Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Best practice for web vulnerability scripts?

From: Daniel Miller <bonsaiviking () gmail com>
Date: Wed, 28 May 2014 10:03:53 -0500
On Wed, May 28, 2014 at 9:55 AM, George Chatzisofroniou
<sophron () latthi com>wrote:



I don't think it really worths having standalone scripts that perform
simple
checks.

I believe http-enum has to be extended and support the vulnerability
library.
That also means that all the fingerprints in the "attacks" category should
be
updated and contain a new field with the description table needed for the
vulns
library report.



What about splitting http-enum and placing the vulnerability detection
portions into http-vuln (name subject to alteration)?

http-enum is enormous and slow (I often specifically avoid running it for
this reason, even when I want to run as many scripts as possible), and I
can see how someone might only want to check for known vulnerabilities.
This could also allow some changes to the fingerprint "API" that could work
for vuln checks, like reducing some of the vuln library boilerplate with
new fields.

Dan
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: