Nmap NSE Script Notes
Introduction: Nmap's scripting engine (NSE) automates recon, detection, and exploitation. Scripts are categorized to help testers pick the right tool efficiently.
Types of Nmap Scripts
| Type | Description |
|---|---|
| Discovery | Identify hosts, services, and basic network info. |
| Vulnerability | Check for known vulnerabilities and misconfigurations. |
| Brute | Perform login or password brute force attacks. |
Searching Scripts Using Cat & Grep
cat /usr/share/nmap/scripts/script.db | grep "vuln"
NSE Script Categories
- safe – Non-intrusive
- intrusive – May affect target stability
- vuln – Vulnerability checks
- auth – Authentication scripts
- default – Runs with -sC
- brute – Brute force attacks
- discovery – Host/service discovery
Writing Your First NSE Script
description = "Simple NSE Script"
author = "Aryan" categories = {"safe"} portrule = function(host, port) return port.protocol=="tcp" and port.state=="open" end action = function(host, port) return "Test scan on "..host.ip end