Discovering services and vulnerabilities with Nmap scripts
In this section, we will learn how to discover services as well as perform advanced operations to collect information about a target and detect vulnerabilities in the FTP service.
Executing Nmap scripts to discover services
Nmap is an exceptional tool for performing network and service scans, but among its numerous features there are some very notable ones, such as the Nmap Scripting Engine (NSE).
Nmap lets you perform vulnerability scans thanks to its powerful Lua scripting engine. In this way, we can also run more complex routines that let us filter information about a specific target.
Nmap provides several scripts that can help to identify services with the possibility to exploit found vulnerabilities. Each of these scripts can be called using the –script
option:
- Auth: Executes all available scripts for authentication
- Default: Executes the basic scripts of the tool by default ...