Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

New Script Ideas (and Authors) Wanted!

From: Fyodor <fyodor () insecure org>
Date: Tue, 20 Dec 2011 15:51:48 -0800
Hi folks!  The Nmap Script Ideas page has been a big success and we've
ended up writing many of the scripts that people have added there.  So
many, in fact, that we're running out of good ideas!  So this is a
call out for folks to think about what functionality you'd really like
Nmap to have, and then add your clever, useful ideas to the wiki page:

https://secwiki.org/w/Nmap_Script_Ideas

Add them to the incoming section for now, and they will be reviewed
and prioritized later.

Here are some factors which make a script particularly valuable:

o It is appropriate for the default category (you can read about what
  makes a good default script at
  http://nmap.org/book/nse-usage.html#nse-categories).

o The results serve a common and practical purpose.  In other words it
  produces valuable and actionable information or actions.  You should
  be able to easily explain why a network/security administrator or
  other user would want to do this.

o Common--a script which interrogates an extremely common service is
  far more valuable than one which queries a service that is almost
  never available.

o Speed--great scripts are optimized for speed--they don't leave the
  user waiting any longer than necessary.

A good rule of thumb is that if you think the feature would be very
useful for your Nmap scans, others probably would like it too.
Scripts don't have to meet all of these factors--just strike a good
balance.

If you have any good ideas, please add them to the page!

Of course thinking up ideas is only part of the battle.  We're always
looking for folks to actually write scripts too.  And if you don't
know where to start, take a look at that same script ideas page for
inspiration:

https://secwiki.org/w/Nmap_Script_Ideas

After you write and test a script, please send it to nmap-dev for
discussion and potential inclusion into Nmap.

In just the last year we've gone from 161 scripts to 294!  That is
extraordinary, and I'm hoping we can keep up that momentum.

Cheers,
Fyodor
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: