RECONNAISSANCE From a reconnaissance point of view there isn't much to do excepting noting down the IP address of the machine. You can also download this room as a virtual disk file and run it upon an instance of VirtualBox or VMware. Another thing that you must be mindful of is that the machine takes some time to boot so try pinging it before moving on with a nmap scan. SCANNING AND ENUMERATION I went ahead with a aggressive scan while also utiltizing the nmap's scripting engine to fire up the scripts in vuln category. The command being nmap -n -Pn -T5 -A --script=vuln <IP_Address> wherein the arugments are -n: To turn off DNS resolution -Pn: To not ping the IP address and directly go ahead with scanning it as I knew if was alive -T5: To increase the timing speed to maximum -A: To perform an aggressive scan which is a combination of custom scripts, OS fingerprinting and service detection of the ports --script=vuln: This is a group of nmap scripts which are used to scan t