diff --git a/nselib/stdnse.lua b/nselib/stdnse.lua
index a989c1392..6e586595b 100644
--- a/nselib/stdnse.lua
+++ b/nselib/stdnse.lua
@@ -1411,4 +1411,15 @@ function get_timeout(host, max_timeout, min_timeout)
   return t
 end
 
+--- Returns the keys of a table as an array
+-- @param t The table
+-- @return A table of keys
+function keys(t)
+  local ret = {}
+  for k, _ in pairs(t) do
+    ret[#ret+1] = k
+  end
+  return ret
+end
+
 return _ENV;
diff --git a/scripts/fcrdns.nse b/scripts/fcrdns.nse
index 2fbccf62c..0086b3458 100644
--- a/scripts/fcrdns.nse
+++ b/scripts/fcrdns.nse
@@ -73,14 +73,6 @@ hostrule = function(host)
   return true
 end
 
-local function keys(t)
-  local ret = {}
-  for k, _ in pairs(t) do
-    ret[#ret+1] = k
-  end
-  return ret
-end
-
 action = function(host)
   -- Do reverse-DNS lookup of the IP
   -- Can't just use host.name because some IPs have multiple PTR records
@@ -135,7 +127,7 @@ action = function(host)
     str_out = nil
   elseif str_out == nil then
     -- we failed, and need to format a short output string
-    fail_addrs = keys(fail_addrs)
+    fail_addrs = stdnse.keys(fail_addrs)
     if #fail_addrs > 0 then
       table.sort(fail_addrs)
       str_out = string.format("FAIL (%s)", table.concat(fail_addrs, ", "))
diff --git a/scripts/ssl-ccs-injection.nse b/scripts/ssl-ccs-injection.nse
index 0fc851a60..4751aadaa 100644
--- a/scripts/ssl-ccs-injection.nse
+++ b/scripts/ssl-ccs-injection.nse
@@ -115,28 +115,20 @@ local function alert_unexpected_message(s)
   return true,true
 end
 
-local function keys(t)
-  local ret = {}
-  for k, _ in pairs(t) do
-    ret[#ret+1] = k
-  end
-  return ret
-end
-
 local function test_ccs_injection(host, port, version)
   local hello = tls.client_hello({
       ["protocol"] = version,
       -- Claim to support every cipher
       -- Doesn't work with IIS, but IIS isn't vulnerable
-      ["ciphers"] = keys(tls.CIPHERS),
+      ["ciphers"] = stdnse.keys(tls.CIPHERS),
       ["compressors"] = {"NULL"},
       ["extensions"] = {
         -- Claim to support every elliptic curve
         ["elliptic_curves"] = tls.EXTENSION_HELPERS["elliptic_curves"](
-          keys(tls.ELLIPTIC_CURVES)),
+          stdnse.keys(tls.ELLIPTIC_CURVES)),
         -- Claim to support every EC point format
         ["ec_point_formats"] = tls.EXTENSION_HELPERS["ec_point_formats"](
-          keys(tls.EC_POINT_FORMATS)),
+          stdnse.keys(tls.EC_POINT_FORMATS)),
       },
     })
 
@@ -228,6 +220,7 @@ local function test_ccs_injection(host, port, version)
   end
 
   -- Read the alert message
+  local vulnerable
   status,vulnerable = alert_unexpected_message(s)
 
   -- Leave the target not vulnerable in case of an error. This could occur
diff --git a/scripts/ssl-enum-ciphers.nse b/scripts/ssl-enum-ciphers.nse
index d9fb26577..9f8fc1b85 100644
--- a/scripts/ssl-enum-ciphers.nse
+++ b/scripts/ssl-enum-ciphers.nse
@@ -211,14 +211,6 @@ local function try_params(host, port, t)
   end
 end
 
-local function keys(t)
-  local ret = {}
-  for k, _ in pairs(t) do
-    ret[#ret+1] = k
-  end
-  return ret
-end
-
 local function sorted_keys(t)
   local ret = {}
   for k, _ in pairs(t) do
@@ -709,8 +701,7 @@ function sorted_by_key(t)
   local out = {}
   setmetatable(out, {
     __pairs = function(_)
-      local order = keys(t)
-      table.sort(order)
+      local order = sorted_keys(t)
       return coroutine.wrap(function()
         for i,k in ipairs(order) do
           coroutine.yield(k, t[k])
@@ -753,7 +744,7 @@ action = function(host, port)
     end
   until next(threads) == nil
 
-  if #( keys(results) ) == 0 then
+  if #( stdnse.keys(results) ) == 0 then
     return nil
   end
 
diff --git a/scripts/ssl-heartbleed.nse b/scripts/ssl-heartbleed.nse
index a2d6a3b5b..2b23e71dc 100644
--- a/scripts/ssl-heartbleed.nse
+++ b/scripts/ssl-heartbleed.nse
@@ -68,27 +68,19 @@ local function recvmsg(s, len)
   return true, pay
 end
 
-local function keys(t)
-  local ret = {}
-  for k, _ in pairs(t) do
-    ret[#ret+1] = k
-  end
-  return ret
-end
-
 local function testversion(host, port, version)
 
   local hello = tls.client_hello({
       ["protocol"] = version,
       -- Claim to support every cipher
       -- Doesn't work with IIS, but IIS isn't vulnerable
-      ["ciphers"] = keys(tls.CIPHERS),
+      ["ciphers"] = stdnse.keys(tls.CIPHERS),
       ["compressors"] = {"NULL"},
       ["extensions"] = {
         -- Claim to support every elliptic curve
-        ["elliptic_curves"] = tls.EXTENSION_HELPERS["elliptic_curves"](keys(tls.ELLIPTIC_CURVES)),
+        ["elliptic_curves"] = tls.EXTENSION_HELPERS["elliptic_curves"](stdnse.keys(tls.ELLIPTIC_CURVES)),
         -- Claim to support every EC point format
-        ["ec_point_formats"] = tls.EXTENSION_HELPERS["ec_point_formats"](keys(tls.EC_POINT_FORMATS)),
+        ["ec_point_formats"] = tls.EXTENSION_HELPERS["ec_point_formats"](stdnse.keys(tls.EC_POINT_FORMATS)),
         ["heartbeat"] = "\x01", -- peer_not_allowed_to_send
       },
     })