Beginner Vulnerability Scanning Lab (Full Walkthrough)

Beginner Vulnerability Scanning Lab (Full Walkthrough)

TL;DR: Learn how to scan a vulnerable system, identify open ports, and discover potential vulnerabilities using Nmap in a hands-on lab.

Introduction

This lab walks you through a complete vulnerability scanning process. You’ll use Nmap to identify open ports, detect services, and uncover potential security weaknesses in a controlled environment.

Lab Setup

Before starting, ensure you have:

• Kali Linux (attacker machine)
• Metasploitable 3 (target machine)
• Both systems on the same network

Step 1: Identify the Target

Run the following command to confirm your network:

ip a

Locate your network range and identify the target system.

Step 2: Run a Basic Scan

nmap <target-ip>

This shows open ports on the system.

Step 3: Perform Service Detection

nmap -sV <target-ip>

This reveals service versions running on open ports.

Step 4: Identify Potential Vulnerabilities

Analyze results and look for:

• Outdated services
• Common ports (21, 22, 80, 443)
• Unusual or unexpected services

Step 5: Save Scan Results

nmap -sV -oN scan_results.txt <target-ip>

This saves your results for later analysis.

Common Mistakes

• Scanning the wrong IP address
• Not verifying network connectivity
• Ignoring service versions

Real-World Relevance

Vulnerability scanning is one of the first steps in penetration testing. Security professionals use it to identify weaknesses before attackers do.

Next Steps

Follow the full beginner penetration testing path:

• 1. Set up your lab (Metasploitable 3)
• 2. Scan the target with Nmap
• 3. Exploit vulnerabilities with Metasploit

Try a full vulnerability scanning lab →

Want more hands-on cybersecurity labs? Explore all labs and training →