Mastering the Nmap Scripting Engine

Presented at DEF CON 18 (2010), July 30, 2010, 5 p.m. (50 minutes).

Most hackers can use Nmap for simple port scanning and OS detection, but the Nmap Scripting Engine (NSE) takes scanning to a whole new level. Nmap's high-speed networking engine can now spider web sites for SQL injection vulnerabilities, brute-force crack and query MSRPC services, find open proxies, and more. Nmap includes more than 125 NSE scripts for network discovery, vulnerability detection, exploitation, and authentication cracking. Rather than give a dry overview of NSE, Fyodor and Nmap co-maintainer David Fifield demonstrate practical solutions to common problems. They have scanned millions of hosts with NSE and will discuss vulnerabilities found on enterprise networks and how Nmap can be used to quickly detect those problems on your own systems. Then they demonstrate how easy it is to write custom NSE scripts to meet the needs of your network. Finally they take a quick look at recent Nmap developments and provide a preview of what is soon to come. This presentation does not require any NSE experience, but it wouldn't hurt to read http://nmap.org/book/nse.html.

Presenters:

  • Fyodor
    Fyodor authored the open source Nmap Security Scanner in 1997 and continues to coordinate its development. He also maintains the Insecure.Org, Nmap.Org, SecLists.Org, and SecTools.Org security resource sites and has authored seminal papers on remote operating system detection and stealth port scanning. He is a founding member of the Honeynet project, former president of Computer Professionals for Social Responsibility (CPSR), and author or co-author of the books "Nmap Network Scanning", "Know Your Enemy: Honeynets" and "Stealing the Network: How to Own a Continent"
  • David Fifield
    David Fifield is the co-maintainer of Nmap and author of the Ndiff scan comparison utility. He has also been active in the maintenance and enhancement of the Ncat network tool, the Zenmap GUI, and the Nmap Scripting Engine. Much of his time has been spent improving Nmap's performance and accuracy. He has previously presented about Nmap at the FOSDEM and LinuxTag conferences.

Links:

Similar Presentations: