BelCyber(a CyberSecurity journey)

  An in-depth look at scanning with Nmap, a powerful network scanning tool. This room was created by DarkStar  and  MuirlandOracle , as it provides a great way to learn and start practicing nmap. I encourage you to give it a try by yourself since the hands-on practice will give you more understanding of the topic (take advantage of the manual page man nmap ). Task2: What networking constructs are used to direct traffic to the right application on a server? Ports How many of these are available on any network-enabled computer? 65535 [Research] How many of these are considered "well-known"? (These are the "standard" numbers mentioned in the task) 1024 Task3: What is the first switch listed in the help menu for a 'Syn Scan' (more on this later!)? -sS Which switch would you use for a "UDP scan"? -sU If you wanted to detect which operating system the target is running on, which switch would you use? -O Nmap provides a switch to detect the version of the...

  Introduction The first step of penetration testing is the reconnaissance phase (recon) where you get to know your target better, and one of the most famous ways if not the best way to do that is using Nmap. Nmap or Network Mapper is a free (open-source) network exploration and security investigating tool. It can be also beneficial for jobs like network inventory, coordinating application update plans, and tracking host or service uptime.  Nmap analyzes raw IP packets in unique ways to figure out what hosts are on the network, what services they offer (giving names and versions), what operating systems (names and versions) they're using, what kind of packet filters/firewalls they're using, and lots of other information. you can find more details here . Disclaimer:   This thread is for educational purposes only, same as all other information available on this site. Installation If you're using Kali then you'll find Nmap pre-installed, otherwise, you can install Nmap usi...

Introduction: Splunk is a leading cybersecurity software company that develops Web-based applications for researching, monitoring, and evaluating data generated from connected machines, it provides applications such as SIEM solutions and add-ons for many world-leading tech vendors such as Cisco , AWS , Palo Alto , and many others. Splunk Enterprise Security: One of the most famous Splunk applications is Splunk ES , it resolves a variety of security analytics and services including regular security monitoring, enhanced threat detection, compliance, incident reports, forensics, and incident response. Splunk ES aims to resolve many common problems including: alert fatigue:  as it provides a high fidelity risk-alerting. visibility:  by bringing out data from different platforms using multi-cloud security monitoring. flexibility:  investigations can be an exhausting process when you face alerts from a variety of sources, Splunk ES enables you to carry out threat hunt...