PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-07 13:11:28 +00:00
Code Issues Projects Releases Wiki Activity
6,150 Commits 2 Branches 0 Tags
4c525b584de0cc8f21a195c534ca446adaede2bc
Commit Graph

277 Commits

Author SHA1 Message Date
patrik
4c525b584d o [NSE] Added the script reverse-index that creates creates a reverse index 
showing which hosts run a particular service rather than the services for
  each host. [Patrik]
 2011-11-29 00:48:59 +00:00
patrik
95af3f1937 o [NSE] Added the script unusual-port that compares a detected service on a 
port against the expected service listed in nmap-services [Patrik]
 2011-11-25 21:09:19 +00:00
patrik
510ebe0eb7 o [NSE] Added the script broadcast-sybase-asa-discover that discovers Sybase 
SQL Anywhere servers on the local LAN. [Patrik]
 2011-11-20 12:33:53 +00:00
patrik
9b2d03d633 o [NSE] Added maxdb-info script that tries to enumerate version and database 
information from a SAP MaxDB database [Patrik]
 2011-11-17 22:12:59 +00:00
patrik
4c0ed27d89 o [NSE] Added nexpose-brute a script that performs password auditing against 
the Nexpose vulnerability scanner. [Vlatko Kosturjak]
 2011-11-17 19:46:42 +00:00
patrik
4b64da4f14 o [NSE] Added http-vuln-cve2011-3368 a script that attempts to detect whether 
the remote web server is vulnerable to the Apache reverse proxy bypass
  vulnerability CVE-2011-3368. [Ange Gutek, Patrik]
 2011-11-17 19:33:19 +00:00
patrik
8ec7da89c8 o [NSE] Added the script metasploit-xmlrpc-brute that performs password 
auditing against the Metasploit XMLRPC service. [Vlatko Kosturjak]
 2011-11-10 21:43:54 +00:00
patrik
352efc6ded o [NSE] Added the script openvas-otp-brute that performs password auditing 
against the OpenVas service. [Vlatko Kosturjak]
 2011-11-10 20:50:04 +00:00
patrik
7b43d1cafb o [NSE] Added the scripts bitcoin-info, bitcoin-getaddr and a supporting 
Bitcoin library. The script bitcoin-info retrieves information about the
  remote server, while the bitcoin-getaddr script retrieves a list of
  discovered remote Bitcoin nodes. [Patrik]
 2011-11-09 18:56:16 +00:00
david
4757dadd11 Add irc-botnet-channels.nse. 2011-11-09 01:42:03 +00:00
patrik
465594fa87 o [NSE] Added the http-method-tamper script that detects authentication bypass 
vulnerabilities using the http HEAD method as reported in CVE-2010-738.
  [Hani Benhabiles]
 2011-11-08 21:18:22 +00:00
david
ce9ac426e3 New Hadoop and HBase scripts by John Bond: 
hadoop-datanode-info.nse
hadoop-jobtracker-info.nse
hadoop-namenode-info.nse
hadoop-secondary-namenode-info.nse
hadoop-tasktracker-info.nse
hbase-master-info.nse
hbase-region-info.nse
 2011-11-08 16:00:16 +00:00
patrik
dd32e88b66 o [NSE] Added brute scripts rlogin-brute and rexec-brute for the rlogin and 
rexec services [Patrik]
 2011-11-04 21:17:33 +00:00
patrik
fee0ddb527 o [NSE] Added broadcast-rip-discover which gets RIPv2 routers and their routing 
information by querying the multicast address [Patrik]
 2011-11-02 10:23:50 +00:00
patrik
ad28a527dc o [NSE] Added dns-zeustracker, which checks whether an IP is part of the Zeus 
botnet. [Mikael Keri]
 2011-10-31 18:11:54 +00:00
david
57fc9a5545 Add ipv6-node-info. 2011-10-29 19:40:21 +00:00
patrik
05187ede6f o [NSE] Added the script irc-brute that performs password guessing against 
password protected IRC servers. [Patrik]
 2011-10-26 21:55:35 +00:00
patrik
1ab0544ab8 o [NSE] Added the script nessus-brute that performs password guessing against 
Nessus using the NTP 1.2 protocol. [Patrik]
 2011-10-26 21:45:33 +00:00
patrik
0270368e69 o [NSE] Added the scripts rtsp-url-brute, rtsp-methods and the supporting rtsp 
library. The scripts check the supported RTSP methods and attempt to brute
  force valid RTSP urls. [Patrik]
 2011-10-26 21:36:37 +00:00
patrik
c9888b6596 o [NSE] Added the http-robtex-reverse-ip script that uses the Robtex service to 
perform a reverse lookup in order to discover all names associated with the
  IP. [riemann]
 2011-10-26 20:52:56 +00:00
patrik
c055b316b0 o [NSE] Updated script.db to correct some of the category changes made 
previously and to remove the accidental addition of non-existing snmp-brute2
  script. [Patrik]
 2011-10-26 20:40:54 +00:00
patrik
b640b1f312 o [NSE] Added a new script krb5-enum-users.nse that performs user enumeration 
against Kerberos. [Patrik]
 2011-10-20 02:49:00 +00:00
patrik
005322c8d4 o [NSE] Added a new script http-put.nse that allows uploading of local files 
to remote web servers using the HTTP PUT method. Added HTTP PUT support to
  the http library. [Patrik]
 2011-10-20 02:32:51 +00:00
david
9b73f3742c Put ms-sql-dump-hashes in "auth". 2011-10-11 20:36:12 +00:00
patrik
46f499d78f o [NSE] Added ms-sql-dump-hashes, a script that dumps the MS SQL hashes in a 
format suitable for offline cracking. [Patrik]
 2011-10-11 06:03:45 +00:00
david
9c30eef1dc Add bitcoinrpc-info by Toni Ruottu. 2011-10-07 23:49:43 +00:00
david
4e912295b1 Add http-cors.nse by Toni Ruottu. 2011-10-04 06:22:27 +00:00
david
9fd21a9342 Put ganglia-info in {"default", "discovery", "safe"} (was {"discovery"}). 2011-10-04 05:45:56 +00:00
david
c077cf781a Add ganglia-info.nse by Brendan Coles. 2011-10-04 05:45:54 +00:00
david
dd2a2677c5 Add tftp-enum.nse by Alexander Rudakov. 2011-10-03 22:17:57 +00:00
david
90d28b0743 Add openlookup-info.nse from Toni Ruottu. 2011-10-03 21:35:30 +00:00
david
859dd32a91 Add amqp-info.nse to "version". 2011-10-03 18:04:19 +00:00
david
43180f6154 Add amqp-info by Sebastian Dragomir. 2011-10-03 18:04:18 +00:00
fyodor
c9d610ccea Create a new brute category for brute forcing scripts, move the *-brute scripts from auth category to brute. document it. I don't know what to do with dns-brute so I left it alone (it wasn't in auth category either) 2011-09-30 06:18:55 +00:00
fyodor
d749de55b1 renamed http-wp-enum and http-wp-plugins to http-wordpress-* for consistency with the naming of http-wordpress-brute 2011-09-30 05:49:53 +00:00
david
c41f53b3b1 --script-updatedb 2011-09-26 20:56:46 +00:00
david
a48b91852c Add version detection to quake3-info.nse, from Toni Ruottu. 2011-09-26 20:56:45 +00:00
david
423beece60 o [NSE] Added quake3-info.nse by Toni Ruottu. This script gets 
information about games and settings for a Quake 3 (or derived game)
  server.
 2011-09-21 22:49:59 +00:00
tomsellers
1c92c03401 Add a few scripts to the "broadcast" script category based on traffic behavior. 2011-09-11 11:58:18 +00:00
fyodor
8b88d901a9 Remove 3 vuln scripts from default category as discussed at http://seclists.org/nmap-dev/2011/q3/732 2011-09-07 20:40:51 +00:00
henri
f2ff9bb728 Added xmpp-info.nse as a replacement for xmpp.nse (script from Vasily Kulikov). 2011-09-04 19:18:22 +00:00
david
113ef12106 Add IPv6 multicast host discovery scripts from Weilin. 2011-09-02 04:11:00 +00:00
henri
afc3d2059c Added http-vuln-cve2011-3192.nse from Duarte Silva. 2011-08-29 21:42:57 +00:00
fyodor
71a3724543 We don't currently have a brute category. I'm not at all against having one though. So if someone wishes to create one, just be sure you put all the *-brute scripts in it 2011-08-25 02:57:17 +00:00
gorjan
b12bb4fba2 Adding address-info.nse, which shows extra information about IP addresses. 2011-08-23 10:36:16 +00:00
paulino
b99a8bbd99 Adds http-awstatstotals-exec, http-joomla-brute, http-wordpress-brute and http-wp-enum. 2011-08-23 06:29:12 +00:00
paulino
172bf91228 Adds http-waf-detect: 
Determines if a web server is protected by an IPS (Intrusion Prevention System), IDS (Intrusion Detection System) or WAF (Web Application Firewall) by probing the web server with malicious payloads and detecting changes in the response code and body.
 2011-08-15 21:38:58 +00:00
patrik
a1d515e548 o [NSE] Added script broadcast-listener that attempts to discover hosts by 
passively listening to the network. It does so by decoding ethernet and IP
  broadcast and multicast messages. [Patrik]
 2011-08-10 16:46:55 +00:00
patrik
89d1f3b8d3 o [NSE] Added the library xmpp.lua and the script xmpp-brute that performs 
brute force password auditing against XMPP (Jabber) servers. [Patrik]
 2011-07-26 06:54:19 +00:00
fyodor
c2c163b856 The *-brute scripts traditionally go in the auth category rather than brute. I think this was an accident, but creating a brute category might not be a bad idea 2011-07-26 01:06:42 +00:00