Distributed Port Scanning: Creating an Nmap Cluster Using DNmap

Introduction

When performing a security engagement, the information gathered from port scanning is crucial. However, these scans can take a substantial amount of time when we set a reasonable timeout in an attempt to be thorough. So what happens when we need to scan a large amount of hosts? Say, an entire continent? We need to find a way to distribute the bandwidth load to multiple hosts in parallel. Fortunately, a tool has been developed which will allow us to create and manage a cluster of hosts which each have its own bandwidth dedicated to port scanning.

Automated Open Source Intelligence (OSINT) Using APIs

Introduction

The first step to performing any successful security engagement is reconnaissance. How much information one is able to enumerate about given personnel (for social engineering engagements) or systems can often impact the effectiveness of the engagement. In this post, we will discuss what Open Source Intelligence (OSINT) is and why it takes so much time, as well as ways we can use various application programming interfaces (APIs) to automate much of this process for us. Hopefully this post will help shed light on the importance of proper privacy settings, and the threat of automated information gathering due to APIs.