Nmap_Scripting_Engine_Presentations.pptx
devadon8780
8 views
10 slides
Jul 09, 2024
Slide 1 of 10
1
2
3
4
5
6
7
8
9
10
About This Presentation
its a model ppt for nmap scripting engine
Slide Content
Introduction to Nmap • Network Mapper (Nmap) is an open-source tool for network exploration and security auditing. • Developed by Gordon Lyon (Fyodor) and first released in 1997. • Widely used for network inventory, managing service upgrade schedules, and monitoring host or service uptime.
What is the Nmap Scripting Engine (NSE)? • NSE is a powerful feature of Nmap that allows users to write and share simple scripts to automate a wide variety of networking tasks. • Introduced in Nmap version 4.50. • Scripts are written in Lua, a lightweight programming language.
Benefits of Using NSE • Enhances Nmap's capabilities beyond simple port scanning. • Automates complex network reconnaissance and exploitation tasks. • Extensible: Users can write custom scripts for specific needs. • Community-driven: Many scripts are shared and improved by the security community.
How NSE Works • NSE scripts are stored in the 'scripts' directory of Nmap. • Scripts are executed in parallel with Nmap's core scanning functions. • Each script can specify its own arguments and categories.
Script Categories • Auth: Authentication bypass and brute force attacks. • Broadcast: Network discovery using broadcast and multicast. • Default: Basic scripts that run with the '-sC' option. • Discovery: Network discovery tasks. • Dos: Denial of Service attacks. • Exploit: Exploit vulnerabilities. • External: Access information from third-party databases. • Intrusive: May disrupt the target system. • Malware: Check for malware infections. • Safe: Unlikely to cause disruptions. • Version: Service version detection. • Vuln: Vulnerability detection.
Example Scripts • http-enum: Enumerates directories used by web servers. • smb-os-discovery: Attempts to determine the OS of a remote SMB server. • ftp-anon: Checks for anonymous FTP logins. • ssl-heartbleed: Checks for the Heartbleed vulnerability in SSL/TLS.
Running NSE Scripts • Use the '--script' option followed by the script name(s): ``` nmap --script <script-name> <target> ``` • Run multiple scripts by specifying a comma-separated list or using wildcards: ``` nmap --script script1,script2 <target> nmap --script "http-*" <target> ``` • Use the '-sC' option to run the default set of scripts: ``` nmap -sC <target> ```
Writing Your Own NSE Scripts • Scripts are written in Lua and typically have four main sections: - Head: Metadata about the script. - Rule: When the script should run. - Action: Main logic of the script. - Post: (Optional) Clean up actions. • Example skeleton: ```lua description = [[ Short description of what the script does. ]] author = "Your Name" license = "Same as Nmap--See https://nmap.org/book/man-legal.html" categories = {"category1", "category2"} portrule = function(host, port) return port.number == 80 end action = function(host, port) -- Script logic here return "Script output" end ```
Use Cases • Network inventory and monitoring. • Vulnerability assessment and penetration testing. • Compliance auditing. • Security research and incident response. • Custom automation for specific network tasks.
Conclusion • The Nmap Scripting Engine extends Nmap's capabilities far beyond basic scanning. • NSE scripts are versatile, allowing for complex network tasks to be automated. • Community contributions keep NSE relevant and up-to-date with emerging security threats.
Tags
Categories
GeneralDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 8
- Slides 10
- Age 510 days
Related Slideshows
22
Pray For The Peace Of Jerusalem and You Will Prosper
RodolfoMoralesMarcuc
30 views
26
Don_t_Waste_Your_Life_God.....powerpoint
chalobrido8
32 views
31
VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf
JaiJai148317
30 views
14
Fertility awareness methods for women in the society
Isaiah47
29 views
35
Chapter 5 Arithmetic Functions Computer Organisation and Architecture
RitikSharma297999
26 views
5
syakira bhasa inggris (1) (1).pptx.......
ourcommunity56
28 views