1 00:00:00,270 --> 00:00:06,720 ‫In the end, Mapp lectures, we have seen no port scan, also known as being scan different ways of 2 00:00:06,720 --> 00:00:14,010 ‫scanning ports since scan, also known as half open scanning TCP scan, also known as TCP, can scan 3 00:00:14,700 --> 00:00:20,610 ‫UDP scan service and version detection and operating system detection. 4 00:00:21,650 --> 00:00:28,940 ‫Now, let's deep dive in and map the map scripting engine, or Nessie is one of 10 maps most powerful 5 00:00:28,940 --> 00:00:30,200 ‫and flexible features. 6 00:00:30,620 --> 00:00:35,480 ‫It allows users to write simple scripts to automate a wide variety of networking tasks. 7 00:00:36,080 --> 00:00:40,970 ‫Now those scripts are then executed in parallel with the speed and efficiency you would expect from 8 00:00:40,970 --> 00:00:41,360 ‫a map. 9 00:00:41,750 --> 00:00:48,170 ‫Users can rely on the growing and diverse set of scripts distributed within map or write their own to 10 00:00:48,170 --> 00:00:49,580 ‫meet custom needs. 11 00:00:50,680 --> 00:00:52,120 ‫So I'll show you a couple of things here. 12 00:00:52,570 --> 00:00:57,730 ‫Scripts are written in the embedded Lua programming language version 5.3. 13 00:00:59,150 --> 00:01:06,200 ‫And as he is activated with the surrogacy option or script, if you wish to specify a custom set of 14 00:01:06,200 --> 00:01:13,310 ‫scripts and results are integrated into and map normal and XML output, the default place of end map 15 00:01:13,310 --> 00:01:19,100 ‫embedded scripts is slash user slash share slash and map slash script. 16 00:01:20,830 --> 00:01:25,090 ‫NSC was designed to be versatile with the following tasks in mind. 17 00:01:25,750 --> 00:01:26,920 ‫Network discovery. 18 00:01:27,360 --> 00:01:30,310 ‫Now this is the most powerful part of in map, right? 19 00:01:30,550 --> 00:01:37,750 ‫Examples include looking up who is data based on the target domain querying ripe for the target IP to 20 00:01:37,750 --> 00:01:43,870 ‫determine ownership, S&P queries and listing available SMB shares and services. 21 00:01:44,770 --> 00:01:46,780 ‫More sophisticated version detection. 22 00:01:47,660 --> 00:01:53,510 ‫The map version detection system is able to recognize thousands of different services through its probe 23 00:01:53,510 --> 00:01:58,640 ‫and regular expression, signature based matching system, but it cannot recognize everything. 24 00:01:58,940 --> 00:02:04,760 ‫For example, identifying the Skype version to service requires two independent probes. 25 00:02:04,880 --> 00:02:11,750 ‫Which version detection isn't flexible enough to handle and map could also recognize more as an MP services 26 00:02:11,960 --> 00:02:15,710 ‫if it's right, a few hundred different community names by brute force. 27 00:02:16,280 --> 00:02:21,410 ‫But neither of these tasks are well-suited to traditional and map version detection. 28 00:02:21,710 --> 00:02:25,310 ‫But both are easily accomplished with nrsi. 29 00:02:26,850 --> 00:02:28,410 ‫Vulnerability detection. 30 00:02:29,350 --> 00:02:34,570 ‫When a new vulnerability is discovered, you will often want to scan your networks, quickly identify 31 00:02:34,570 --> 00:02:37,390 ‫vulnerable systems before the bad guys do. 32 00:02:37,750 --> 00:02:46,510 ‫While in Map isn't a comprehensive vulnerability scanner, NFC is powerful enough to handle even demanding 33 00:02:46,510 --> 00:02:47,710 ‫vulnerability checks. 34 00:02:48,790 --> 00:02:54,930 ‫Remember when the Heartbleed bug affected hundreds of thousands of systems worldwide and maps developers 35 00:02:54,930 --> 00:03:01,290 ‫responded with the SSL Heartbleed detection script within I was under two days. 36 00:03:02,810 --> 00:03:04,280 ‫Back door detection. 37 00:03:05,320 --> 00:03:10,510 ‫Many attackers and some automated worms weave back doors to enable later entry. 38 00:03:11,110 --> 00:03:17,470 ‫Some of these can be detected by Maps, regular expression based version detection, but more complex 39 00:03:17,470 --> 00:03:23,110 ‫worms and backdoors require NZ's advanced capabilities to reliably detect them. 40 00:03:24,550 --> 00:03:26,770 ‫Vulnerability exploitation. 41 00:03:28,310 --> 00:03:34,190 ‫As a general scripting language, NSC can even be used to exploit vulnerabilities rather than just find 42 00:03:34,190 --> 00:03:39,290 ‫them, but of course, it's not as powerful as exploit frameworks such as Metasploit.