May 2017
Intermediate to advanced
416 pages
21h 33m
English
In the previous command, the flag -sV enables service detection, and the argument --script vulscan initiates the NSE script vulscan. The NSE script vulscan will use the version information to match any public vulnerability advisories from CVE, Scipvuldb, and exploitdb.
The script vulscan parses each service name and version and compares these against a local copy of the databases. This method is far from perfect, as name matching in vulscan still suffers some bugs, and of course, it depends on Nmap's version detection, but it is still amazingly useful when finding possible public vulnerabilities affecting the scanned service.
Read now
Unlock full access