Nmap¶

Nmap is a programm to discover hosts, computer network.
NSE - Nmap Scripting Engine NSE scripts is lua scripts for help penetration testers. Kali linux has a lot of NSE script in folder /usr/share/nmap/scripts. Pasted image 20230418172725.png

command to fin scripts associated with HTTP protocol:¶

/usr/share/nmap/scripts$ ls -lsaht |grep -i 'http'

Command http-enum¶

Scan folder in site. Script allows to know wordpress versions.

nmap -p80 --script=http-enum  192.168.136.101

Command http-methods¶

Allows to know which http methods are avalable.

nmap -p80 --script=http-methods --script-args http-methods.url-path='/wp-includes/' offsecwp

Command http-wordpress-enum¶

Allows to get information about http server and wordpress plugin list

nmap -p80 -sV --script http-wordpress-enum offsecwp

Another commands¶

--script=http-methods,http-ls,http-robots.txt,http-cookie-flags,http-cors

Documentation to commands¶

https://nmap.org/nsedoc/scripts/<metod_name>.html

References¶

web200.Tools.Nmap Scripts
(Nmap, 2021), https://nmap.org/book/man-nse.html
(Nmap, 2021), https://nmap.org/nsedoc/scripts/http-methods.html