Chapter 6. Developing Brute-force Password-auditing Scripts

One important feature of NSE, (sadly) often forgotten, is the ability to perform brute-force password-auditing attacks against numerous services, applications, and protocols. As experienced penetration testers, we know that weak credentials are found in many IT environments, and it is impossible to find them all manually without boring yourself to death. The brute NSE category attempts to ease this pain by grouping over 50 different scripts to work with a variety of applications, services, and protocols such as these:

HTTP, HTTPS, and application-specific scripts for web applications
SMTP, POP, and IMAP for mail delivery systems
Oracle, IBM DB2, MySQL, MS SQL, Cassandra, and MongoDB for ...

Get Mastering the Nmap Scripting Engine now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Mastering the Nmap Scripting Engine by Paulino Calderón Pale

Chapter 6. Developing Brute-force Password-auditing Scripts

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly