security-scanning-tools

# Security Scanning Tools ## Purpose Master essential security scanning tools for network discovery, vulnerability assessment, web application testing, wireless security, and compliance validation. This skill covers tool selection, configuration, and practical usage across different scanning categories. ## Prerequisites ### Required Environment - Linux-based system (Kali Linux recommended) - Network access to target systems - Proper authorization for scanning activities ### Required Knowledge - Basic networking concepts (TCP/IP, ports, protocols) - Understanding of common vulnerabilities - Familiarity with command-line interfaces ## Outputs and Deliverables 1. **Network Discovery Reports** - Identified hosts, ports, and services 2. **Vulnerability Assessment Reports** - CVEs, misconfigurations, risk ratings 3. **Web Application Security Reports** - OWASP Top 10 findings 4. **Compliance Reports** - CIS benchmarks, PCI-DSS, HIPAA checks ## Core Workflow ### Phase 1: Network Scanning Tools #### Nmap (Network Mapper) Primary tool for network discovery and security auditing: ```bash # Host discovery nmap -sn 192.168.1.0/24 # Ping scan (no port scan) nmap -sL 192.168.1.0/24 # List scan (DNS resolution) nmap -Pn 192.168.1.100 # Skip host discovery # Port scanning techniques nmap -sS 192.168.1.100 # TCP SYN scan (stealth) nmap -sT 192.168.1.100 # TCP connect scan nmap -sU 192.168.1.100 # UD...