Tag Archives: Lua

Vulners Nmap plugin

In previous post about Vulners vulnerability detection plugins for Burp and Google Chrome, I mentioned that it would be great to have a plugin for some free publicly available tool, like Nmap. And guys from the Vulners Team have recently released Nmap plugin. Isn’t it awesome? 🙂

Vulners Nmap vulnerability detection plugin

To detect vulnerabilities with Vulners Nmap plugin, you need to download the script and run it like this:

$ wget -O vulners.nse https://raw.githubusercontent.com/vulnersCom/nmap-vulners/master/vulners.nse
$ nmap -sV --script vulners.nse corporation.com

The output you can see on the screenshot above.

First of all, I need to say that it’s not the full analogue of the plugins for Burp and Google Chrome.

In the current version it doesn’t analyse the content and headers of the site. It doesn’t detect vulnerabilities of standard Web applications. From the other hand, this plugin can detect vulnerabilities of network services, that plugins for Burp and Chrome obviously won’t detect.

Continue reading