Chapter 6. Developing Brute-force Password-auditing Scripts
One important feature of NSE, (sadly) often forgotten, is the ability to perform brute-force password-auditing attacks against numerous services, applications, and protocols. As experienced penetration testers, we know that weak credentials are found in many IT environments, and it is impossible to find them all manually without boring yourself to death. The brute
NSE category attempts to ease this pain by grouping over 50 different scripts to work with a variety of applications, services, and protocols such as these:
- HTTP, HTTPS, and application-specific scripts for web applications
- SMTP, POP, and IMAP for mail delivery systems
- Oracle, IBM DB2, MySQL, MS SQL, Cassandra, and MongoDB for ...
Get Mastering the Nmap Scripting Engine now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.