We earn commission when you buy through affiliate links.
This does not influence our reviews or recommendations.Learn more.
Nmap scripting engine (NSE) Script is one of the most popular and powerful capabilities of Nmap.
These Nmap vulnerability scan scripts are used bypenetration testersand hackers to examine common known vulnerabilities.
Common Vulnerabilities and Exposures (CVE) is a database of publicly disclosed data security issues.
It serves as a reference model for detecting vulnerabilities and threats related to the security of information systems.
In this article, well look at how to use Nmap for Vulnerability Scan.
Nmap Installation
Nmap is pre-installed in almost every Linux distribution.
In case its missing, you should probably install it manually.
It can be easily installed with the following command.
And you’ve got the option to also install it by cloning the officialgit repository.
Next, navigate to that directory and implement the requirements using the below commands.
These scripts allow you to discover important information about system security flaws.
Nmap-vulners
One of the most well-known vulnerability scanners isNmap-vulners.
Lets look at how to set up this tool as well as how to run a basic CVE scan.
The Nmap script engine searches HTTP responses to identify CPEs for the given script.
To set up the Nmap-vulners script, navigate to the Nmap scripts directory using the following command.
The Next step is to clone the git repository.
After cloning the git repository, you wont need to do anything else for the configuration.
The tool will be automatically installed.
And if you want to see the NSE scripts present in Nmap-vulners database, uselscommand.
It will display all the .nse extension scripts on the terminal.
Its easy to use NSE scripts.
Simply pass the -script argument to our Nmap command to instruct what NSE script to use.
Dont forget to pass -sV argument while using NSE scripts.
So, the -sV parameter is required all the time.
The syntax is quite straightforward.
Just call the script with script option and specify the vulners engine and target to begin scanning.
you’ve got the option to find all the category types of NSE scripts and their phaseshere.
vulscan is like a module for Nmap that transforms it into a vulnerability scanner.
The Next step is to clone the git repository and install all the requirements.
Vulscan makes use of pre-configured databases saved locally on our machine.
To update the database, go to the updater directory.
bang out the following command into a terminal to navigate to the updater directory.
Next, change the permissions of the file to be run in the system.
And finally, update the exploit databases with the below command.
Lets use vulscan to do a Nmap vulnerability scan.
The vulscan NSE script can be used in the same way as nmap-vulners.
By default, Vulscan will search all of the databases simultaneously.
It takes a lot of time to query information using all the databases.
Using the vulscandb parameter, it’s possible for you to pass only one CVE database at a time.
Individual vulnerability Scanning
Individual vulnerability scans can also be performed utilizing particular scripts within each category.
Here is a list of all 600+NSE scriptsand 139NSE libraries.
And finally, here is a list of all NSE scripts which come under the vuln category.
Is your system capable of detecting Nmap scans?
Reconnaissance is the first phase inethical hackingand penetration testing.
Hackers use the reconnaissance phase to locate flaws and loopholes in a system to attack.
Therefore defense systems should be able to detect them.
And here is a list of thebest SIEM Toolsto Secure Your business and organization from Cyberattacks.
These tools even help in logging Nmap scans.
Vulnerability scans are worthwhile since early identification can avert future damage to the systems.
You may also be interested in learning the list ofOpen Source Web Security Scannersto find vulnerabilities.
