Performs password guessing against Apple Filing Protocol (AFP)

Attempts to guess valid credentials for the Citrix PN Web Agent XML Service. The XML service authenticates against the local Windows server or the Active Directory.

Performs password guessing against databases supporting the IBM DB2 protocol such as Informix, DB2 and Derby

Checks if an FTP server allows anonymous logins.

Tries to get FTP login credentials by guessing usernames and passwords.

Retrieves the authentication scheme and realm of a web service that requires authentication.

Attempts to brute-force LDAP authentication. By default it uses the built-in username and password lists. In order to use your own lists use the userdb and passdb script arguments.

Performs password guessing against Microsoft SQL Server (ms-sql).

Attempts to authenticate using an empty password for the sysadmin (sa) account.

Queries Microsoft SQL Server (ms-sql) for a list of databases a user has access to.

Performs password guessing against MySQL

Checks for MySQL servers with an empty password for root or anonymous.

Guesses Oracle instance/SID names against the TNS-listener.

Performs password guessing against PostgreSQL.

Tries to log into a POP3 account by guessing usernames and passwords.

Attempts to guess username/password combinations over SMB, storing discovered combinations for use in other scripts. Every attempt will be made to get a valid list of users and to verify each username before actually using them. When a username is discovered, besides being printed, it is also saved in the Nmap registry so other Nmap scripts can use it. That means that if you're going to run smb-brute.nse, you should run other smb scripts you want. This checks passwords in a case-insensitive way, determining case after a password is found, for Windows versions before Vista.

Attempts to find an SNMP community string by brute force guessing.

Tries to get Telnet login credentials by guessing usernames and passwords.

Performs password guessing against VNC

Checks if you're allowed to connect to the X server.