Exercise 1

Choose a domain and get the name servers associated with it.

Exercise 2

Using the same domain as the previous question, get the mail servers.

Exercise 3

Find the IP addresses of the docker containers running on localhost.

Exercise 4

Enumerate the services running on each of these containers. What versions are they? Are there known vulnerabilities?

Exercise 5

Try running some NSE scripts against the containers. What scripts do you think would be useful to try? Why?

Exercise 6

Find your home network IP address range and run an nmap scan against it. What machines are on your network? Are they running strange services?