diff --git a/docs/scripting.xml b/docs/scripting.xml
index 27207eb47..ec21aa0d8 100644
--- a/docs/scripting.xml
+++ b/docs/scripting.xml
@@ -208,8 +208,8 @@ Nmap finished: 1 IP address (1 host up) scanned in 0.907 seconds
Currently defined categories are safe,
intrusive, malware,
version, discovery,
- vuln, auth and
- default.
+ vuln, auth,
+ external and default.
Category names are not case
sensitive. The following list describes each category.
@@ -313,6 +313,27 @@ Nmap finished: 1 IP address (1 host up) scanned in 0.907 seconds
+
+
+ “external” script category
+
+
+
+ Scripts in this category may send data to a
+ third-party database or other network resource. An example
+ of this is whois.nse, which makes a
+ connection to a
+ whoiswhois server
+ to learn about the address of the target. There is always
+ the possibility that the operators of the third-party
+ database will record anything you send to them, which in
+ many cases will include your IP address and the address of
+ the target. Most scripts involve traffic strictly between
+ the scanning computer and the client; any that do not are
+ placed in this category.
+
+
+
“default” script category