recentpopularlog in

whip_lash : nmap   23

Hani's blog: Making Nmap Scripting Engine stealthier
 You can find the default value in /usr/share/nmap/nselib/http.lua (At the beginning of the file, a couple of lines after the comments)

local USER_AGENT = stdnse.get_script_args('http.useragent') or "Mozilla/5.0 (compatible; Nmap Scripting Engine; http://nmap.org/book/nse.html)"

and change it to something more stealthy (default User Agent of Firefox on Windows 7 for example).
nmap  scanning  obfuscation 
7 weeks ago by whip_lash
nmap/lu-enum.nse at master · nmap/nmap · GitHub
When connecting to a TN3270E server you are assigned a Logical Unit (LU) or you can tell
the TN3270E server which LU you'd like to use. Typically TN3270E servers are configured to
give you an LU from a pool of LUs. They can also have LUs set to take you to a specific
application. This script attempts to guess valid LUs that bypass the default LUs you are
assigned. For example, if a TN3270E server sends you straight to TPX you could use this
script to find LUs that take you to TSO, C...
mainframe  pentest  telnet  nmap  scanner 
10 weeks ago by whip_lash
Freevulnsearch - Free And Open NMAP NSE Script To Query Vulnerabilities Via The cve-search.org API - KitPloit - PenTest & Hacking Tools for your CyberSecurity Kit ☣
This NMAP NSE script is part of the Free OCSAF project - https://freecybersecurity.org. In conjunction with the version scan "-sV" in NMAP, the corresponding vulnerabilities are automatically assigned using CVE (Common Vulnerabilities and Exposures) and the severity of the vulnerability is assigned using CVSS (Common Vulnerability Scoring System). For more clarity, the CVSS are still assigned to the corresponding v3.0 CVSS ratings:
Critical (CVSS 9.0 - 10.0)
High (CVSS 7.0 - 8.9)
Medium (CVSS 4.0 - 6.9)
Low (CVSS 0.1 - 3.9)
None (CVSS 0.0)
nmap  scan  pentest  cve  cvss  script  lua 
12 weeks ago by whip_lash
GitHub - OCSAF/freevulnsearch: Free and open NMAP NSE script to query vulnerabilities via the cve-search.org API.
In conjunction with the version scan "-sV" in NMAP, the corresponding vulnerabilities are automatically assigned using CVE (Common Vulnerabilities and Exposures) and the severity of the vulnerability is assigned using CVSS (Common Vulnerability Scoring System).
nmap  script  cvss  vulnerability  scanner 
february 2019 by whip_lash
Halcyon IDE
Halcyon IDE lets you quickly and easily develop Nmap scripts for performing advanced scans on applications and infrastructures with a range from recon to exploitation capabilities. It is the first IDE released exclusively for Nmap script development. Halcyon IDE is free and open source project (always will be) to provide an easier development interface to rapidly growing information security community around the world.
ide  programming  Scripting  development  lua  nmap 
june 2018 by whip_lash
Creating Static Binaries for Nmap, Socat and other Tools – Insinuator.net
In various scenarios it might be helpful or even required to have a statically compiled version of Nmap available. This applies to e.g. scenarios where only limited user privileges are available and installing anything to the system might not be desirable.


For such cases I’ve started to create recipes to build such binaries.
nmap  pentest  security 
february 2018 by whip_lash
GitHub - vulnersCom/nmap-vulners: NSE script based on Vulners.com API
NSE script using some well-known service to provide info on vulnerabilities
nmap  plugin  scanner  vulnerability  nse 
january 2018 by whip_lash
smb2-vuln-uptime NSE Script
Attempts to detect missing patches in Windows systems by checking the uptime returned during the SMB2 protocol negotiation.

SMB2 protocol negotiation response returns the system boot time pre-authentication. This information can be used to determine if a system is missing critical patches without triggering IDS/IPS/AVs.

Remember that a rebooted system may still be vulnerable. This check only reveals unpatched systems based on the uptime, no additional probes are sent.
smb  pentest  nmap  nse  vulnerability  scanner 
january 2018 by whip_lash
shodan-api NSE Script
Queries Shodan API for given targets and produces similar output to a -sV nmap scan. The ShodanAPI key can be set with the 'apikey' script argument, or hardcoded in the .nse file itself. You can get a free key from https://developer.shodan.io
osint  nse  nmap 
january 2018 by whip_lash
NSE Nmap Script Development IDE: Halcyon
 Halcyon IDE can understand Nmap library as well as traditional LUA syntax. Possible repetitive codes such as web crawling, bruteforcing etc., is pre-built in the IDE and this makes easy for script writers to save their time while developing majority of test scenarios.
nmap  nse  ide 
january 2018 by whip_lash
Top 32 Nmap Command Examples For Sys/Network Admins - nixCraft
The -D option it appear to the remote host that the host(s) you specify as decoys are scanning the target network too. Thus their IDS might report 5-10 port scans from unique IP addresses, but they won’t know which IP was scanning them and which were innocent decoys:
nmap  pentest 
january 2018 by whip_lash
Socks proxy servers scanning with nmap | Fun Over IP
A good way to collect your own proxy server list is to scan against (infected) ADSL/Cable users by choosing some ISP ranges from other countries.
proxy  socks  hacking  nmap 
september 2017 by whip_lash
Tor/Usage/Nmap-scan-through-tor - aldeid
The scans only work through Tor exit nodes with
.... 443 9030 s Exit Fast Running V2Dir Valid ...

You can search for an appropriate Exit Node on http://128.31.0.34:9031/tor/status/all
nmap  proxy  security  hacking  pentest 
june 2015 by whip_lash

Copy this bookmark:





to read