diff --git a/nselib/pppoe.lua b/nselib/pppoe.lua
index da40c35d0..7365885ae 100644
--- a/nselib/pppoe.lua
+++ b/nselib/pppoe.lua
@@ -21,8 +21,7 @@
 -- @author Patrik Karlsson <patrik@cqure.net>
 --
 
-local bin = require "bin"
-local math = require "math"
+local rand = require "rand"
 local nmap = require "nmap"
 local packet = require "packet"
 local stdnse = require "stdnse"
@@ -73,12 +72,12 @@ LCP = {
     -- @return o instance of ConfigOption
     parse = function(data)
       local opt, pos, len = {}, 1, 0
-      pos, opt.option, len = bin.unpack("CC", data, pos)
-      pos, opt.raw = bin.unpack("A" .. ( len - 2 ), data, pos)
+      opt.option, len, pos = string.unpack("BB", data, pos)
+      opt.raw, pos = string.unpack("c" .. ( len - 2 ), data, pos)
 
       -- MRU
       if ( 1 == opt.option ) then
-        opt.value = select(2, bin.unpack(">S", opt.raw))
+        opt.value = string.unpack(">I2", opt.raw)
       end
       return LCP.ConfigOption:new(opt.option, opt.value, opt.raw)
     end,
@@ -88,9 +87,9 @@ LCP = {
     __tostring = function(self)
       -- MRU
       if ( self.raw ) then
-        return bin.pack(">CCA", self.option, #self.raw + 2, self.raw )
+        return string.pack(">BB", self.option, #self.raw + 2) .. self.raw
       elseif( 1 == self.option ) then
-        return bin.pack(">CCS", 1, 4, self.value)
+        return string.pack(">BBI2", 1, 4, self.value)
       else
         error( ("Unsupported configuration option %d"):format(self.option) )
       end
@@ -146,9 +145,9 @@ LCP = {
       local pos, opt, opt_val, len
 
       repeat
-        pos, opt, len = bin.unpack(">CC", data, pos)
+        opt, len, pos = string.unpack(">BB", data, pos)
         if ( 0 == opt ) then break end
-        pos, opt_val = bin.unpack("A"..len, data, (pos - 2))
+        opt_val, pos = string.unpack("c"..len, data, (pos - 2))
         options:add(LCP.ConfigOption.parse(opt_val))
       until( pos == #data )
       return options
@@ -207,15 +206,14 @@ LCP = {
     -- @return o instance of ConfigOption
     parse = function(data)
       local header = LCP.Header:new()
-      local pos
-      pos, header.code, header.identifier, header.length = bin.unpack(">CCS", data)
+      header.code, header.identifier, header.length = string.unpack(">BBI2", data)
       return header
     end,
 
     -- Converts the class instance to string
     -- @return string containing the raw config option
     __tostring = function(self)
-      return bin.pack(">CCS", self.code, self.identifier, self.length)
+      return string.pack(">BBI2", self.code, self.identifier, self.length)
     end,
 
   },
@@ -392,9 +390,9 @@ PPPoE = {
     -- @param data string containing raw bytes to parse
     -- @return o instance of Header
     parse = function(data)
-      local pos, vertyp
       local header = PPPoE.Header:new()
-      pos, vertyp, header.code, header.session, header.length = bin.unpack(">CCSS", data)
+      local vertyp
+      vertyp, header.code, header.session, header.length = string.unpack(">BBI2I2", data)
       header.version = (vertyp >> 4)
       header.type = (vertyp & 0x0F)
       return header
@@ -404,7 +402,7 @@ PPPoE = {
     -- @return string containing the raw config option
     __tostring = function(self)
       local vertype = (self.version << 4) + self.type
-      return bin.pack(">CCSS", vertype, self.code, self.session, self.length)
+      return string.pack(">BBI2I2", vertype, self.code, self.session, self.length)
     end,
 
 
@@ -427,7 +425,7 @@ PPPoE = {
     -- Converts the instance to string
     -- @return string containing the raw config option
     __tostring = function(self)
-      return bin.pack(">SSA", self.tag, #self.value, self.value)
+      return string.pack(">I2s2", self.tag, self.value)
     end,
   },
 
@@ -438,10 +436,7 @@ PPPoE = {
     -- @param value string/number containing the tag value
     -- @return o instance of ConfigNak
     new = function(self, tags)
-      local c = ""
-      for i=1, 4 do
-        c = c .. math.random(255)
-      end
+      local c = rand.random_string(8)
 
       local o = {
         header = PPPoE.Header:new(PPPoE.Code.PADI),
@@ -489,14 +484,12 @@ PPPoE = {
       pado.data = data:sub(pos)
 
       repeat
-        local tag, len, decoded, raw
-        pos, tag, len = bin.unpack(">SS", data, pos)
-        raw = select(2, bin.unpack("A" .. len, data, pos))
+        local tag, raw
+        tag, raw, pos = string.unpack(">I2s2", pos)
         if ( PPPoE.TagDecoder[tag] ) then
-          pos, decoded = PPPoE.TagDecoder[tag](data, pos, len)
+          decoded = PPPoE.TagDecoder[tag](raw)
         else
           stdnse.debug1("PPPoE: Unsupported tag (%d)", tag)
-          pos = pos + len
         end
         local t = PPPoE.Tag:new(tag, raw)
         t.decoded = decoded
@@ -621,7 +614,7 @@ PPPoE = {
     __tostring = function(self)
       -- 2 for the encapsulation
       self.header.length = 2 + 4 + #self.data
-      return tostring(self.header) .. bin.pack(">S", 0xC021) .. self.data
+      return tostring(self.header) .. "\xC0\x21" .. self.data
     end,
 
   }
@@ -631,8 +624,8 @@ PPPoE = {
 
 -- A bunch of tag decoders
 PPPoE.TagDecoder = {}
-PPPoE.TagDecoder.decodeHex = function(data, pos, len) return pos + len, stdnse.tohex(data:sub(pos, pos+len)) end
-PPPoE.TagDecoder.decodeStr = function(data, pos, len) return pos + len, data:sub(pos, pos + len - 1) end
+PPPoE.TagDecoder.decodeHex = stdnse.tohex
+PPPoE.TagDecoder.decodeStr = function(data) return data end
 PPPoE.TagDecoder[PPPoE.TagType.SERVICE_NAME] = PPPoE.TagDecoder.decodeStr
 PPPoE.TagDecoder[PPPoE.TagType.AC_NAME] = PPPoE.TagDecoder.decodeStr
 PPPoE.TagDecoder[PPPoE.TagType.AC_COOKIE] = PPPoE.TagDecoder.decodeHex
@@ -663,10 +656,7 @@ Comm = {
     self.socket = nmap.new_socket()
     self.socket:set_timeout(10000)
 
-    -- there's probably a more elegant way of doing this
-    local mac = {}
-    for i=1, #self.src_mac do table.insert(mac, select(2,bin.unpack("H", self.src_mac, i))) end
-    mac = stdnse.strjoin(":", mac)
+    local mac = stdnse.format_mac(self.src_mac)
 
     -- let's set a filter on PPPoE we can then check what packet is ours,
     -- based on the HOST_UNIQUE tag, if we need to
@@ -679,7 +669,7 @@ Comm = {
   -- @return status true on success, false on failure
   send = function(self, data)
     local eth_type = ( data.header.code == PPPoE.Code.SESSION_DATA ) and 0x8864 or 0x8863
-    local ether = bin.pack(">AAS", self.dst_mac, self.src_mac, eth_type)
+    local ether = self.dst_mac .. self.src_mac .. string.pack(">I2", eth_type)
     local p = packet.Frame:new(ether .. tostring(data))
 
     local sock = nmap.new_dnet()
@@ -805,7 +795,7 @@ Helper = {
   -- @return pado instance of PADO on success, err string on failure
   discoverInit = function(self)
     local padi = PPPoE.PADI:new()
-    self.comm.dst_mac = bin.pack("H", "FF FF FF FF FF FF")
+    self.comm.dst_mac = ("\xFF"):rep(6)
     local status, err = self.comm:send(padi)
     if ( not(status) ) then
       return false, err
@@ -895,10 +885,10 @@ Helper = {
 
     local AuthMethod = {
       methods = {
-        { name = "EAP", value = bin.pack("H", "C227") },
-        { name = "MSCHAPv1", value = bin.pack("H", "C22380") },
-        { name = "MSCHAPv2", value = bin.pack("H", "C22381") },
-        { name = "PAP", value = bin.pack("H", "C023") },
+        { name = "EAP", value = "\xC2\x27" },
+        { name = "MSCHAPv1", value = "\xC2\x23\x80" },
+        { name = "MSCHAPv2", value = "\xC2\x23\x81" },
+        { name = "PAP", value = "\xC0\x23" },
       }
     }
 
diff --git a/nselib/rdp.lua b/nselib/rdp.lua
index 11abb82a1..32f098b57 100644
--- a/nselib/rdp.lua
+++ b/nselib/rdp.lua
@@ -7,9 +7,9 @@
 -- @copyright Same as Nmap--See https://nmap.org/book/man-legal.html
 --
 
-local bin = require("bin")
 local nmap = require("nmap")
 local stdnse = require("stdnse")
+local string = require "string"
 _ENV = stdnse.module("rdp", stdnse.seeall)
 
 Packet = {
@@ -24,20 +24,19 @@ Packet = {
     end,
 
     __tostring = function(self)
-      return bin.pack(">CCSA",
+      return string.pack(">BBI2",
         self.version,
         self.reserved or 0,
-        (self.data and #self.data + 4 or 4),
-        self.data
-      )
+        (self.data and #self.data + 4 or 4))
+      ..self.data
     end,
 
     parse = function(data)
       local tpkt = Packet.TPKT:new()
       local pos
 
-      pos, tpkt.version, tpkt.reserved, tpkt.length = bin.unpack(">CCS", data)
-      pos, tpkt.data = bin.unpack("A" .. (#data - pos), data, pos)
+      tpkt.version, tpkt.reserved, tpkt.length, pos = string.unpack(">BBI2", data)
+      tpkt.data = data:sub(pos)
       return tpkt
     end
   },
@@ -55,15 +54,15 @@ Packet = {
       local itut = Packet.ITUT:new()
       local pos
 
-      pos, itut.length, itut.code = bin.unpack("CC", data)
+      itut.length, itut.code, pos = string.unpack("BB", data)
 
       if ( itut.code == 0xF0 ) then
-        pos, itut.eot = bin.unpack("C", data, pos)
+        itut.eot, pos = string.unpack("B", data, pos)
       elseif ( itut.code == 0xD0 ) then
-        pos, itut.dstref, itut.srcref, itut.class = bin.unpack(">SSC", data, pos)
+        itut.dstref, itut.srcref, itut.class, pos = string.unpack(">I2I2B", data, pos)
       end
 
-      pos, itut.data = bin.unpack("A" .. (#data - pos), data, pos)
+      itut.data = data:sub(pos)
       return itut
     end,
 
@@ -76,13 +75,13 @@ Packet = {
         eot = ""
         len = #self.data + 1
       end
-      local data = bin.pack("CCA",
+      local data = string.pack("BB",
         len,
-        self.code or 0,
-        eot
-      )
+        self.code or 0)
+      .. eot
+      .. self.data
 
-      return data .. self.data
+      return data
     end,
 
   },
@@ -105,14 +104,14 @@ Request = {
       local itpkt_len = 21 + #cookie
       local itut_len = 16 + #cookie
 
-      local data = bin.pack(">SSCA",
+      local data = string.pack(">I2I2B",
         0x0000, -- dst reference
         0x0000, -- src reference
-        0x00, -- class and options
-        ("Cookie: %s\r\n"):format(cookie))
+        0x00) -- class and options
+        .. ("Cookie: %s\r\n"):format(cookie)
 
       if ( self.proto ) then
-        data = data .. bin.pack("<CCSI",
+        data = data .. string.pack("<BBI2I4",
           0x01, -- TYPE_RDP_NEG_REQ
           0x00, -- flags
           0x0008, -- length
@@ -134,7 +133,7 @@ Request = {
 
     __tostring = function(self)
 
-      local data = bin.pack("<HIH",
+      local data = stdnse.fromhex(
       "7f 65" .. -- BER: Application-Defined Type = APPLICATION 101,
       "82 01 90" .. -- BER: Type Length = 404 bytes
       "04 01 01" .. -- Connect-Initial::callingDomainSelector
@@ -204,9 +203,9 @@ Request = {
       "04 c0 0c 00" .. -- TS_UD_HEADER::type = CS_CLUSTER (0xc004), length = 12 bytes
       "09 00 00 00" .. -- TS_UD_CS_CLUSTER::Flags = 0x0d
       "00 00 00 00" .. -- TS_UD_CS_CLUSTER::RedirectedSessionID
-      "02 c0 0c 00", -- TS_UD_HEADER::type = CS_SECURITY (0xc002), length = 12 bytes
+      "02 c0 0c 00") -- TS_UD_HEADER::type = CS_SECURITY (0xc002), length = 12 bytes
       -- "1b 00 00 00" .. -- TS_UD_CS_SEC::encryptionMethods
-      self.cipher or 0,
+      .. string.pack("<I4", self.cipher or 0) .. stdnse.fromhex(
       "00 00 00 00" .. -- TS_UD_CS_SEC::extEncryptionMethods
       "03 c0 2c 00" .. -- TS_UD_HEADER::type = CS_NET (0xc003), length = 44 bytes
       "03 00 00 00" .. -- TS_UD_CS_NET::channelCount = 3
@@ -220,8 +219,6 @@ Request = {
       return tostring(Packet.TPKT:new(Packet.ITUT:new(0xF0, data)))
     end
 
-
-
   }
 
 }
@@ -330,7 +327,7 @@ Comm = {
       return false, "Packet too short"
     end
 
-    local pos, itut_code = bin.unpack("C", data, 6)
+    local itut_code = string.byte(data, 6)
     if ( itut_code == 0xD0 ) then
       stdnse.debug2("RDP: Received ConnectionConfirm response")
       return true, Response.ConnectionConfirm.parse(data)
diff --git a/nselib/smbauth.lua b/nselib/smbauth.lua
index bd60d4e02..4b64db219 100644
--- a/nselib/smbauth.lua
+++ b/nselib/smbauth.lua
@@ -80,7 +80,6 @@
 --                   For information, see <code>smbauth.lua</code>.
 --@args smbnoguest   Use to disable usage of the 'guest' account.
 
-local bin = require "bin"
 local nmap = require "nmap"
 local stdnse = require "stdnse"
 local string = require "string"
@@ -656,16 +655,16 @@ function get_password_response(ip, username, domain, password, password_hash, ha
     if(password_hash ~= nil) then
       if(string.find(password_hash, "^" .. string.rep("%x%x", 16) .. "$")) then
         stdnse.debug2("SMB: Found a 16-byte hex string")
-        lm_hash   = bin.pack("H", password_hash:sub(1, 32))
-        ntlm_hash = bin.pack("H", password_hash:sub(1, 32))
+        lm_hash   = stdnse.fromhex(password_hash:sub(1, 32))
+        ntlm_hash = stdnse.fromhex(password_hash:sub(1, 32))
       elseif(string.find(password_hash, "^" .. string.rep("%x%x", 32) .. "$")) then
         stdnse.debug2("SMB: Found a 32-byte hex string")
-        lm_hash   = bin.pack("H", password_hash:sub(1, 32))
-        ntlm_hash = bin.pack("H", password_hash:sub(33, 64))
+        lm_hash   = stdnse.fromhex(password_hash:sub(1, 32))
+        ntlm_hash = stdnse.fromhex(password_hash:sub(33, 64))
       elseif(string.find(password_hash, "^" .. string.rep("%x%x", 16) .. "." .. string.rep("%x%x", 16) .. "$")) then
         stdnse.debug2("SMB: Found two 16-byte hex strings")
-        lm_hash   = bin.pack("H", password_hash:sub(1, 32))
-        ntlm_hash = bin.pack("H", password_hash:sub(34, 65))
+        lm_hash   = stdnse.fromhex(password_hash:sub(1, 32))
+        ntlm_hash = stdnse.fromhex(password_hash:sub(34, 65))
       else
         stdnse.debug1("SMB: ERROR: Hash(es) provided in an invalid format (should be 32, 64, or 65 hex characters)")
         lm_hash = nil
@@ -761,7 +760,7 @@ function get_security_blob(security_blob, ip, username, domain, password, passwo
 
   if(security_blob == nil) then
     -- If security_blob is nil, this is the initial packet
-    new_blob = bin.pack("<zIILL",
+    new_blob = string.pack("<zI4I4I8I8",
     "NTLMSSP",            -- Identifier
     NTLMSSP_NEGOTIATE,    -- Type
     flags,                -- Flags
@@ -772,7 +771,7 @@ function get_security_blob(security_blob, ip, username, domain, password, passwo
     return true, new_blob, "", ""
   else
     -- Parse the old security blob
-    local pos, identifier, message_type, domain_length, domain_max, domain_offset, server_flags, challenge, reserved = bin.unpack("<LISSIIA8A8", security_blob, 1)
+    local identifier, message_type, domain_length, domain_max, domain_offset, server_flags, challenge, reserved = string.unpack("<I8I4I2I2I4I4c8c8", security_blob)
     local lanman, ntlm, mac_key = get_password_response(ip, username, domain, password, password_hash, hash_type, challenge, true)
 
     -- Convert the username and domain to unicode (TODO: Disable the unicode flag, evaluate if that'll work)
@@ -789,7 +788,7 @@ function get_security_blob(security_blob, ip, username, domain, password, passwo
     local ntlm_offset = lanman_offset + #lanman
     local sessionkey_offset = ntlm_offset + #ntlm
 
-    new_blob = bin.pack("<zISSISSISSISSISSISSIIAAAAAA",
+    new_blob = string.pack("<zI4 I2I2I4 I2I2I4 I2I2I4 I2I2I4 I2I2I4 I2I2I4 I4",
       "NTLMSSP",
       NTLMSSP_AUTH,
       #lanman,
@@ -810,13 +809,13 @@ function get_security_blob(security_blob, ip, username, domain, password, passwo
       #session_key,
       #session_key,
       sessionkey_offset,
-      flags,
-      domain,
-      username,
-      hostname,
-      lanman,
-      ntlm,
-      session_key)
+      flags)
+      .. domain
+      .. username
+      .. hostname
+      .. lanman
+      .. ntlm
+      .. session_key
 
     return true, new_blob, mac_key
   end
@@ -841,7 +840,7 @@ end
 -- @return A host_info table containing the data in the blob.
 -- @see host_info
 function get_host_info_from_security_blob(security_blob)
-  local hpos, identifier, message_type, domain_length, domain_max, domain_offset, server_flags, challenge = bin.unpack("<A8ISSIIL", security_blob)
+  local identifier, message_type, domain_length, domain_max, domain_offset, server_flags, challenge, hpos = string.unpack("<c8I4 I2I2I4 I4I8", security_blob)
 
   -- Do some validation on the NTLMSSP message
   if ( identifier ~= "NTLMSSP\0" ) then
@@ -860,7 +859,7 @@ function get_host_info_from_security_blob(security_blob)
     local length = domain_length
     local pos = domain_offset + 1 -- +1 to convert to Lua's 1-based indexes
     local target_realm
-    pos, target_realm = bin.unpack( string.format( "A%d", length ), security_blob, pos )
+    target_realm = string.unpack("c" .. length, security_blob, pos )
     ntlm_challenge[ "target_realm" ] = unicode.utf16to8( target_realm )
   end
 
@@ -870,11 +869,11 @@ function get_host_info_from_security_blob(security_blob)
     return ntlm_challenge
   end
 
-  local hpos, context, target_info_length, target_info_max, target_info_offset = bin.unpack("<LSSI", security_blob, hpos)
+  local context, target_info_length, target_info_max, target_info_offset, hpos = string.unpack("<I8 I2I2I4", security_blob, hpos)
 
   -- OS info is in the intervening 8 bytes, subtract 1 for lua 1-index
   if target_info_offset >= hpos + 7 and domain_offset >= hpos + 7 then
-    local hpos, major, minor, build, reserved = bin.unpack("<CCSA4", security_blob, hpos)
+    local major, minor, build, reserved = string.unpack("<BBI2c4", security_blob, hpos)
     if reserved == "\0\0\0\x0f" then
       ntlm_challenge.os_major_version = major
       ntlm_challenge.os_minor_version = minor
@@ -917,21 +916,19 @@ function get_host_info_from_security_blob(security_blob)
     local length = target_info_length
     local pos = target_info_offset + 1 -- +1 to convert to Lua's 1-based indexes
     local target_info
-    pos, target_info = bin.unpack( string.format( "A%d", length ), security_blob, pos )
+    target_info = string.unpack("c" .. length, security_blob, pos)
 
     pos = 1 -- reset pos to 1, since we'll be working out of just the target_info
     repeat
-      local value, av_id, av_len
-      pos, av_id, av_len = bin.unpack( "<SS", target_info, pos )
-      pos, value = bin.unpack( string.format( "A%d", av_len ), target_info, pos )
+      local value, av_id
+      av_id, value, pos = string.unpack( "<I2s2", target_info, pos )
       local friendly_name = NTLM_AV_ID_NAMES[ av_id ]
 
       if ( av_id == NTLM_AV_ID_VALUES.MsvAvEOL ) then
         break
       elseif ( av_id == NTLM_AV_ID_VALUES.MsvAvTimestamp ) then
         -- this is a FILETIME value (see [MS-DTYP]), representing the time in 100-ns increments since 1/1/1601
-        local _
-        _, ntlm_challenge[ friendly_name ] = bin.unpack( "<L", value )
+        ntlm_challenge[ friendly_name ] = string.unpack( "<I8", value )
       elseif ( friendly_name ) then
         ntlm_challenge[ friendly_name ] = unicode.utf16to8( value )
       end