PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-07 05:01:29 +00:00
Code Issues Projects Releases Wiki Activity
8,521 Commits 2 Branches 0 Tags
82df82b5fd2af1565bef8203d8e33e5ed115d112
Commit Graph

442 Commits

Author SHA1 Message Date
patrik
cac7c27dcb o [NSE] Added the script vmauthd-brute that performs brute force password 
guessing against the VMware authentication daemon. [Patrik]
 2012-01-02 11:12:46 +00:00
patrik
4e7db06f0c o [NSE] Added script broadcast-wpad-discover which detects proxy servers on the 
network by using the Web Proxy Auto Discover Protocol (WPAD). [Patrik]
 2011-12-29 14:43:37 +00:00
patrik
1b5518cc63 Updated the script categories for dhcp-discover [Patrik] 2011-12-29 08:19:58 +00:00
fyodor
93c0ae4f44 Add new telnet-encryption script 2011-12-28 00:57:48 +00:00
patrik
bb7d5a526f o [NSE] Added script dns-blacklist that performs DNSBL checks of given or 
scanned IP addresses against multiple DNSBL services. [Patrik]
 2011-12-26 14:22:25 +00:00
patrik
ca63146635 o [NSE] Added the script http-open-redirect that finds web pages that do not 
properly validate parameters used for HTTP redirects. [Martin Swende]
 2011-12-18 12:58:56 +00:00
patrik
3f50f9c95c o [NSE] Added the script broadcast-pc-anywhere that discovers host running the 
PC-Anywhere remote control software on the LAN. [Patrik]

o [NSE] Added the script broadcast-pc-duo that discovers hosts running the
  PC-Duo remote control software on the LAN. [Patrik]

o Added probes for discovering PC-Duo and PC-Anywhere hosts. [Patrik]
 2011-12-18 09:33:38 +00:00
patrik
f749c7cd45 o [NSE] Added the script broadcast-wake-on-lan that wakes systems from sleep 
by sending a Wake On Lan packet. [Patrik]
 2011-12-16 18:00:34 +00:00
patrik
844929ce64 o [NSE] Added the script http-unsafe-output-escaping that checks if parameter 
contents are reflected in responses, aiding in discovering potential XSS
  vulnerabilities. [Martin Swende]
 2011-12-15 06:19:20 +00:00
patrik
4214307364 o [NSE] Added the script http-grep that attempts to match web pages and urls 
against a given pattern. [Patrik]
 2011-12-11 19:44:26 +00:00
patrik
5183478e8c o [NSE] Added the script http-backup-finder that searches for backup copies 
of files discovered by crawling a website. [Patrik]
 2011-12-10 10:32:18 +00:00
patrik
9d5875e245 o [NSE] Added the script http-apache-negotiation that detects if the Apache 
module mod_negotiate is enabled. [Hani Benhabiles]
 2011-12-08 20:50:12 +00:00
patrik
25a54f58cb o [NSE] Applied patch that corrects an issue where the http-method-tamper 
script would fail to properly detect JBoss servers vulnerable to the
  CVE-2010-0738 vulnerability. [Hani Benhabiles]
 2011-12-08 19:04:42 +00:00
patrik
682a9a746b o [NSE] Added a new httpspider library and the script http-email-harvest that 
collects e-mail addresses by spidering a website. [Patrik]
 2011-12-06 22:47:11 +00:00
patrik
171c917b37 o [NSE] Added the a Vuze library, port probe and the script vuze-dht-info. The 
script connects to a Vuze node and gets protocol, vendor and network
  information. [Patrik]
 2011-12-03 09:18:58 +00:00
patrik
4c525b584d o [NSE] Added the script reverse-index that creates creates a reverse index 
showing which hosts run a particular service rather than the services for
  each host. [Patrik]
 2011-11-29 00:48:59 +00:00
patrik
95af3f1937 o [NSE] Added the script unusual-port that compares a detected service on a 
port against the expected service listed in nmap-services [Patrik]
 2011-11-25 21:09:19 +00:00
patrik
510ebe0eb7 o [NSE] Added the script broadcast-sybase-asa-discover that discovers Sybase 
SQL Anywhere servers on the local LAN. [Patrik]
 2011-11-20 12:33:53 +00:00
patrik
9b2d03d633 o [NSE] Added maxdb-info script that tries to enumerate version and database 
information from a SAP MaxDB database [Patrik]
 2011-11-17 22:12:59 +00:00
patrik
4c0ed27d89 o [NSE] Added nexpose-brute a script that performs password auditing against 
the Nexpose vulnerability scanner. [Vlatko Kosturjak]
 2011-11-17 19:46:42 +00:00
patrik
4b64da4f14 o [NSE] Added http-vuln-cve2011-3368 a script that attempts to detect whether 
the remote web server is vulnerable to the Apache reverse proxy bypass
  vulnerability CVE-2011-3368. [Ange Gutek, Patrik]
 2011-11-17 19:33:19 +00:00
patrik
8ec7da89c8 o [NSE] Added the script metasploit-xmlrpc-brute that performs password 
auditing against the Metasploit XMLRPC service. [Vlatko Kosturjak]
 2011-11-10 21:43:54 +00:00
patrik
352efc6ded o [NSE] Added the script openvas-otp-brute that performs password auditing 
against the OpenVas service. [Vlatko Kosturjak]
 2011-11-10 20:50:04 +00:00
patrik
7b43d1cafb o [NSE] Added the scripts bitcoin-info, bitcoin-getaddr and a supporting 
Bitcoin library. The script bitcoin-info retrieves information about the
  remote server, while the bitcoin-getaddr script retrieves a list of
  discovered remote Bitcoin nodes. [Patrik]
 2011-11-09 18:56:16 +00:00
david
4757dadd11 Add irc-botnet-channels.nse. 2011-11-09 01:42:03 +00:00
patrik
465594fa87 o [NSE] Added the http-method-tamper script that detects authentication bypass 
vulnerabilities using the http HEAD method as reported in CVE-2010-738.
  [Hani Benhabiles]
 2011-11-08 21:18:22 +00:00
david
ce9ac426e3 New Hadoop and HBase scripts by John Bond: 
hadoop-datanode-info.nse
hadoop-jobtracker-info.nse
hadoop-namenode-info.nse
hadoop-secondary-namenode-info.nse
hadoop-tasktracker-info.nse
hbase-master-info.nse
hbase-region-info.nse
 2011-11-08 16:00:16 +00:00
patrik
dd32e88b66 o [NSE] Added brute scripts rlogin-brute and rexec-brute for the rlogin and 
rexec services [Patrik]
 2011-11-04 21:17:33 +00:00
patrik
fee0ddb527 o [NSE] Added broadcast-rip-discover which gets RIPv2 routers and their routing 
information by querying the multicast address [Patrik]
 2011-11-02 10:23:50 +00:00
patrik
ad28a527dc o [NSE] Added dns-zeustracker, which checks whether an IP is part of the Zeus 
botnet. [Mikael Keri]
 2011-10-31 18:11:54 +00:00
david
57fc9a5545 Add ipv6-node-info. 2011-10-29 19:40:21 +00:00
patrik
05187ede6f o [NSE] Added the script irc-brute that performs password guessing against 
password protected IRC servers. [Patrik]
 2011-10-26 21:55:35 +00:00
patrik
1ab0544ab8 o [NSE] Added the script nessus-brute that performs password guessing against 
Nessus using the NTP 1.2 protocol. [Patrik]
 2011-10-26 21:45:33 +00:00
patrik
0270368e69 o [NSE] Added the scripts rtsp-url-brute, rtsp-methods and the supporting rtsp 
library. The scripts check the supported RTSP methods and attempt to brute
  force valid RTSP urls. [Patrik]
 2011-10-26 21:36:37 +00:00
patrik
c9888b6596 o [NSE] Added the http-robtex-reverse-ip script that uses the Robtex service to 
perform a reverse lookup in order to discover all names associated with the
  IP. [riemann]
 2011-10-26 20:52:56 +00:00
patrik
c055b316b0 o [NSE] Updated script.db to correct some of the category changes made 
previously and to remove the accidental addition of non-existing snmp-brute2
  script. [Patrik]
 2011-10-26 20:40:54 +00:00
patrik
b640b1f312 o [NSE] Added a new script krb5-enum-users.nse that performs user enumeration 
against Kerberos. [Patrik]
 2011-10-20 02:49:00 +00:00
patrik
005322c8d4 o [NSE] Added a new script http-put.nse that allows uploading of local files 
to remote web servers using the HTTP PUT method. Added HTTP PUT support to
  the http library. [Patrik]
 2011-10-20 02:32:51 +00:00
david
9b73f3742c Put ms-sql-dump-hashes in "auth". 2011-10-11 20:36:12 +00:00
patrik
46f499d78f o [NSE] Added ms-sql-dump-hashes, a script that dumps the MS SQL hashes in a 
format suitable for offline cracking. [Patrik]
 2011-10-11 06:03:45 +00:00
david
9c30eef1dc Add bitcoinrpc-info by Toni Ruottu. 2011-10-07 23:49:43 +00:00
david
4e912295b1 Add http-cors.nse by Toni Ruottu. 2011-10-04 06:22:27 +00:00
david
9fd21a9342 Put ganglia-info in {"default", "discovery", "safe"} (was {"discovery"}). 2011-10-04 05:45:56 +00:00
david
c077cf781a Add ganglia-info.nse by Brendan Coles. 2011-10-04 05:45:54 +00:00
david
dd2a2677c5 Add tftp-enum.nse by Alexander Rudakov. 2011-10-03 22:17:57 +00:00
david
90d28b0743 Add openlookup-info.nse from Toni Ruottu. 2011-10-03 21:35:30 +00:00
david
859dd32a91 Add amqp-info.nse to "version". 2011-10-03 18:04:19 +00:00
david
43180f6154 Add amqp-info by Sebastian Dragomir. 2011-10-03 18:04:18 +00:00
fyodor
c9d610ccea Create a new brute category for brute forcing scripts, move the *-brute scripts from auth category to brute. document it. I don't know what to do with dns-brute so I left it alone (it wasn't in auth category either) 2011-09-30 06:18:55 +00:00
fyodor
d749de55b1 renamed http-wp-enum and http-wp-plugins to http-wordpress-* for consistency with the naming of http-wordpress-brute 2011-09-30 05:49:53 +00:00