Mastering the Nmap Scripting Engine
- Type
- Slides
- Tags
- scanning, vulnerability assessment
- Authors
- David Fifield, Fyodor
- Event
- Black Hat USA 2010
- Indexed on
- Mar 27, 2013
- URL
- http://nmap.org/presentations/BHDC10/Fyodor-David-BlackHatUSA-2010-Slides.pdf
- File name
- Fyodor-David-BlackHatUSA-2010-Slides.pdf
- File size
- 801.3 KB
- MD5
- afffda8d49f5114161c078eec94bb695
- SHA1
- 1e390f141f31b91eec084aaed095d003fc93a3e4
Most security practitioners can use Nmap for simple port scanning and OS detection, but the Nmap Scripting Engine (NSE) takes scanning to a whole new level. Nmap's high-speed networking engine can now spider web sites for SQL injection vulnerabilities, brute-force crack and query MSRPC services, find open proxies, and more. Nmap includes more than 125 NSE scripts for network discovery, vulnerability detection, exploitation, and authentication cracking. Rather than give a dry overview of NSE, Fyodor and Nmap co-maintainer David Fifield demonstrate practical solutions to common problems. They have scanned millions of hosts with NSE and will discuss vulnerabilities found on enterprise networks and how Nmap can be used to quickly detect those problems on your own systems. Then they demonstrate how easy it is to write custom NSE scripts to meet the needs of your network. Finally they take a quick look at recent Nmap developments and provide a preview of what is soon to come. This presentation does not require any NSE experience, but it wouldn't hurt to read nmap.org/book/nse.html.
About us
Secdocs is a project aimed to index high-quality IT security and hacking documents. These are fetched from multiple data sources: events, conferences and generally from interwebs.
Statistics
Serving 8166 documents and 531.0 GB of hacking knowledge, indexed from 2419 authors from 163 security conferences.
Contribute
To support this site and keep it alive, you can click on the buttons below. Any help is really appreciated! This service is provided for free, but real money is needed to pay bills.
