• Div0 Blog Editor

10th Day of Christmas: nmap Scripting Engine (NSE)

On the 10th Day of Christmas, Div0 gave to me ... nmap Scripting Engine (NSE), msfvenom, searchsploit, urlcrazy, recon-ng, Zone Transfer Tool, Using Online Digest Databases, Hash Identification, Password Mutation Using JTR, and Custom Word List Generator (CeWL).

nmap Scripting Engine (NSE) features many scripts that can be used in a network penetration test. It allows users to write and automate networking tasks. It is written with the following features in mind (http://nmap.org/book/nse.html#nse-intro):

  • Network Discovery

  • More Sophisticated Version Detection

  • Vulnerability Detection

  • Backdoor Detection

  • Vulnerability Exploitation

A list of available scripts can be found on the nmap documentation: http://nmap.org/nsedoc/.


NSE In Action

Performing network recon on my test machine (IP address: 192.168.2.1).


To obtain all the local configuration parameters via UDP port 67:

nmap -sU -p 67 --script dhcp-discover.nse 192.168.2.1

To check if various crawling utilities are allowed by the target machine:

nmap -p80 --script http-useragent-tester.nse 192.168.2.1

Shared by Tan Jun Hao.

 
  • Facebook
  • Twitter
  • YouTube

Contact Us

Terms of Use | Code of Conduct

All rights reserved.

Division Zero (Div0) © 2017-2020.

Edgis © 2011-2017.