Nmap Development mailing list archives
Re: [NSE] Presentation and Vulscan Framework
From: Martin Holst Swende <martin () swende se>
Date: Fri, 19 Nov 2010 11:34:31 +0100
Hi, I took a brief look at the scripts. Some feedback: * web_server_fingerprinting.nse is really just a wrapper around nmap service detection - it does not do anything :) * web_server_http_1_1_pipelining_support.nse : this is strange. You just check if the server responds with HTTP/1.1 - which, in my experience, almost all servers do. The http-library in nse does support pipelining - if you really want to check if pipelining is supported, why not use that ? However, personally I am not aware why that is interesting from a security perspective - would be interesting to hear your thoughts? * web_server_install_pages : these patterns could (are already?) be incorporated into Rons work with http fingerprinting. However, I see that you copyrighted the code, so I don't know what that entails... * web_server_robots_txt : this could also be incorporated into Rons stuff, if it not already is. While these scripts may be useful to you if you have certain demands on the output, I think a lot of this is covered by other scripts/probes and perhaps any parts not covered could be included - but I guess that depends also on copyright issues... Just my 2 cents /Martin Swende On 11/19/2010 10:17 AM, Marc Ruef wrote:
Hello, A few weeks ago I was a speaker at Hashdays, a security conference in Switzerland[1]. My talk had the title "Nmap NSE Hacking for IT Security Professionals". After a short introduction to Nmap/NSE I have shown the enhancements we have made to improve our security scanning and penetration testing. We wrote additional NSE scripts for data gathering and parse the results in a database (more an expert system) for further moderation[2]. The slides (English) and a _very small_ glimpse of our framework have been published on our companies labs site: http://www.scip.ch/?labs.20101119 We are providing a set of top 10 scripts for web server analysis. The xml output can be parsed with a Ruby script to generate a csv file. This file can be imported into a spreadsheet or database. See the blog post and slides for further details. Perhaps one or another is interested in this line of work. We would appreciate feedback of course. Regards, Marc [1] http://www.scip.ch/?labs.20101105 [2] http://www.computec.ch/news.php?item.333
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] Presentation and Vulscan Framework Marc Ruef (Nov 19)
- Re: [NSE] Presentation and Vulscan Framework Martin Holst Swende (Nov 19)
- Re: [NSE] Presentation and Vulscan Framework Marc Ruef (Nov 19)
- Re: [NSE] Presentation and Vulscan Framework Martin Holst Swende (Nov 19)
- Re: [NSE] Presentation and Vulscan Framework Marc Ruef (Nov 19)
- Re: [NSE] Presentation and Vulscan Framework Marc Ruef (Nov 19)
- Re: [NSE] Presentation and Vulscan Framework Martin Holst Swende (Nov 19)
- Re: [NSE] Presentation and Vulscan Framework Fyodor (Nov 19)
- Re: [NSE] Presentation and Vulscan Framework Ron (Nov 20)
- Re: [NSE] Presentation and Vulscan Framework David Fifield (Nov 22)