Post

Nmap

Scripts

  • Scripts are usually in /usr/share/nmap/scripts/ or /opt/homebrew/share/nmap/scripts
  • To update scripts, run nmap --script-updatedb (maybe with sudo)
  • Searching w/ cat script.db | grep can filter by lots, like safe or intrusive and vuln
  • Use nmap --script-help script-title-here to see built-in man pages for that script

SSL ciphers

Enumerate SSL/TLS ciphers supported by a server, script docs.

1
nmap -sV --script ssl-enum-ciphers -p <port> <target>

For FIPS 140-2 projects - note that RC4-MD5 ciphers, Camellia ciphers, curve 25519 and other elliptic curves are all not acceptable and shouldn’t show up in compliant results.

Vulners

Enumerate vulnerabilities on a host, script docs.

1
nmap -sV --script vulners [--script-args mincvss=<arg_val>] <target>
This post is licensed under CC BY 4.0 by the author.