Nmap Scripts for Penetration Testing
How to Use Nmap Scripts for Penetration Testing
Nmap Scripts is a powerful tool for automating penetration testing, especially for finding vulnerabilities in hosts/targets.
Below you can find a cheat sheet of Nmap scripts.
HTTP scripts
nmap -sV --script http-csrf scanme.nmap.org
nmap -p80,443 --script http-apache-server-status scanme.nmap.org
nmap -p80,443 --script http-methods scanme.nmap.org
nmap -p80,443 --script http-errors scanme.nmap.org
nmap -p80, 443 --script http-grep.nse 10.0.2.13
nmap -p80,443 --script http-wordpress-enum.nse 10.0.2.254
nmap -p80,443 --script dns-brute scanme.nmap.org
SMB scripts
nmap -sT -p 445 -iL iplist.txt --script smb-protocols
nmap -n -sT 445 -iL iplist.txt --script smb-security-mode
SSL scripts
nmap -p80,443 --script ssl-enum-ciphers 10.0.2.7
nmap -p80,443 --script ssl-cert 10.0.2.7 -v
Vuln scripts
nmap -p80,443 --script vuln 10.0.2.13
nmap -sV --script vulners 10.0.2.13
nmap -sV --script vulners.nse 10.0.2.13
nmap -sV --script=vulners -oX filename.xml 10.0.2.13 → nicer formatting
WAF scripts
Nmap tools for WAF detection:
Nmap script to detect WAF:
Note: NMAP is very bad at detecting WAF
That's a wrap!
Dive deeper into the power of Nmap scripts on the Nmap website itself.
Comments
Post a Comment