As some of you might have learned Nmap
is developing a new subsystem called NSE
(Nmap Scripting Engine
) to be used in the popular Open Source Security Scanner. This was an idea of Fyodor himself and was implemented by Diman Todorov as an assignment in Google Summer of Code 2006. The resulting development can be experienced by anyone using Nmap 4.21ALPHA4
or a later SVN snaps.
The NSE provides a system where scripts (-sC) can be use to automate and extend Nmap operations. Scripting language used is Lua
(the same language used to customize World of Warcraft
). However Nmap implementation of Lua includes extensions in the form of exception handling, Perl compatible RegEx and bitwise operators, etc. I believe any serious SysAdmin would like to get their hands on the Nmap with new NSE.
At the moment there's only a few sample scripts available. It was recently announced
however that popular security vendor Sourcefire
(related to Snort IDS, too) is collaborating with Nmap folks at Insecure.org
to develop more and more scripts along with the NSE. There's also a student developing scripts as a participant in Google Summer of Code 2007.
We've always loved Nmap. And with this new NSE there will be opportunities which was earlier hard to attain. Since there's a whole lot of new possibilities with Nmap scripting, there are things I'd like to see implemented with Nmap Scripting. Please join me here to list what you expect from Nmap Scripts