diff --git a/scripts/afp-path-vuln.nse b/scripts/afp-path-vuln.nse
index a05a72b13..00202fa4b 100644
--- a/scripts/afp-path-vuln.nse
+++ b/scripts/afp-path-vuln.nse
@@ -46,7 +46,7 @@ For additional information:
 
 author = "Patrik Karlsson"
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
-categories = {"vuln", "safe"}
+categories = {"exploit", "intrusive", "vuln"}
 
 require 'shortport'
 require 'stdnse'
diff --git a/scripts/broadcast-ms-sql-discover.nse b/scripts/broadcast-ms-sql-discover.nse
index 59fb51c16..21fefca57 100644
--- a/scripts/broadcast-ms-sql-discover.nse
+++ b/scripts/broadcast-ms-sql-discover.nse
@@ -45,7 +45,7 @@ broadcast version will only use the SQL Server Browser service discovery method.
 
 author = "Patrik Karlsson"
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
-categories = {"broadcast", "safe", "discovery"}
+categories = {"broadcast", "safe"}
 
 require 'mssql'
 require 'target'
diff --git a/scripts/ftp-proftpd-backdoor.nse b/scripts/ftp-proftpd-backdoor.nse
index 81a7504f6..5002f4014 100644
--- a/scripts/ftp-proftpd-backdoor.nse
+++ b/scripts/ftp-proftpd-backdoor.nse
@@ -23,7 +23,7 @@ Tests for the presence of the ProFTPD 1.3.3c backdoor reported as OSVDB-ID 69562
 
 author = "Mak Kolybabi"
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
-categories = {"discovery", "intrusive"}
+categories = {"exploit", "intrusive", "malware", "vuln"}
 
 require("ftp")
 require("shortport")
diff --git a/scripts/ftp-vsftpd-backdoor.nse b/scripts/ftp-vsftpd-backdoor.nse
index c98a7f0fd..187baae72 100644
--- a/scripts/ftp-vsftpd-backdoor.nse
+++ b/scripts/ftp-vsftpd-backdoor.nse
@@ -28,7 +28,7 @@ References:
 
 author = "Daniel Miller"
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
-categories = {"discovery", "intrusive"}
+categories = {"exploit", "intrusive", "malware", "vuln"}
 
 require("ftp")
 require("nmap")
diff --git a/scripts/irc-unrealircd-backdoor.nse b/scripts/irc-unrealircd-backdoor.nse
index 440ec4ca3..91b9ffc61 100644
--- a/scripts/irc-unrealircd-backdoor.nse
+++ b/scripts/irc-unrealircd-backdoor.nse
@@ -44,7 +44,7 @@ Reference:
 
 author = "Vlatko Kosturjak and Ron Bowes"
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
-categories = {"vuln", "safe"}
+categories = {"exploit", "intrusive", "malware", "vuln"}
 
 require "shortport"
 require "comm"
diff --git a/scripts/iscsi-info.nse b/scripts/iscsi-info.nse
index d58779b10..0687ab794 100644
--- a/scripts/iscsi-info.nse
+++ b/scripts/iscsi-info.nse
@@ -21,7 +21,7 @@ Collects and displays information from remote iSCSI targets.
 
 author = "Patrik Karlsson"
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
-categories = {"discovery"}
+categories = {"default", "safe", "discovery"}
 
 require("shortport")
 require("iscsi")
@@ -90,4 +90,4 @@ action = function( host, port )
 		table.insert(result, result_part)
 	end	
 	return stdnse.format_output( true, result )
-end
\ No newline at end of file
+end
diff --git a/scripts/script.db b/scripts/script.db
index 2fcb3a721..b8964b67d 100644
--- a/scripts/script.db
+++ b/scripts/script.db
@@ -1,6 +1,6 @@
 Entry { filename = "afp-brute.nse", categories = { "auth", "intrusive", } }
 Entry { filename = "afp-ls.nse", categories = { "discovery", "safe", } }
-Entry { filename = "afp-path-vuln.nse", categories = { "safe", "vuln", } }
+Entry { filename = "afp-path-vuln.nse", categories = { "exploit", "intrusive", "vuln", } }
 Entry { filename = "afp-serverinfo.nse", categories = { "discovery", "safe", } }
 Entry { filename = "afp-showmount.nse", categories = { "discovery", "safe", } }
 Entry { filename = "asn-query.nse", categories = { "discovery", "external", "safe", } }
@@ -13,7 +13,7 @@ Entry { filename = "broadcast-avahi-dos.nse", categories = { "broadcast", "dos",
 Entry { filename = "broadcast-db2-discover.nse", categories = { "broadcast", "safe", } }
 Entry { filename = "broadcast-dns-service-discovery.nse", categories = { "broadcast", "safe", } }
 Entry { filename = "broadcast-dropbox-listener.nse", categories = { "broadcast", "safe", } }
-Entry { filename = "broadcast-ms-sql-discover.nse", categories = { "broadcast", "discovery", "safe", } }
+Entry { filename = "broadcast-ms-sql-discover.nse", categories = { "broadcast", "safe", } }
 Entry { filename = "broadcast-netbios-master-browser.nse", categories = { "broadcast", "safe", } }
 Entry { filename = "broadcast-novell-locate.nse", categories = { "broadcast", "safe", } }
 Entry { filename = "broadcast-upnp-info.nse", categories = { "broadcast", "safe", } }
@@ -54,8 +54,8 @@ Entry { filename = "ftp-anon.nse", categories = { "auth", "default", "safe", } }
 Entry { filename = "ftp-bounce.nse", categories = { "default", "safe", } }
 Entry { filename = "ftp-brute.nse", categories = { "auth", "intrusive", } }
 Entry { filename = "ftp-libopie.nse", categories = { "intrusive", "vuln", } }
-Entry { filename = "ftp-proftpd-backdoor.nse", categories = { "discovery", "intrusive", } }
-Entry { filename = "ftp-vsftpd-backdoor.nse", categories = { "discovery", "intrusive", } }
+Entry { filename = "ftp-proftpd-backdoor.nse", categories = { "exploit", "intrusive", "malware", "vuln", } }
+Entry { filename = "ftp-vsftpd-backdoor.nse", categories = { "exploit", "intrusive", "malware", "vuln", } }
 Entry { filename = "ftp-vuln-cve2010-4221.nse", categories = { "intrusive", "vuln", } }
 Entry { filename = "giop-info.nse", categories = { "discovery", "safe", } }
 Entry { filename = "gopher-ls.nse", categories = { "default", "discovery", "safe", } }
@@ -99,9 +99,9 @@ Entry { filename = "ip-geolocation-ipinfodb.nse", categories = { "discovery", "e
 Entry { filename = "ip-geolocation-maxmind.nse", categories = { "discovery", "external", "safe", } }
 Entry { filename = "ipidseq.nse", categories = { "discovery", "safe", } }
 Entry { filename = "irc-info.nse", categories = { "default", "discovery", "safe", } }
-Entry { filename = "irc-unrealircd-backdoor.nse", categories = { "safe", "vuln", } }
+Entry { filename = "irc-unrealircd-backdoor.nse", categories = { "exploit", "intrusive", "malware", "vuln", } }
 Entry { filename = "iscsi-brute.nse", categories = { "auth", "intrusive", } }
-Entry { filename = "iscsi-info.nse", categories = { "discovery", } }
+Entry { filename = "iscsi-info.nse", categories = { "default", "discovery", "safe", } }
 Entry { filename = "jdwp-version.nse", categories = { "version", } }
 Entry { filename = "ldap-brute.nse", categories = { "auth", "intrusive", } }
 Entry { filename = "ldap-novell-getpass.nse", categories = { "discovery", "safe", } }
@@ -203,19 +203,19 @@ Entry { filename = "sql-injection.nse", categories = { "intrusive", "vuln", } }
 Entry { filename = "ssh-hostkey.nse", categories = { "default", "discovery", "safe", } }
 Entry { filename = "ssh2-enum-algos.nse", categories = { "discovery", "safe", } }
 Entry { filename = "sshv1.nse", categories = { "default", "safe", } }
-Entry { filename = "ssl-cert.nse", categories = { "discovery", "safe", } }
+Entry { filename = "ssl-cert.nse", categories = { "default", "discovery", "safe", } }
 Entry { filename = "ssl-enum-ciphers.nse", categories = { "discovery", "intrusive", } }
 Entry { filename = "ssl-known-key.nse", categories = { "discovery", "safe", "vuln", } }
 Entry { filename = "sslv2.nse", categories = { "default", "safe", } }
 Entry { filename = "stuxnet-detect.nse", categories = { "discovery", "intrusive", } }
 Entry { filename = "svn-brute.nse", categories = { "auth", "intrusive", } }
-Entry { filename = "targets-sniffer.nse", categories = { "broadcast", "discovery", } }
+Entry { filename = "targets-sniffer.nse", categories = { "broadcast", "discovery", "safe", } }
 Entry { filename = "targets-traceroute.nse", categories = { "discovery", "safe", } }
 Entry { filename = "telnet-brute.nse", categories = { "auth", "intrusive", } }
 Entry { filename = "upnp-info.nse", categories = { "default", "discovery", "safe", } }
 Entry { filename = "vnc-brute.nse", categories = { "auth", "intrusive", } }
 Entry { filename = "vnc-info.nse", categories = { "discovery", "safe", } }
-Entry { filename = "wdb-version.nse", categories = { "default", "discovery", "version", } }
+Entry { filename = "wdb-version.nse", categories = { "default", "discovery", "version", "vuln", } }
 Entry { filename = "whois.nse", categories = { "discovery", "external", "safe", } }
 Entry { filename = "wsdd-discover.nse", categories = { "default", "discovery", "safe", } }
 Entry { filename = "x11-access.nse", categories = { "auth", "default", "safe", } }
diff --git a/scripts/ssl-cert.nse b/scripts/ssl-cert.nse
index 81815917e..1f24fd38f 100644
--- a/scripts/ssl-cert.nse
+++ b/scripts/ssl-cert.nse
@@ -62,7 +62,7 @@ author = "David Fifield"
 
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
 
-categories = { "safe", "discovery" }
+categories = { "default", "safe", "discovery" }
 
 require("nmap")
 require("nsedebug")
diff --git a/scripts/targets-sniffer.nse b/scripts/targets-sniffer.nse
index c78716c9d..a85b0d017 100644
--- a/scripts/targets-sniffer.nse
+++ b/scripts/targets-sniffer.nse
@@ -29,7 +29,7 @@ argument or <code>-e</code> Nmap option to define which interface to use.
 -- Thanks to everyone for the feedback and especially Henri Doreau for his detailed feedback and suggestions
 
 author = "Nick Nikolaou"
-categories = {"broadcast", "discovery"}
+categories = {"broadcast", "discovery", "safe"}
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
 
 require("stdnse")
diff --git a/scripts/wdb-version.nse b/scripts/wdb-version.nse
index 8ceb6d319..6e20cdb81 100644
--- a/scripts/wdb-version.nse
+++ b/scripts/wdb-version.nse
@@ -26,7 +26,7 @@ http://www.kb.cert.org/vuls/id/362332
 author = "Daniel Miller"
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
 -- may also be "safe", but need testing to determine
-categories = {"default", "version", "discovery"}
+categories = {"default", "version", "discovery", "vuln"}
 
 require 'shortport'
 require 'rpc'