PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-07 13:11:28 +00:00
Code Issues Projects Releases Wiki Activity
10,243 Commits 2 Branches 0 Tags
663271f95d34087dcad792107f325eb2cb959d26
Commit Graph

513 Commits

Author SHA1 Message Date
patrik
3633c502b6 o [NSE] Added http-auth-finder. The scripts spiders a site looking for URLs 
requiring form- or HTTP-based authentication. [Patrik]
 2012-01-29 06:23:35 +00:00
david
22c17fa05d Add cccam-version.nse. 2012-01-27 01:13:35 +00:00
patrik
0ad978d3b8 o [NSE] Added the scripts xdmcp-discover, broadcast-xdmcp-discover and the 
X Display Manager Control Protocol (xdmcp) library. The scripts discover
  hosts either using unicast or broadcast and try to detect supported
  authentication and authorization mechanisms. [Patrik]
 2012-01-26 19:35:19 +00:00
patrik
5b05cbe46e o [NSE] Added script iax2-brute and supporting IAX2 library that performs 
brute-force password guessing against the Asterisk IAX2 protocol. [Patrik]
 2012-01-24 20:55:29 +00:00
patrik
5ef9f2a70d o [NSE] Added script broadcast-dhcp6-discover and supporting DHCPv6 library. 
The script retrieves and prints an IPv6 address and some of the DHCP6
  options. [Patrik]
 2012-01-24 19:54:50 +00:00
patrik
1670f59210 o [NSE] Added script dns-srv-enum that enumerates DNS service records for a 
given domain. [Patrik]
 2012-01-19 00:49:48 +00:00
patrik
2a2f64590a o [NSE] Added script nessus-xmlrpc-brute that performs brute force password 
guessing against the Nessus web GUI. [Patrik]
 2012-01-17 11:53:23 +00:00
patrik
c579d844ba o [NSE] Added script dns-nsid by John Bond, that retrieves name server ID and 
version information.

o [NSE] Applied patch to DNS library by John Bond that adds support for the
  CHAOS class and NSID requests.
 2012-01-17 11:37:19 +00:00
patrik
ef4be879e5 o [NSE] Added broadcast-ripng-discover that discovers IPv6 RIPng routers and 
displays their routing information. [Patrik]
 2012-01-14 18:44:07 +00:00
david
541091eed1 Put http-generator in default. 2012-01-12 19:45:13 +00:00
david
1a9700019f Add http-generator.nse by Michael Kohl. 2012-01-12 19:45:11 +00:00
patrik
956c9ffe53 o [NSE] Added the script broadcast-pppoe-discover that discovers PPPoE servers 
on the LAN using the PPPoE Discovery Protocol. [Patrik]
 2012-01-10 18:22:39 +00:00
patrik
0267b56a27 o [NSE] Added the script membase-brute that performs password brute force 
password guessing against the Membase TAP protocol. [Patrik]

o [NSE] Added the script membase-http-info that retrieves information from the
  Couchbase distributed key-value pair server. [Patrik]
 2012-01-10 18:19:21 +00:00
patrik
74d5ff04ef o [NSE] Added the script http-vuln-cve2009-3960 that detects and exploits the 
CVE 2009-3960 XML injection vulnerability in Adobe products. [Hani
  Benhabiles]
 2012-01-02 19:48:42 +00:00
patrik
2269e76438 o [NSE] Added a natpmp library and the script nat-pmp-mapport that allows 
NAT mapping of external TCP and UDP ports to internal addresses. [Patrik]
 2012-01-02 11:41:21 +00:00
patrik
f5b14a2099 o [NSE] Added the script riak-http-info that lists version and statistics 
information from the Basho Riak distributed database. [Patrik]
 2012-01-02 11:37:38 +00:00
patrik
54983f8127 o [NSE] Added the script socks-auth-info that lists supported SOCKS 5 
authentication mechanisms. [Patrik]
 2012-01-02 11:34:27 +00:00
patrik
b4fcd5e5fa o [NSE] Added the script memcached-info that lists version and statistics 
information from the distributed memory object caching service memcached
  [Patrik]
 2012-01-02 11:30:18 +00:00
patrik
4118ee064b o [NSE] Added the script redis-info that lists version and statistic information 
gathered from the Redis network key-value store. [Patrik]

o [NSE] Added the script redis-brute that performs brute force password
  guessing against the Redis network key-value store. [Patrik]
 2012-01-02 11:27:06 +00:00
patrik
3491fdc1fa o [NSE] Added the script http-proxy-brute that performs brute force password 
guessing against HTTP proxy servers. [Patrik]
 2012-01-02 11:21:57 +00:00
patrik
0ee55f4651 o [NSE] Added the script socks-brute that performs brute force password 
guessing against SOCKS 5 servers. [Patrik]
 2012-01-02 11:15:34 +00:00
patrik
cac7c27dcb o [NSE] Added the script vmauthd-brute that performs brute force password 
guessing against the VMware authentication daemon. [Patrik]
 2012-01-02 11:12:46 +00:00
patrik
4e7db06f0c o [NSE] Added script broadcast-wpad-discover which detects proxy servers on the 
network by using the Web Proxy Auto Discover Protocol (WPAD). [Patrik]
 2011-12-29 14:43:37 +00:00
patrik
1b5518cc63 Updated the script categories for dhcp-discover [Patrik] 2011-12-29 08:19:58 +00:00
fyodor
93c0ae4f44 Add new telnet-encryption script 2011-12-28 00:57:48 +00:00
patrik
bb7d5a526f o [NSE] Added script dns-blacklist that performs DNSBL checks of given or 
scanned IP addresses against multiple DNSBL services. [Patrik]
 2011-12-26 14:22:25 +00:00
patrik
ca63146635 o [NSE] Added the script http-open-redirect that finds web pages that do not 
properly validate parameters used for HTTP redirects. [Martin Swende]
 2011-12-18 12:58:56 +00:00
patrik
3f50f9c95c o [NSE] Added the script broadcast-pc-anywhere that discovers host running the 
PC-Anywhere remote control software on the LAN. [Patrik]

o [NSE] Added the script broadcast-pc-duo that discovers hosts running the
  PC-Duo remote control software on the LAN. [Patrik]

o Added probes for discovering PC-Duo and PC-Anywhere hosts. [Patrik]
 2011-12-18 09:33:38 +00:00
patrik
f749c7cd45 o [NSE] Added the script broadcast-wake-on-lan that wakes systems from sleep 
by sending a Wake On Lan packet. [Patrik]
 2011-12-16 18:00:34 +00:00
patrik
844929ce64 o [NSE] Added the script http-unsafe-output-escaping that checks if parameter 
contents are reflected in responses, aiding in discovering potential XSS
  vulnerabilities. [Martin Swende]
 2011-12-15 06:19:20 +00:00
patrik
4214307364 o [NSE] Added the script http-grep that attempts to match web pages and urls 
against a given pattern. [Patrik]
 2011-12-11 19:44:26 +00:00
patrik
5183478e8c o [NSE] Added the script http-backup-finder that searches for backup copies 
of files discovered by crawling a website. [Patrik]
 2011-12-10 10:32:18 +00:00
patrik
9d5875e245 o [NSE] Added the script http-apache-negotiation that detects if the Apache 
module mod_negotiate is enabled. [Hani Benhabiles]
 2011-12-08 20:50:12 +00:00
patrik
25a54f58cb o [NSE] Applied patch that corrects an issue where the http-method-tamper 
script would fail to properly detect JBoss servers vulnerable to the
  CVE-2010-0738 vulnerability. [Hani Benhabiles]
 2011-12-08 19:04:42 +00:00
patrik
682a9a746b o [NSE] Added a new httpspider library and the script http-email-harvest that 
collects e-mail addresses by spidering a website. [Patrik]
 2011-12-06 22:47:11 +00:00
patrik
171c917b37 o [NSE] Added the a Vuze library, port probe and the script vuze-dht-info. The 
script connects to a Vuze node and gets protocol, vendor and network
  information. [Patrik]
 2011-12-03 09:18:58 +00:00
patrik
4c525b584d o [NSE] Added the script reverse-index that creates creates a reverse index 
showing which hosts run a particular service rather than the services for
  each host. [Patrik]
 2011-11-29 00:48:59 +00:00
patrik
95af3f1937 o [NSE] Added the script unusual-port that compares a detected service on a 
port against the expected service listed in nmap-services [Patrik]
 2011-11-25 21:09:19 +00:00
patrik
510ebe0eb7 o [NSE] Added the script broadcast-sybase-asa-discover that discovers Sybase 
SQL Anywhere servers on the local LAN. [Patrik]
 2011-11-20 12:33:53 +00:00
patrik
9b2d03d633 o [NSE] Added maxdb-info script that tries to enumerate version and database 
information from a SAP MaxDB database [Patrik]
 2011-11-17 22:12:59 +00:00
patrik
4c0ed27d89 o [NSE] Added nexpose-brute a script that performs password auditing against 
the Nexpose vulnerability scanner. [Vlatko Kosturjak]
 2011-11-17 19:46:42 +00:00
patrik
4b64da4f14 o [NSE] Added http-vuln-cve2011-3368 a script that attempts to detect whether 
the remote web server is vulnerable to the Apache reverse proxy bypass
  vulnerability CVE-2011-3368. [Ange Gutek, Patrik]
 2011-11-17 19:33:19 +00:00
patrik
8ec7da89c8 o [NSE] Added the script metasploit-xmlrpc-brute that performs password 
auditing against the Metasploit XMLRPC service. [Vlatko Kosturjak]
 2011-11-10 21:43:54 +00:00
patrik
352efc6ded o [NSE] Added the script openvas-otp-brute that performs password auditing 
against the OpenVas service. [Vlatko Kosturjak]
 2011-11-10 20:50:04 +00:00
patrik
7b43d1cafb o [NSE] Added the scripts bitcoin-info, bitcoin-getaddr and a supporting 
Bitcoin library. The script bitcoin-info retrieves information about the
  remote server, while the bitcoin-getaddr script retrieves a list of
  discovered remote Bitcoin nodes. [Patrik]
 2011-11-09 18:56:16 +00:00
david
4757dadd11 Add irc-botnet-channels.nse. 2011-11-09 01:42:03 +00:00
patrik
465594fa87 o [NSE] Added the http-method-tamper script that detects authentication bypass 
vulnerabilities using the http HEAD method as reported in CVE-2010-738.
  [Hani Benhabiles]
 2011-11-08 21:18:22 +00:00
david
ce9ac426e3 New Hadoop and HBase scripts by John Bond: 
hadoop-datanode-info.nse
hadoop-jobtracker-info.nse
hadoop-namenode-info.nse
hadoop-secondary-namenode-info.nse
hadoop-tasktracker-info.nse
hbase-master-info.nse
hbase-region-info.nse
 2011-11-08 16:00:16 +00:00
patrik
dd32e88b66 o [NSE] Added brute scripts rlogin-brute and rexec-brute for the rlogin and 
rexec services [Patrik]
 2011-11-04 21:17:33 +00:00
patrik
fee0ddb527 o [NSE] Added broadcast-rip-discover which gets RIPv2 routers and their routing 
information by querying the multicast address [Patrik]
 2011-11-02 10:23:50 +00:00