Nmap Development mailing list archives
Re: Best practice for web vulnerability scripts?
From: George Chatzisofroniou <sophron () latthi com>
Date: Wed, 28 May 2014 18:44:32 +0300
On Wed, May 28, 2014 at 10:03:53AM -0500, Daniel Miller wrote:
What about splitting http-enum and placing the vulnerability detection portions into http-vuln (name subject to alteration)? http-enum is enormous and slow (I often specifically avoid running it for this reason, even when I want to run as many scripts as possible), and I can see how someone might only want to check for known vulnerabilities.
There is http-enum.category option for limiting the checks to a certain type. For vulnerability checks only, you can use the 'attacks' type. There is also the 'severity' field when declaring a vulnerability fingerprint. Currently, this field is used nowhere, but i can guess that it was supposed to limit the checks even more by setting a severity rating.
This could also allow some changes to the fingerprint "API" that could work for vuln checks, like reducing some of the vuln library boilerplate with new fields.
The fingerprints may differ according to their category already. For example, the 'severity' field that i mentioned applies only on vulnerability fingerprints. I think the main reason for splitting the databases is for better arranging and i'm fine with that. -- George Chatzisofroniou _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Best practice for web vulnerability scripts? Ron Bowes (May 27)
- RE: Best practice for web vulnerability scripts? Rob Nicholls (May 27)
- Re: Best practice for web vulnerability scripts? Ron Bowes (May 27)
- Re: Best practice for web vulnerability scripts? George Chatzisofroniou (May 28)
- Re: Best practice for web vulnerability scripts? Daniel Miller (May 28)
- Re: Best practice for web vulnerability scripts? George Chatzisofroniou (May 28)
- Re: Best practice for web vulnerability scripts? Daniel Miller (May 28)
- RE: Best practice for web vulnerability scripts? Rob Nicholls (May 27)