Wednesday, April 20, 2022

Nmap Basics Part 3

 One of the most powerful aspects of nmap are the scripts written to extend it's functionality. These scripts have an .nse extension, meaning they are part of the Nmap Scripting Engine. The default location for nmap scripts is at /usr/share/nmap/scripts. 

Using them you can do a rather thorough vulnerability assessment with nothing more than nmap. The scripts are prepended with a classification, shuch as http- or dns- or smb-, which makes it easy to search for, or use bash's auto-complete. But, you can use an entire category of scripts with a wildcard. To use one script, use --script=<script_name>. If the script takes any arguments, use --script-args=<argument1,argument2>. To use an entire class of scripts, wildcard the parameter such as --script=http*. Youy can update the scripts anytime with the command nmap --script-update. 

Blog Archive