Master the Nmap Scripting Engine and the art of developing NSE scripts

About This Book

• Extend the capabilities of Nmap to perform custom tasks with the Nmap Scripting Engine
• Learn the fundamentals of Lua programming
• Develop powerful scripts for the Nmap Scripting Engine
• Discover all the features and libraries of the Nmap Scripting Engine
• In-depth coverage of the Nmap Scripting Engine API and most important libraries with examples

Who This Book Is For

If you want to learn to write your own scripts for the Nmap Scripting Engine, this is the book for you. It is perfect for network administrators, information security professionals, and even Internet enthusiasts who are familiar with Nmap.

What You Will Learn

• Get to grips with the fundamentals of Lua, the programming language used by the Nmap Scripting Engine
• Extend the capabilities of Nmap by writing your own NSE scripts
• Explore the Nmap Scripting Engine API
• Discover all the available NSE libraries
• Write robust brute force password auditing scripts
• Customize the databases distributed with Nmap
• Produce flexible script reports in NSE
• Optimize Nmap scans with script and library arguments
• Enhance the version detection capabilities of Nmap

In Detail

Nmap is a well-known security tool used by penetration testers and system administrators for many different networking tasks. The Nmap Scripting Engine (NSE) was introduced during Google's Summer of Code 2006 and has added the ability to perform additional tasks on target hosts, such as advanced fingerprinting and service discovery and information gathering.

This book will teach you everything you need to know to master the art of developing NSE scripts. The book starts by covering the fundamental concepts of Lua programming and reviews the syntax and structure of NSE scripts. After that, it covers the most important features of NSE. It jumps right into coding practical scripts and explains how to use the Nmap API and the available NSE libraries to produce robust scripts. Finally, the book covers output formatting, string handling, network I/O, parallelism, and vulnerability exploitation.

Table of Contents

Chapter 1: Introduction to the Nmap Scripting Engine

Chapter 2 : Lua Fundamentals

Chapter 3 : NSE Data Files

Chapter 4 : Exploring the Nmap Scripting Engine API and Libraries

Chapter 5 : Enhancing Version Detection

Chapter 6 : Developing Brute-force Password-auditing Scripts

Chapter 7 : Formatting the Script Output

Chapter 8 : Working with Network Sockets and Binary Data

Chapter 9 : Parallelism

Chapter 10 : Vulnerability Detection and Exploitation

Appendix A: Scan Phases

Appendix B : NSE Script Template

Appendix C: Script Categories

Appendix D: Nmap Options Mind Map

Appendix E : References