Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [NSE] Presentation and Vulscan Framework

From: Martin Holst Swende <martin () swende se>
Date: Fri, 19 Nov 2010 11:34:31 +0100
Hi,

I took  a brief look at the scripts. Some feedback:
* web_server_fingerprinting.nse is really just a wrapper around nmap
service detection - it does not do anything :)
* web_server_http_1_1_pipelining_support.nse : this is strange. You just
check if the server responds with HTTP/1.1 - which, in my experience,
almost all servers do. The http-library in nse does support pipelining -
if you really want to check if pipelining is supported, why not use that
? However, personally I am not aware why that is interesting from a
security perspective - would be interesting to hear your thoughts?
* web_server_install_pages : these patterns could (are already?) be
incorporated into Rons work with http fingerprinting. However, I see
that you copyrighted the code, so I don't know what that entails...
* web_server_robots_txt : this could also be incorporated into Rons
stuff, if it not already is.

While these scripts may be useful to you if you have certain demands on
the output, I think a lot of this is covered by other scripts/probes and
perhaps any parts not covered could be included - but I guess that
depends also on copyright issues...

Just my 2 cents
/Martin Swende

On 11/19/2010 10:17 AM, Marc Ruef wrote:

Hello,

A few weeks ago I was a speaker at Hashdays, a security conference in
Switzerland[1]. My talk had the title "Nmap NSE Hacking for IT
Security Professionals". After a short introduction to Nmap/NSE I have
shown the enhancements we have made to improve our security scanning
and penetration testing. We wrote additional NSE scripts for data
gathering and parse the results in a database (more an expert system)
for further moderation[2].

The slides (English) and a _very small_ glimpse of our framework have
been published on our companies labs site:

   http://www.scip.ch/?labs.20101119

We are providing a set of top 10 scripts for web server analysis. The
xml output can be parsed with a Ruby script to generate a csv file.
This file can be imported into a spreadsheet or database. See the blog
post and slides for further details.

Perhaps one or another is interested in this line of work. We would
appreciate feedback of course.

Regards,

Marc

[1] http://www.scip.ch/?labs.20101105
[2] http://www.computec.ch/news.php?item.333



_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: