real stuff.
this guys a legend! very good at explaining what hes on about
Finally I found out why my web is so slow here in Shenzhen, China . You were scanning me . Lol . Learn a lot from you guys . 👍
Viss has been the man for a while haha.
AWESOME video, learning so much
This guy knows so much, keep him on the show more often please
xargs is probably my favorite cmdline tool :D but word of advice, first always run your xarged command with an echo first to make sure you set it up right :D
my left ear really loved this episode
amazing, this could be probably one of the biggest information that i have ever been given. we need such playlist more and more in upcoming days. i hope i made you understand the things that i wanted to make you understand. we need such techniques more and more in upcoming days.
one of the best videos I have ever seen
nice video, thanks for the tips. Just as a hint, grep has a feature that can exclude it from the results, using, for example "grep [n]map", instead of "grep nmap | grep -v grep". Cheers
Very useful video, high level of giving knowledges. Do more vids, please, in this way.
Best nmap video ever♥️😍
You guys have great on-screen chemistry. More Viss + Shannon shows please! The content of these shows is fantastic, too. :)
Awesome!! This will help greatly with work!
Good for you that we not switched to IPv6 :P Thank you Hak5!
lmao the motion fx in this episode crack me up hahaha
Viss: Master of FPV drones, tinywhooping, Shodan, and destroying things with LAZERS
Great show.
Awesome video need moar Viss!
He's talented. Fun to watch.
I love Viss!
Hey Shannon, how about a segment on machine learning applied to penetration testing? I am thinking of finding patterns in traffic analysis perhaps
Once you've done the sweeps then you can do the bleeps and the creeps. ;)
i straight thought this in my head while i was saying it, but im no where good as michael winslow so I didn't even try :D
:D Respect + .. I fully lol'd on that one
@vissago I wonder what tools are in your tools directory besides ipscan
An episode about analyzing information gathered through nmap and osint tools like spiderfoot or the harvester with elasticsearch (or any big data analysis tool) would be really interesting as all of them just provide a just small piece of information which becomes meaningful when it is integrated with the one found by the other programs used
"This is a laptop..."
"Oh wow."
Agreed. A little less fake "wonderment" vocalized on every other sentence would make this much more useful and tolerable video.
She's nice! Cool it, man.
@@Kenneth_the_Philosopher Guys like you are the reason she's there, it seems. Why not let her show her brains and add to the video, being something other than a cheerleader?
This was like a pr0n video.. "Oh wow! Oh nice! Yeah, yeah! Oh, oh, yes yes.."
@@bendover4728 Not wanna ruin the purpose of the video.....But Bruh....you're damn right😂😂😂
Greatest video.
I Wonder how many times they have to route the packages to get to the destination. Nmap has a built in function for scanning the subnet.
Vissago Thank you for making Shodan.
I'm working on a Kodi Plug-In (next step: screen saver) that let's one channel surf through random IP cams and Shodan has been incredibly useful for building a list of them that are online. What's a good way to make the plug-in scale? I'm worried about too many people connecting to the same camera or using the plug-in to "scrape" my API (rate-limiting already implemented but not tested with more than a few machines).
Also, AWS does not seem like the place to put a REST API that is suggesting people access IP Cams that aren't theirs. Who might be okay with this?
Viss didn't make shodan. Shodan is made by John Matherly (aka achillean).
Viss is still awesome though.
Which one is the most reliable tool to scan for rdp(3389)? zmap, masscan, nmap or anything else?
when he asked if she was familiar with syn/ack handshake hahaha she looked like she died inside. 🤣
Can you send me link to the machine you are referring?
xargs is amaaaaaaaazing!
All cool stuff, but the thing that impressed me the most, was his ability to spell parallellelism.
Might implement the thing about scanning the office's internal network for newly opened ports, though - I do work for a lot of real estate agencies, and not only is the sales staff turnover ridiculously high, but they're all BYO laptops. I've gone bald from the frustrations.
And don't even get me started on the GeeDee software they insist on using. Not only does it require Borland Database Engine to be in Win3.1 compatibility mode, with Write Cache disabled on all computers, and the /Program Files/GeeDee folder to be excluded from all virus scans - but they only recently got rid of the _requirement_ that PC Anywhere be installed on "the main computer", open to the internet, with _a specific username and password,_ that are *published in their documentation freely available on the internet.*
...Not to suggest that these things could be problematic...
Does the thumbnail for this video keep changing ?
love u hak5
Great gold reference
Can viss become a host ? He is legend
I scan windows 10 with all its options and gives all the ports are filtered, you can help me
So... Cutting is brutal, but I know Viss have a bit of a overload of info to burp ;).
I have no idea what is going on. What's a good series of videos to begin to understand this
Ohhhh boy...10 to 2 is 4 hours:)
So only ipv4 was being scanned? What about ipv6 addresses?
love the name of the mounted drive on viss' desktop
I did that on purpose hoping someone would catch it and frankly im surprised the os let me do that - your'e the first to mention it :D
vissago that’s hilarious! I had to stop and think if I had missed a new way of injecting code :) that made me think for a sec.
Someone explain this to me
Why not use gnu parallel?
Viss : *talks*
Girl : *oh wow*
Not used to watching Viss without the doc anymore...
I like dan, let's see more dan.
keep hakin :)
"I also have problems with reading comprehension."
looking a this I'm getting some ideas on how to get my friends internet down :))
Tarpitting! Reminded me of LaBrea Tarpit which I used for over a decade and always worked perfectly.
Smart Guy.
shannon mesmerized by viss lol XD
I know you could tell by body language and eye movement
And where she whipped him with the blue cable.
Let me guess, the 50 VMs doing portscans are going to be located on servers in India when scanning ports in China, since the two countries don't cooperate that much :)
Bro in my vmware kalilinux does not show its wifi Option it shows only wire connection
how to solve it
are you using virtual machine without external wifi adapter ? [in that case it will not show wifi]
Парень реально крут
How about randomly scanning 200 million IP addresses using something like the bubble sort algorithm to find live hosts? You might find a larger number of live hosts in a limited amount of time (you would not want to scan all of the 200 million hosts just find a large number of live hosts). A sequential search may not be ideal for efficiently finding live IP nodes.
Eternal blue almost get me caught by the feds.
oh wow
33:58 What is a SIM (sp?)
Heyyyyy....tentacle boooooiiiii.
that look at the camera was so perfect
isn't that how wanncry works it's scanns IPs and use eternalblue ??
There's something I don't get. He said he's scanning hosts for Ethernablue, but how it is possible to scan host behind a public IP ? Is there weakness about NAT/PAT or firewalls ? Is there a way to find private IP behind a router ?
Asking for documentation ofc, I won't learn it through a YT comment
Would i have been better to use "parallel" instead of "xargs' unless you're backgrounding them all which isn't ideal. Using"parallel" will run all of the commands at the same time and track them.
I wonder exactly what viss said that required a post production edit 38:31 maybe a "TMI" moment or a slip of the tongue? Trust your techno edit
Tour Con? TOR Con? I'd love to watch the VNC scan talk.
Toorcon
Cool scripting in the video! But probably a more fitting title would be "techniques to scale nmap" or something alike. ("Scaling nmap to 100mbit"?)
can install steam on kali
يآوطن غلآك كبير no
is he using some 3rd party terminal on Mac?
no, just regular old terminal, but the thing im running inside it is byobu
Thanks, btw very interesting video, hoping for more soon
He's ssh'd to his server.
I know that Juan, just been asking about the nonstandard features you can see on the bottom of the window (and got the response from Viss above), cheers
from 10 to 14 are 4 hour dude, the count doesn't start from zero when we are in the time domain :) :) :)
Hey Shannon and team, what's the guest's name in this video?
Viss
Legit
29:19
Viss: So, the idea here is, this is gonna tell us what's up and what's not up, and then what we can do is, we can take that last
script that we were using, and we can incorporate one into the other and say well, when we get the results of this, ...
Shannon: ItS sO bEaUtIfUl!
Viss: ... well it gets more interesting, check it out...
Shannon: It LoOkS lIkE a UnIcOrN!
Shannon Morse -- Video Host. Speaker.
oh wow, that makes sense, lol
10-2=5 hours? off by one error.
Skip to 9:24 to start the demo
neeeeeeeeerrrrrrrrrrrrrrrrd
Oh that's not going to tempt us down a rabbit hole, NOT AT ALL =0P
If you're going to do jump cuts, maybe the animated screen in the back that makes it blatantly and distractingly obvious might need to be reconsidered. Small nitpick, I know, and I mean nothing but friendly advice, so please don't take me wrong! Just my observation
LakeVermilionDreams rhheeeeeee??
Meh.
What the hell are you talking about at what time was there a jump cut?
Hak5 wow no wonder people hate the RUclips comment sections when even the content creators can't even comment something on a productive manner. Normally this channel has been pretty good at interacting with fans, but this sarcasm leaves a bad taste in the mouth.
LakeVermilionDreams
Dude it’s not big of a deal ...
If you have a problem creat your own hak5 ...
How about that 👶...
IPv6 is part of the internet.
I wish Shannon wouldn’t say “of course” so often. It doesn’t add much to the show, belittles the audience, and makes the guest sound like they’re stating the obvious. Dan is my hero, and he’s very good at explaining things too.
scanning china sounds fun
Hi.
Gently pointing out that it's clear you two did the "Storytime With Viss! Offensive Security Fails" back-to-back with this one.
From a production point of view, I get that it's convenient to shoot it like that, but couldn't you have at least changed your shirts? Maybe mussed up your hair a little? Changed the lighting?
If you're going to bill something as being separate shows, maybe it could at least look like it was done on different days?
:)
17:04 "So why do you wanna that a 256 as opposed to 128?“
Because - oh wow - to scan each /24 chunk in one go Dan must tell nmap to work on 256 IPs at once instead of 128, as he explained earlier?
"Yeah wow. OK. Of course. Ooohhh cool". (😲🤔🤯)
I'm in love this woman wow is beautiful, waw she just says wow kkkkkkkkkk.. Come to Portugal goooooo wow
So hacking the hold internet on port 445 really take forever literally
what if you can make a bomb instead of flamethrower
?? Dean Cain is a Hacker ??
Starts in 9:03. Thx me via Like!! Jejeje
Every time I watch these, I get the impression that Snubs is completely clueless as to what her guests are talking about. Lol.
Look at her face when viss mentioned something as simple as whois (12:31). 😩️
i know this is irrelivant but i saw the ad "cleanmymac" ad on pornhub cant be that reliable...
Well I have recently got 50 MBPS Plan RIP internet
Wtf does that have to do with scanning?
skip to 9 mins in when it gets interesting.