What Is Covered:
• What is NMAP
• Use Cases of NMAP
• How Network Services Work
• Defining Targets and Exclusions
• Host Discovery & Network Mapping
• NMAP Output File Formats and Uses
• Port Scanning and the Many Modes of Doing so.
• Service Version Detection
• How Version Detection Works and How to Add Your Own Detection Rules
• OS Discovery
• NSE Scripts for Information Gathering and Vulnerability Discovery
• Light Primer into the LUA Language and Scripting for NMAP
• Using NSE to Automate Re-testing
• Zenmap, The NMAP GUI
• Further Reading Resources
Machine running Kali or Debian natively, and installing Virtual box or VMWare Workstation on it to run the target to attack, which would be Metasploitable2.
The advantage for this would be a few things:
1) Linux is native would provide a consistent experience and make troubleshooting easier.
2) Using Linux on the native host would remove the limitations that the windows version of NMAP has.
3) Using Metasploitable2 as a VM actually has no GUI and as such, very low memory requirements, people should be able to allot about 512 mb of RAM to the VM and still work pretty well.
4) setting up as a VM, they can set it up with a host-only network adapter so only their machine can talk to it, so no one else can tamper with their machine.
5) having their own VM is a lot smoother and reduces problems that might come from a classroom wide VM were everyone is attacking the same VM and they are going to have problems with race conditions when doing some of the scans.
6) this would be something a remote attendee could spin up at home.
7) it would provide everyone a setup they can take with them afterwards and continue to experiment and home their skills with in the event of an information overload.