NMAP, also known as Network Mapper, is a versatile tool for network scanning and security auditing. It is free and open-source, providing a robust platform for system administrators and cybersecurity professionals to identify hosts and services on a network, generating a map of the system.

One of the key features in NMAP is the —script option. This option allows users to utilize different NMAP Scripting Engine (NSE) scripts. The NSE is one of Nmap’s unique features that allows users to write (or share) scripts using Lua programming language to automate a wide variety of networking tasks. NSE scripts range from simple tasks to complex scanning. This makes the —script feature a powerful option, extending NMAP’s basic functionality.

The —script option is used like this: nmap —script [script.nse] target

The scripts are located in the “/usr/share/nmap/scripts” directory for Unix/Linux systems and the “\Program Files (x86)\Nmap\scripts” for Windows. Potentially, you could use all of the scripts at once using the command “nmap —script all target”. However, it is common to use individual scripts or a selected group for specific tasks. For example, to use the ssh-brute script to attempt to crack SSH passwords, you might use the command “nmap —script ssh-brute target”.

Nmap scripts are divided into several categories for easy referencing – like auth, broadcast, brute, discovery, dos, exploit, external, fuzzer, intrusive, malware, safe, version, and vuln.

For example, using —script vuln will execute every script from the ‘vuln’ category, which is composed of scripts that check for specific vulnerabilities. Alternatively, —script “safe” will run all scripts from the ‘safe’ category, which means they are not intrusive and can be run against any target.

In summary, the —script option in NMAP is a powerful extension that allows users to automate a wide range of networking tasks. It provides a flexible platform to customize network scanning capabilities using scripts written in the Lua programming language. This functionality, combined with the extensive library of existing NSE scripts, extends NMAP’s capabilities beyond basic network scanning, providing a comprehensive tool for network security auditing.

Source:
1. “Nmap Network Scanning: Official Nmap Project Guide to Network Discovery and Security Scanning” by Gordon “Fyodor” Lyon. Available at: https://nmap.org/book/nse.html
2. “Mastering Nmap Scripting Engine” by Paulino Calderon. Available at: https://www.packtpub.com/product/mastering-nmap-scripting-engine/9781782168291
3. Official NMAP Documentation, specifically section “7.2 NSE Script Categories.” Available at: https://nmap.org/book/nse-usage.html#nse-categories

DinoGeek offers simple articles on complex technologies

Would you like to be quoted in this article? It's very simple, contact us at dino@eiki.fr

CSS | NodeJS | DNS | DMARC | MAPI | NNTP | htaccess | PHP | HTTPS | Drupal | WEB3 | LLM | Wordpress | TLD | Domain name | IMAP | TCP | NFT | MariaDB | FTP | Zigbee | NMAP | SNMP | SEO | E-Mail | LXC | HTTP | MangoDB | SFTP | RAG | SSH | HTML | ChatGPT API | OSPF | JavaScript | Docker | OpenVZ | ChatGPT | VPS | ZIMBRA | SPF | UDP | Joomla | IPV6 | BGP | Django | Reactjs | DKIM | VMWare | RSYNC | Python | TFTP | Webdav | FAAS | Apache | IPV4 | LDAP | POP3 | SMTP