Home page logo
/

nmap-dev logo Nmap Development mailing list archives

[NSE] Presentation and Vulscan Framework
From: Marc Ruef <marc.ruef () computec ch>
Date: Fri, 19 Nov 2010 10:17:45 +0100

Hello,

A few weeks ago I was a speaker at Hashdays, a security conference in Switzerland[1]. My talk had the title "Nmap NSE Hacking for IT Security Professionals". After a short introduction to Nmap/NSE I have shown the enhancements we have made to improve our security scanning and penetration testing. We wrote additional NSE scripts for data gathering and parse the results in a database (more an expert system) for further moderation[2].

The slides (English) and a _very small_ glimpse of our framework have been published on our companies labs site:

   http://www.scip.ch/?labs.20101119

We are providing a set of top 10 scripts for web server analysis. The xml output can be parsed with a Ruby script to generate a csv file. This file can be imported into a spreadsheet or database. See the blog post and slides for further details.

Perhaps one or another is interested in this line of work. We would appreciate feedback of course.

Regards,

Marc

[1] http://www.scip.ch/?labs.20101105
[2] http://www.computec.ch/news.php?item.333

--
Marc Ruef | marc.ruef () computec ch | http://www.computec.ch/mruef/
_________________________________________________________________
Meine letzte Publikation: "IT-Security: Home Edition vs. Corporate Edition" - http://www.computec.ch/news.php?item.341
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault