O'Reilly logo

Mastering the Nmap Scripting Engine by Paulino Calderón Pale

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 6. Developing Brute-force Password-auditing Scripts

One important feature of NSE, (sadly) often forgotten, is the ability to perform brute-force password-auditing attacks against numerous services, applications, and protocols. As experienced penetration testers, we know that weak credentials are found in many IT environments, and it is impossible to find them all manually without boring yourself to death. The brute NSE category attempts to ease this pain by grouping over 50 different scripts to work with a variety of applications, services, and protocols such as these:

  • HTTP, HTTPS, and application-specific scripts for web applications
  • SMTP, POP, and IMAP for mail delivery systems
  • Oracle, IBM DB2, MySQL, MS SQL, Cassandra, and MongoDB for ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required