NMAP Scripting Engine (NSE)

Port scanning with NMAP

Created: 2022-07-04
Tags: #literature

Abstract:

  • Multiple Scripts can be run in single command
  • Built-in help for each scripts
  • Arguments in Scripts
  • Finding Nmap Scripts

Uses LUA programming languange

Practice using nmap here. This website can be safely practiced
http://scanme.nmap.org

Many categories exists

  • safe:- Won't affect the target
  • intrusive:- Not safe: likely to affect the target
  • vuln:- Scan for vulnerabilities
    A more exhaustive list can be found here.

Multiple Scripts can be run in single command

We use , to separate commands

--script=<script_name1>, <script_name2>

--script=smb-enum-users, smb-enum-shares

Built-in help of scripts

`nmap --script-help ``

It will have a website link that leads you to more info

Arguments in scripts

<script-name>.<argument>

Finding nmap scripts

Through the official website

Or local copy

/usr/share/nmap/scripts

^ Directory above contains script.db

---> Use grep on script.db
grep "ftp" /usr/share/nmap/scripts/script.db
grep "safe" /usr/share/nmap/scripts/script.db

---> Or search folder with ls syntax
ls -l /usr/share/nmap/scripts/*script_name*

References

Interactive Graph
Table Of Contents
NMAP Scripting Engine (NSE)
Multiple Scripts can be run in single command
--script=<script_name1>, <script_name2>
Built-in help of scripts
`nmap --script-help ``
Arguments in scripts
<script-name>.<argument>
Finding nmap scripts
Through the official website
Or local copy
/usr/share/nmap/scripts
References