NSEDoc

• Index
• NSE Documentation

Categories

• auth
• default
• discovery
• dos
• exploit
• external
• fuzzer
• intrusive
• malware
• safe
• version
• vuln

Scripts (show 134)(134)Scripts (134)

• afp-brute
• afp-path-vuln
• afp-serverinfo
• afp-showmount
• asn-query
• auth-owners
• auth-spoof
• banner
• citrix-brute-xml
• citrix-enum-apps
• citrix-enum-apps-xml
• citrix-enum-servers
• citrix-enum-servers-xml
• couchdb-databases
• couchdb-stats
• daap-get-library
• daytime
• db2-das-info
• dhcp-discover
• dns-cache-snoop
• dns-fuzz
• dns-random-srcport
• dns-random-txid
• dns-recursion
• dns-service-discovery
• dns-zone-transfer
• drda-brute
• drda-info
• finger
• ftp-anon
• ftp-bounce
• ftp-brute
• ftp-libopie
• html-title
• http-auth
• http-date
• http-enum
• http-favicon
• http-headers
• http-iis-webdav-vuln
• http-malware-host
• http-methods
• http-open-proxy
• http-passwd
• http-php-version
• http-trace
• http-userdir-enum
• http-vmware-path-vuln
• iax2-version
• imap-capabilities
• ipidseq
• irc-info
• irc-unrealircd-backdoor
• jdwp-version
• ldap-brute
• ldap-rootdse
• ldap-search
• lexmark-config
• mongodb-databases
• mongodb-info
• ms-sql-brute
• ms-sql-config
• ms-sql-empty-password
• ms-sql-hasdbaccess
• ms-sql-info
• ms-sql-query
• ms-sql-tables
• ms-sql-xp-cmdshell
• mysql-brute
• mysql-databases
• mysql-empty-password
• mysql-info
• mysql-users
• mysql-variables
• nbstat
• nfs-ls
• nfs-showmount
• nfs-statfs
• ntp-info
• ntp-monlist
• oracle-sid-brute
• p2p-conficker
• pgsql-brute
• pjl-ready-message
• pop3-brute
• pop3-capabilities
• pptp-version
• qscan
• realvnc-auth-bypass
• robots.txt
• rpcinfo
• skypev2-version
• smb-brute
• smb-check-vulns
• smb-enum-domains
• smb-enum-groups
• smb-enum-processes
• smb-enum-sessions
• smb-enum-shares
• smb-enum-users
• smb-os-discovery
• smb-psexec
• smb-security-mode
• smb-server-stats
• smb-system-info
• smbv2-enabled
• smtp-commands
• smtp-enum-users
• smtp-open-relay
• smtp-strangeport
• sniffer-detect
• snmp-brute
• snmp-interfaces
• snmp-netstat
• snmp-processes
• snmp-sysdescr
• snmp-win32-services
• snmp-win32-shares
• snmp-win32-software
• snmp-win32-users
• socks-open-proxy
• sql-injection
• ssh-hostkey
• sshv1
• ssl-cert
• ssl-enum-ciphers
• sslv2
• telnet-brute
• upnp-info
• vnc-brute
• vnc-info
• wdb-version
• whois
• x11-access

Libraries (show 47)(47)Libraries (47)

• afp
• asn1
• base64
• bin
• bit
• brute
• citrixxml
• comm
• datafiles
• dns
• drda
• http
• imap
• ipOps
• json
• ldap
• listop
• match
• mongodb
• msrpc
• msrpcperformance
• msrpctypes
• mssql
• mysql
• netbios
• nmap
• nsedebug
• openssl
• packet
• pcre
• pgsql
• pop3
• proxy
• rpc
• shortport
• smb
• smbauth
• snmp
• ssh1
• ssh2
• stdnse
• strbuf
• strict
• tab
• unpwdb
• url
• vnc

Scripts

db2-das-info	Connects to the IBM DB2 Administration Server (DAS) on TCP or UDP port 523 and exports the server profile. No authentication is required for this request.
drda-info	Attempts to extract information from database servers supporting the DRDA protocol. The script sends a DRDA EXCSAT (exchange server attributes) command packet and parses the response.
iax2-version	Detects the UDP IAX2 service.
jdwp-version	Detects the Java Debug Wire Protocol. This protocol is used by Java programs to be debugged via the network. It should not be open to the public Internet, as it does not provide any security against malicious attackers who can inject their own bytecode into the debugged process.
pptp-version	Attempts to extract system information from the point-to-point tunneling protocol (PPTP) service.
skypev2-version	Detects the Skype version 2 service.
wdb-version	Gathers information from a Wind DeBug Agent on VxWorks