Nmap Script Engine (NSE) is a built-in script that can be used to scan for specific tasks. Through NSE, you can continuously expand the scanning strategy of Nmap and enhance the functions of Nmap.
The --script parameter is used in Nmap to specify the script to be invoked, for Windows scripts stored under the script folder under the Nmap installation path, and for Kali Linux under /usr/share/nmap/script/.
环境准备:Metasploitable2靶场 IP:192.168.0.6
Metasploitable2 教程:搭Metasploitable2
NSE specific use
1. Use Nmap to detect the title information of the web service.
nmap --script http-headers 192.168.0.6
2. Use Nmap to detect the http header of the http service
nmap --script http-headers 192.168.0.6
3. NSE classification and use
Using multiple classification scripts to detect targets can help you find the target's information and weaknesses faster. Use the vulnerability classification script in Nmap to detect the target with the following command:
nmap -sV --script vuln 192.168.0.6
4. Use the Nmap discovery and version information classification to detect, and use the following commands:
nmap -sV --script="version,discovery" 192.168.0.6
Click on the link to learn synchronous video lessons!
"Links"