Home page logo

nmap-dev logo Nmap Development mailing list archives

[NSE] Presentation and Vulscan Framework
From: Marc Ruef <marc.ruef () computec ch>
Date: Fri, 19 Nov 2010 10:17:45 +0100


A few weeks ago I was a speaker at Hashdays, a security conference in Switzerland[1]. My talk had the title "Nmap NSE Hacking for IT Security Professionals". After a short introduction to Nmap/NSE I have shown the enhancements we have made to improve our security scanning and penetration testing. We wrote additional NSE scripts for data gathering and parse the results in a database (more an expert system) for further moderation[2].

The slides (English) and a _very small_ glimpse of our framework have been published on our companies labs site:


We are providing a set of top 10 scripts for web server analysis. The xml output can be parsed with a Ruby script to generate a csv file. This file can be imported into a spreadsheet or database. See the blog post and slides for further details.

Perhaps one or another is interested in this line of work. We would appreciate feedback of course.



[1] http://www.scip.ch/?labs.20101105
[2] http://www.computec.ch/news.php?item.333

Marc Ruef | marc.ruef () computec ch | http://www.computec.ch/mruef/
Meine letzte Publikation: "IT-Security: Home Edition vs. Corporate Edition" - http://www.computec.ch/news.php?item.341
Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]