The Nmap Scripting Engine (NSE) is one of Nmap's most powerful and flexible features. It allows users to write (and share) simple scripts (using the Lua programming language ) to automate a wide variety of networking tasks. Those scripts are executed in parallel with the speed and efficiency you expect from Nmap. Users can rely on the growing and diverse set of scripts distributed with Nmap, or write their own to meet custom needs. Tasks we had in mind when creating the system include network discovery, more sophisticated version detection, vul ...
Nmap used to have this functionality (called ident scan), but it was removed while... NSE scripts generally only return messages when they succeed, so they don't flood the user with...
Environment Variables ; SCRIPT_PATH : The script path. SCRIPT_NAME : The script name. This variable can be used in debug output. SCRIPT_TYPE : Since a script can have multiple rule functions, this environment variable will show which rule has activated the script, this would be useful if the script wants to share some code between different Script Scan phases. It will take one of these four string values: "prerule", "hostrule", "portrule" or "postrule". This variable is only available during and after the evaluation of the rule functions.
Browse the list of 604 NSE scripts or read up on the 139 NSE libraries. nmap.org nmap 사이트의 NSE 페이지에서는 nse 스크립트에 대한 자세한 정보를 제공하고 있는데, 스크립트별로 사용법...
Script types: portrule Categories: discovery, intrusive Download: https://svn.nmap.org/nmap/scripts/ssl-enum-ciphers.nse · This script repeatedly initiates SSLv3/TLS connections, each time trying a new cipher or compressor while recording whether a host accepts or rejects it. The end result is a list of all the ciphersuites and compressors that a server accepts. Each ciphersuite is shown with a letter grade (A through F) indicating the strength of the connection. The grade is based on the cryptographic strength of the key exchange and of the s ...
These features are extensible by scripts that provide more advanced service detection, [7] vulnerability detection, [7] and other features. Nmap can adapt to network conditions including...
Script types: portrule Categories: discovery, intrusive, vuln Download: https://svn.nmap.org/nmap/scripts/http-enum.nse · Enumerates directories used by popular web applications and servers. This parses a fingerprint file that's similar in format to the Nikto Web application scanner. This script, however, takes it one step further by building in advanced pattern matching as well as having the ability to identify specific versions of Web applications. You can also parse a Nikto-formatted database using http-fingerprints.nikto-db-path. This will ...
Script types: hostrule Categories: discovery, intrusive Download: https://svn.nmap.org/nmap/scripts/smb-enum-shares.nse · Attempts to list shares using the srvsvc.NetShareEnumAll MSRPC function and retrieve more information about them using srvsvc.NetShareGetInfo. If access to those functions is denied, a list of common share names are checked. Finding open shares is useful to a penetration tester because there may be private files shared, or, if it's writable, it could be a good place to drop a Trojan or to infect a file that's already there. ...
Script types: portrule Categories: vuln, safe Download: https://svn.nmap.org/nmap/scripts/ssl-ccs-injection.nse · Detects whether a server is vulnerable to the SSL/TLS "CCS Injection" vulnerability (CVE-2014-0224), first discovered by Masashi Kikuchi. The script is based on the ccsinjection.c code authored by Ramon de C Valle (https://gist.github.com/rcvalle/71f4b027d61a78c42607) · In order to exploit the vulnerablity, a MITM attacker would effectively do the following: o Wait for a new TLS connection, followed by the ClientHello ServerHello ...
A list of 604 Nmap scripts and their descriptions. Links to more detailed documentation.