Webmaster Security
Top 10 Nmap NSE Scripts For PenTesters
Submitted by BURST, 13-12-2017, 07:04 AM, Thread ID: 64967
Thread Closed
13-12-2017, 07:04 AM
#1 Top 10 nmap NSE scripts for PenTesters.
The advantage of Nmap Scripting Engine (NSE) is that it adds a lot of automated features in nmap to automate a wide variety of networkingtasks.Herein this post I am using some of the most commonly used NSE scripts for Penetration Testers.
1.script http-enum
It performs Brute Force on a server path in order to discover web applications inuse.Ittests more than 2000 serverPath.Theworking of this NSE script is similar to NIKTO.
![[Image: http-enum.jpg?w=900]](https://manishbhardwajblog.files.wordpress.com/2017/11/http-enum.jpg?w=900)
2.script http-title
It Shows the title of the default page of a web server.
![[Image: 2-script-http-title.jpg?w=900]](https://manishbhardwajblog.files.wordpress.com/2017/11/2-script-http-title.jpg?w=900)
3.scriptdns.brute
It is used to find the Sub-Domains of the Website.
![[Image: 3-dns-brute.jpg?w=900]](https://manishbhardwajblog.files.wordpress.com/2017/11/3-dns-brute.jpg?w=900)
4. script whois-domain
It retrieves whois Information of a Domain.
![[Image: 4.jpg?w=900]](https://manishbhardwajblog.files.wordpress.com/2017/11/4.jpg?w=900)
5. script http-methods
This script is used to find out the HTTP request supported by a target by sending OPTIONS request.
![[Image: 6.jpg?w=900]](https://manishbhardwajblog.files.wordpress.com/2017/11/6.jpg?w=900)
6.scripttraceroute-geolocation.nse
This script is used to lists the geographical locations of each hops Traceroute.
![[Image: 7.jpg?w=900]](https://manishbhardwajblog.files.wordpress.com/2017/11/7.jpg?w=900)
7.script http-sitemap-generator
It Spiders a web server and displays its directory structure along with number and types of files in each folder.
![[Image: 5.jpg?w=900]](https://manishbhardwajblog.files.wordpress.com/2017/11/5.jpg?w=900)
8.script=nfs-ls
Attempts to get useful information about files from NFS exports. The output is intended to resemble the output of ls.
![[Image: 8.jpg?w=900]](https://manishbhardwajblog.files.wordpress.com/2017/11/8.jpg?w=900)
9.script=firewalk
It is used to check the firewall rules using an IP TTL expiration technique known as firewalking.
![[Image: 9.jpg?w=900]](https://manishbhardwajblog.files.wordpress.com/2017/11/9.jpg?w=900)
10.Script=mysql-info.nse
Connects to a MySQL server and prints information such as the protocol and version numbers, thread ID, status, capabilities, and the password salt.
![[Image: 10-1.jpg?w=900]](https://manishbhardwajblog.files.wordpress.com/2017/11/10-1.jpg?w=900)
![[Image: 10-2.jpg?w=900]](https://manishbhardwajblog.files.wordpress.com/2017/11/10-2.jpg?w=900)
:lit: References:nmap.org
1.script http-enum
It performs Brute Force on a server path in order to discover web applications inuse.Ittests more than 2000 serverPath.Theworking of this NSE script is similar to NIKTO.
2.script http-title
It Shows the title of the default page of a web server.
3.scriptdns.brute
It is used to find the Sub-Domains of the Website.
4. script whois-domain
It retrieves whois Information of a Domain.
5. script http-methods
This script is used to find out the HTTP request supported by a target by sending OPTIONS request.
6.scripttraceroute-geolocation.nse
This script is used to lists the geographical locations of each hops Traceroute.
7.script http-sitemap-generator
It Spiders a web server and displays its directory structure along with number and types of files in each folder.
8.script=nfs-ls
Attempts to get useful information about files from NFS exports. The output is intended to resemble the output of ls.
9.script=firewalk
It is used to check the firewall rules using an IP TTL expiration technique known as firewalking.
10.Script=mysql-info.nse
Connects to a MySQL server and prints information such as the protocol and version numbers, thread ID, status, capabilities, and the password salt.
:lit: References:nmap.org
![[Image: e72398fe92beda2aa80d0329e8b9f4febece7568.gif]](https://64.media.tumblr.com/834502d05f9b014cbc37366fe428a5a7/13cb9841c0799d7a-ff/s500x560/e72398fe92beda2aa80d0329e8b9f4febece7568.gif)
RE: Top 10 Nmap NSE Scripts For PenTesters
19-12-2017, 05:41 AM
#2 Users browsing this thread: 2 Guest(s)