ꦫꦣꦺꦤ꧀ꦄꦤ꧀ꦠꦱꦺꦤ

PATH: usr / share / nmap / scripts

local http = require "http"
local io = require "io"
local json = require "json"
local stdnse = require "stdnse"
local openssl = stdnse.silent_require "openssl"
local tab = require "tab"
local table = require "table"

description = [[
Checks whether a file has been determined as malware by Virustotal. Virustotal
is a service that provides the capability to scan a file or check a checksum
against a number of the major antivirus vendors. The script uses the public
API which requires a valid API key and has a limit on 4 queries per minute.
A key can be acquired by registering as a user on the virustotal web page:
* http://www.virustotal.com

The scripts supports both sending a file to the server for analysis or
checking whether a checksum (supplied as an argument or calculated from a
local file) was previously discovered as malware.

As uploaded files are queued for analysis, this mode simply returns a URL
where status of the queued file may be checked.
]]

---
-- @usage
-- nmap --script http-virustotal --script-args='apikey="<key>",checksum="275a021bbfb6489e54d471899f7db9d1663fc695ec2fe2a2c4538aabf651fd0f"'
--
-- @output
-- Pre-scan script results:
-- | http-virustotal: 
-- |   Permalink: https://www.virustotal.com/file/275a021bbfb6489e54d471899f7db9d1663fc695ec2fe2a2c4538aabf651fd0f/analysis/1333633817/
-- |   Scan date: 2012-04-05 13:50:17
-- |   Positives: 41
-- |   digests
-- |     SHA1: 3395856ce81f2b7382dee72602f798b642f14140
-- |     SHA256: 275a021bbfb6489e54d471899f7db9d1663fc695ec2fe2a2c4538aabf651fd0f
-- |     MD5: 44d88612fea8a8f36de82e1278abb02f
-- |   Results
-- |     name                  result                          date      version
-- |     AhnLab-V3             EICAR_Test_File                 20120404  2012.04.05.00
-- |     AntiVir               Eicar-Test-Signature            20120405  7.11.27.24
-- |     Antiy-AVL             AVTEST/EICAR.ETF                20120403  2.0.3.7
-- |     Avast                 EICAR Test-NOT virus!!!         20120405  6.0.1289.0
-- |     AVG                   EICAR_Test                      20120405  10.0.0.1190
-- |     BitDefender           EICAR-Test-File (not a virus)   20120405  7.2
-- |     ByteHero              -                               20120404  1.0.0.1
-- |     CAT-QuickHeal         EICAR Test File                 20120405  12.00
-- |     ClamAV                Eicar-Test-Signature            20120405  0.97.3.0
-- |     Commtouch             EICAR_Test_File                 20120405  5.3.2.6
-- |     Comodo                Exploit.EICAR-Test-File         20120405  12000
-- |     DrWeb                 EICAR Test File (NOT a Virus!)  20120405  7.0.1.02210
-- |     Emsisoft              EICAR-ANTIVIRUS-TESTFILE!IK     20120405  5.1.0.11
-- |     eSafe                 EICAR Test File                 20120404  7.0.17.0
-- |     eTrust-Vet            the EICAR test string           20120405  37.0.9841
-- |     F-Prot                EICAR_Test_File                 20120405  4.6.5.141
-- |     F-Secure              EICAR_Test_File                 20120405  9.0.16440.0
-- |     Fortinet              EICAR_TEST_FILE                 20120405  4.3.392.0
-- |     GData                 EICAR-Test-File                 20120405  22
-- |     Ikarus                EICAR-ANTIVIRUS-TESTFILE        20120405  T3.1.1.118.0
-- |     Jiangmin              EICAR-Test-File                 20120331  13.0.900
-- |     K7AntiVirus           EICAR_Test_File                 20120404  9.136.6595
-- |     Kaspersky             EICAR-Test-File                 20120405  9.0.0.837
-- |     McAfee                EICAR test file                 20120405  5.400.0.1158
-- |     McAfee-GW-Edition     EICAR test file                 20120404  2012.1
-- |     Microsoft             Virus:DOS/EICAR_Test_File       20120405  1.8202
-- |     NOD32                 Eicar test file                 20120405  7031
-- |     Norman                Eicar_Test_File                 20120405  6.08.03
-- |     nProtect              EICAR-Test-File                 20120405  2012-04-05.01
-- |     Panda                 EICAR-AV-TEST-FILE              20120405  10.0.3.5
-- |     PCTools               Virus.DOS.EICAR_test_file       20120405  8.0.0.5
-- |     Rising                EICAR-Test-File                 20120405  24.04.02.03
-- |     Sophos                EICAR-AV-Test                   20120405  4.73.0 TP
-- |     SUPERAntiSpyware      NotAThreat.EICAR[TestFile]      20120402  4.40.0.1006
-- |     Symantec              EICAR Test String               20120405  20111.2.0.82
-- |     TheHacker             EICAR_Test_File                 20120405  6.7.0.1.440
-- |     TrendMicro            Eicar_test_file                 20120405  9.500.0.1008
-- |     TrendMicro-HouseCall  Eicar_test_file                 20120405  9.500.0.1008
-- |     VBA32                 EICAR-Test-File                 20120405  3.12.16.4
-- |     VIPRE                 EICAR (v)                       20120405  11755
-- |     ViRobot               EICAR-test                      20120405  2012.4.5.5025
-- |_    VirusBuster           EICAR_test_file                 20120404  14.2.11.0
--
-- @args apikey an API key acquired from the virustotal web page
-- @args upload true if the file should be uploaded and scanned, false if a
--       checksum should be calculated of the local file (default: false)
-- @args filename the full path of the file to checksum or upload
-- @args checksum a SHA1, SHA256, MD5 checksum of a file to check
--

author = "Patrik Karlsson"
license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
categories={"safe", "malware", "external"}

local arg_apiKey = stdnse.get_script_args(SCRIPT_NAME .. ".apikey")
local arg_upload = stdnse.get_script_args(SCRIPT_NAME .. ".upload") or false
local arg_filename = stdnse.get_script_args(SCRIPT_NAME .. ".filename")
local arg_checksum = stdnse.get_script_args(SCRIPT_NAME .. ".checksum")

prerule = function() return true end

local function readFile(filename)
	local f = io.open(filename, "r")
	if ( not(f) ) then
		return false, ("Failed to open file: %s"):format(filename)
	end
	
	local str = f:read("*all")
	if ( not(str) ) then
		f:close()
		return false, "Failed to read file contents"
	end
	f:close()
	return true, str
end

local function requestFileScan(filename)
	local status, str = readFile(filename)
	if ( not(status) ) then
		return false, str
	end
	
	local shortfile = filename:match("^.*[\\/](.*)$")
	local boundary = "----------------------------nmapboundary"
	local header = { ["Content-Type"] = ("multipart/form-data; boundary=%s"):format(boundary) }
	local postdata = ("--%s\r\n"):format(boundary)
	postdata = postdata .. "Content-Disposition: form-data; name=\"apikey\"\r\n\r\n"
	postdata = postdata .. arg_apiKey .. "\r\n"
	postdata = postdata .. ("--%s\r\n" ..
		"Content-Disposition: form-data; name=\"file\"; filename=\"%s\"\r\n" ..
		"Content-Type: text/plain\r\n\r\n%s\r\n--%s--\r\n"):format(boundary, shortfile, str, boundary)
	
	local host = "www.virustotal.com"
	local port = { number = 80, protocol = "tcp" }
	local path = "/vtapi/v2/file/scan"
	
	local response = http.post( host, port, path, { header = header }, nil, postdata )
	if ( not(response) or response.status ~= 200 ) then
		return false, "Failed to request file scan"
	end

local status, json_data = json.parse(response.body)
	if ( not(status) ) then
		return false, "Failed to parse JSON response"
	end
		
	return true, json_data
end

local function getFileScanReport(resource)

local host = "www.virustotal.com"
	local port = { number = 80, protocol = "tcp" }
	local path = "/vtapi/v2/file/report"

local response = http.post(host, port, path, nil, nil, { ["apikey"] = arg_apiKey, ["resource"] = resource })
	if ( not(response) or response.status ~= 200 ) then
		return false, "Failed to retrieve scan report"
	end

local status, json_data = json.parse(response.body)
	if ( not(status) ) then
		return false, "Failed to parse JSON response"
	end
		
	return true, json_data
end

local function calcSHA256(filename)
	
	local status, str = readFile(filename)
	if ( not(status) ) then
		return false, str
	end
	return true, stdnse.tohex(openssl.digest("sha256", str))
end

local function parseScanReport(report)
	local result = {}
	
	table.insert(result, ("Permalink: %s"):format(report.permalink))
	table.insert(result, ("Scan date: %s"):format(report.scan_date))
	table.insert(result, ("Positives: %s"):format(report.positives))
	table.insert(result, { 
		name = "digests", 
		("SHA1: %s"):format(report.sha1),
		("SHA256: %s"):format(report.sha256),
		("MD5: %s"):format(report.md5)
	})
	
	local tmp = {}
	for name, scanres in pairs(report.scans) do
		local res = ( scanres.detected ) and scanres.result or "-"
		table.insert(tmp, { name = name, result = res, update = scanres.update, version = scanres.version })
	end
	table.sort(tmp, function(a,b) return a.name:upper()<b.name:upper() end)

local scan_tbl = tab.new(4)
	tab.addrow(scan_tbl, "name", "result", "date", "version")
	for _, v in ipairs(tmp) do
		tab.addrow(scan_tbl, v.name, v.result, v.update, v.version)
	end
	table.insert(result, { name = "Results", tab.dump(scan_tbl) })
	
	return result
end

local function fail(err) return ("\n  ERROR: %s"):format(err or "") end

action = function()
	
	if ( not(arg_apiKey) ) then
		return fail("An API key is required in order to use this script (see description)")
	end

local resource
	if ( arg_upload == "true" and arg_filename ) then
		local status, json_data = requestFileScan(arg_filename, arg_apiKey)
		if ( not(status) or not(json_data['resource']) ) then
			return fail(json_data)
		end
		resource = json_data['resource']

local output = {}
		table.insert(output, "Your file was succesfully uploaded and placed in the scanning queue.")
		table.insert(output, { name = "To check the current status visit:", json_data['permalink'] })
		return stdnse.format_output(true, output)
	elseif ( arg_filename ) then
		local status, sha256 = calcSHA256(arg_filename)
		if ( not(status) ) then
			return fail("Failed to calculate SHA256 checksum for file")
		end
		resource = sha256
	elseif ( arg_checksum ) then
		resource = arg_checksum
	else
		return
	end
	
	local status, response
	
	local status, response = getFileScanReport(resource)
	if ( not(status) ) then
		return fail("Failed to retrieve file scan report")
	end
			
	if ( not(response.response_code) or 0 == tonumber(response.response_code) ) then
		return fail(("Failed to retreive scan report for resource: %s"):format(resource))
	end
	
	return stdnse.format_output(true, parseScanReport(response))
end

[+] ..
[-] qscan.nse [edit]
[-] oracle-brute.nse [edit]
[-] smtp-vuln-cve2011-1764.nse [edit]
[-] broadcast-pc-duo.nse [edit]
[-] targets-ipv6-multicast-mld.nse [edit]
[-] http-backup-finder.nse [edit]
[-] http-sitemap-generator.nse [edit]
[-] cassandra-brute.nse [edit]
[-] snmp-win32-services.nse [edit]
[-] ftp-brute.nse [edit]
[-] irc-botnet-channels.nse [edit]
[-] rsync-brute.nse [edit]
[-] icap-info.nse [edit]
[-] citrix-brute-xml.nse [edit]
[-] iax2-version.nse [edit]
[-] nfs-ls.nse [edit]
[-] ndmp-fs-info.nse [edit]
[-] cvs-brute-repository.nse [edit]
[-] http-drupal-modules.nse [edit]
[-] mysql-databases.nse [edit]
[-] xmpp-info.nse [edit]
[-] pgsql-brute.nse [edit]
[-] ssl-google-cert-catalog.nse [edit]
[-] smtp-commands.nse [edit]
[-] rpcinfo.nse [edit]
[-] snmp-hh3c-logins.nse [edit]
[-] dns-zone-transfer.nse [edit]
[-] murmur-version.nse [edit]
[-] metasploit-xmlrpc-brute.nse [edit]
[-] http-brute.nse [edit]
[-] nessus-xmlrpc-brute.nse [edit]
[-] krb5-enum-users.nse [edit]
[-] vuze-dht-info.nse [edit]
[-] smb-ls.nse [edit]
[-] openlookup-info.nse [edit]
[-] hadoop-namenode-info.nse [edit]
[-] informix-tables.nse [edit]
[-] http-vuln-cve2010-0738.nse [edit]
[-] omp2-brute.nse [edit]
[-] http-headers.nse [edit]
[-] bitcoin-info.nse [edit]
[-] smb-psexec.nse [edit]
[-] eppc-enum-processes.nse [edit]
[-] afp-brute.nse [edit]
[-] iscsi-brute.nse [edit]
[-] http-enum.nse [edit]
[-] smb-enum-sessions.nse [edit]
[-] daytime.nse [edit]
[-] mongodb-info.nse [edit]
[-] omp2-enum-targets.nse [edit]
[-] p2p-conficker.nse [edit]
[-] teamspeak2-version.nse [edit]
[-] http-wordpress-brute.nse [edit]
[-] riak-http-info.nse [edit]
[-] http-joomla-brute.nse [edit]
[-] path-mtu.nse [edit]
[-] targets-traceroute.nse [edit]
[-] snmp-win32-users.nse [edit]
[-] http-unsafe-output-escaping.nse [edit]
[-] http-traceroute.nse [edit]
[-] ftp-anon.nse [edit]
[-] mysql-info.nse [edit]
[-] mtrace.nse [edit]
[-] openvas-otp-brute.nse [edit]
[-] lltd-discovery.nse [edit]
[-] ssl-enum-ciphers.nse [edit]
[-] dict-info.nse [edit]
[-] netbus-version.nse [edit]
[-] nfs-statfs.nse [edit]
[-] hostmap-bfk.nse [edit]
[-] dns-random-txid.nse [edit]
[-] http-affiliate-id.nse [edit]
[-] socks-brute.nse [edit]
[-] bitcoin-getaddr.nse [edit]
[-] acarsd-info.nse [edit]
[-] http-cakephp-version.nse [edit]
[-] oracle-enum-users.nse [edit]
[-] dns-brute.nse [edit]
[-] http-google-malware.nse [edit]
[-] hostmap-robtex.nse [edit]
[-] http-barracuda-dir-traversal.nse [edit]
[-] http-auth-finder.nse [edit]
[-] resolveall.nse [edit]
[-] informix-query.nse [edit]
[-] mysql-users.nse [edit]
[-] nrpe-enum.nse [edit]
[-] mysql-empty-password.nse [edit]
[-] broadcast-xdmcp-discover.nse [edit]
[-] ip-geolocation-geobytes.nse [edit]
[-] cups-info.nse [edit]
[-] tftp-enum.nse [edit]
[-] http-icloud-sendmsg.nse [edit]
[-] nbstat.nse [edit]
[-] ajp-headers.nse [edit]
[-] nexpose-brute.nse [edit]
[-] giop-info.nse [edit]
[-] sip-call-spoof.nse [edit]
[-] broadcast-tellstick-discover.nse [edit]
[-] dns-nsec3-enum.nse [edit]
[-] http-grep.nse [edit]
[-] http-drupal-enum-users.nse [edit]
[-] smb-enum-processes.nse [edit]
[-] maxdb-info.nse [edit]
[-] rtsp-url-brute.nse [edit]
[-] ganglia-info.nse [edit]
[-] ip-geolocation-maxmind.nse [edit]
[-] traceroute-geolocation.nse [edit]
[-] rpcap-info.nse [edit]
[-] http-waf-detect.nse [edit]
[-] ms-sql-dac.nse [edit]
[-] citrix-enum-servers.nse [edit]
[-] http-vmware-path-vuln.nse [edit]
[-] mongodb-brute.nse [edit]
[-] http-passwd.nse [edit]
[-] x11-access.nse [edit]
[-] http-generator.nse [edit]
[-] ms-sql-info.nse [edit]
[-] http-method-tamper.nse [edit]
[-] http-robtex-shared-ns.nse [edit]
[-] http-majordomo2-dir-traversal.nse [edit]
[-] ms-sql-empty-password.nse [edit]
[-] broadcast-netbios-master-browser.nse [edit]
[-] citrix-enum-servers-xml.nse [edit]
[-] broadcast-networker-discover.nse [edit]
[-] mrinfo.nse [edit]
[-] lexmark-config.nse [edit]
[-] http-frontpage-login.nse [edit]
[-] smtp-open-relay.nse [edit]
[-] http-git.nse [edit]
[-] targets-asn.nse [edit]
[-] http-favicon.nse [edit]
[-] backorifice-info.nse [edit]
[-] http-vuln-cve2011-3192.nse [edit]
[-] realvnc-auth-bypass.nse [edit]
[-] broadcast-wpad-discover.nse [edit]
[-] http-methods.nse [edit]
[-] smb-check-vulns.nse [edit]
[-] sshv1.nse [edit]
[-] broadcast-bjnp-discover.nse [edit]
[-] http-title.nse [edit]
[-] broadcast-novell-locate.nse [edit]
[-] smb-vuln-ms10-054.nse [edit]
[-] afp-showmount.nse [edit]
[-] broadcast-rip-discover.nse [edit]
[-] http-slowloris.nse [edit]
[-] nat-pmp-mapport.nse [edit]
[-] ftp-libopie.nse [edit]
[-] targets-ipv6-multicast-echo.nse [edit]
[-] nessus-brute.nse [edit]
[-] membase-brute.nse [edit]
[-] ip-geolocation-ipinfodb.nse [edit]
[-] smb-print-text.nse [edit]
[-] smtp-enum-users.nse [edit]
[-] ajp-brute.nse [edit]
[-] bitcoinrpc-info.nse [edit]
[-] auth-owners.nse [edit]
[-] targets-ipv6-multicast-invalid-dst.nse [edit]
[-] afp-path-vuln.nse [edit]
[-] oracle-brute-stealth.nse [edit]
[-] http-vlcstreamer-ls.nse [edit]
[-] auth-spoof.nse [edit]
[-] nping-brute.nse [edit]
[-] broadcast-dropbox-listener.nse [edit]
[-] afp-ls.nse [edit]
[-] broadcast-db2-discover.nse [edit]
[-] quake3-info.nse [edit]
[-] snmp-sysdescr.nse [edit]
[-] dhcp-discover.nse [edit]
[-] ms-sql-config.nse [edit]
[-] http-comments-displayer.nse [edit]
[-] smb-vuln-ms10-061.nse [edit]
[-] ipv6-node-info.nse [edit]
[-] http-awstatstotals-exec.nse [edit]
[-] ldap-rootdse.nse [edit]
[-] rtsp-methods.nse [edit]
[-] smb-enum-domains.nse [edit]
[-] sniffer-detect.nse [edit]
[-] hbase-master-info.nse [edit]
[-] modbus-discover.nse [edit]
[-] http-rfi-spider.nse [edit]
[-] msrpc-enum.nse [edit]
[-] mysql-query.nse [edit]
[-] ftp-vsftpd-backdoor.nse [edit]
[-] domcon-brute.nse [edit]
[-] citrix-enum-apps-xml.nse [edit]
[-] pjl-ready-message.nse [edit]
[-] sip-brute.nse [edit]
[-] http-vuln-cve2011-3368.nse [edit]
[-] firewalk.nse [edit]
[-] http-gitweb-projects-enum.nse [edit]
[-] http-open-redirect.nse [edit]
[-] ajp-methods.nse [edit]
[-] ip-forwarding.nse [edit]
[-] ncp-serverinfo.nse [edit]
[-] smb-enum-shares.nse [edit]
[-] ssh2-enum-algos.nse [edit]
[-] cvs-brute.nse [edit]
[-] nat-pmp-info.nse [edit]
[-] epmd-info.nse [edit]
[-] bjnp-discover.nse [edit]
[-] stuxnet-detect.nse [edit]
[-] ftp-vuln-cve2010-4221.nse [edit]
[-] http-litespeed-sourcecode-download.nse [edit]
[-] gpsd-info.nse [edit]
[-] snmp-ios-config.nse [edit]
[-] broadcast-igmp-discovery.nse [edit]
[-] http-robtex-reverse-ip.nse [edit]
[-] snmp-processes.nse [edit]
[-] broadcast-sybase-asa-discover.nse [edit]
[-] wsdd-discover.nse [edit]
[-] netbus-info.nse [edit]
[-] broadcast-ripng-discover.nse [edit]
[-] pop3-brute.nse [edit]
[-] backorifice-brute.nse [edit]
[-] domcon-cmd.nse [edit]
[-] citrix-enum-apps.nse [edit]
[-] dns-nsec-enum.nse [edit]
[-] rpcap-brute.nse [edit]
[-] ftp-bounce.nse [edit]
[-] stun-info.nse [edit]
[-] dns-update.nse [edit]
[-] broadcast-wake-on-lan.nse [edit]
[-] dns-cache-snoop.nse [edit]
[-] rsync-list-modules.nse [edit]
[-] snmp-netstat.nse [edit]
[-] url-snarf.nse [edit]
[-] snmp-interfaces.nse [edit]
[-] cassandra-info.nse [edit]
[-] http-huawei-hg5xx-vuln.nse [edit]
[-] memcached-info.nse [edit]
[-] http-proxy-brute.nse [edit]
[-] pptp-version.nse [edit]
[-] broadcast-pppoe-discover.nse [edit]
[-] dns-random-srcport.nse [edit]
[-] ip-geolocation-geoplugin.nse [edit]
[-] smb-security-mode.nse [edit]
[-] ms-sql-dump-hashes.nse [edit]
[-] ntp-monlist.nse [edit]
[-] http-wordpress-enum.nse [edit]
[-] ike-version.nse [edit]
[-] broadcast-eigrp-discovery.nse [edit]
[-] amqp-info.nse [edit]
[-] iax2-brute.nse [edit]
[-] mysql-variables.nse [edit]
[-] ajp-request.nse [edit]
[-] cccam-version.nse [edit]
[-] mysql-brute.nse [edit]
[-] http-malware-host.nse [edit]
[-] http-domino-enum-passwords.nse [edit]
[-] vnc-brute.nse [edit]
[-] duplicates.nse [edit]
[-] db2-das-info.nse [edit]
[-] broadcast-dhcp6-discover.nse [edit]
[-] pop3-capabilities.nse [edit]
[-] http-form-fuzzer.nse [edit]
[-] flume-master-info.nse [edit]
[-] ms-sql-tables.nse [edit]
[-] broadcast-wsdd-discover.nse [edit]
[-] jdwp-info.nse [edit]
[-] mcafee-epo-agent.nse [edit]
[-] smb-brute.nse [edit]
[-] irc-sasl-brute.nse [edit]
[-] http-php-version.nse [edit]
[-] ms-sql-brute.nse [edit]
[-] http-form-brute.nse [edit]
[-] http-cors.nse [edit]
[-] jdwp-version.nse [edit]
[-] smbv2-enabled.nse [edit]
[-] ssl-cert.nse [edit]
[-] dns-fuzz.nse [edit]
[-] mysql-enum.nse [edit]
[-] script.db [edit]
[-] rlogin-brute.nse [edit]
[-] ovs-agent-version.nse [edit]
[-] ntp-info.nse [edit]
[-] ajp-auth.nse [edit]
[-] targets-sniffer.nse [edit]
[-] quake3-master-getservers.nse [edit]
[-] http-date.nse [edit]
[-] cups-queue-info.nse [edit]
[-] rdp-vuln-ms12-020.nse [edit]
[-] http-tplink-dir-traversal.nse [edit]
[-] http-robots.txt.nse [edit]
[-] hadoop-tasktracker-info.nse [edit]
[-] eap-info.nse [edit]
[-] ms-sql-xp-cmdshell.nse [edit]
[-] broadcast-dns-service-discovery.nse [edit]
[-] sip-methods.nse [edit]
[-] broadcast-avahi-dos.nse [edit]
[-] hadoop-secondary-namenode-info.nse [edit]
[-] db2-discover.nse [edit]
[-] jdwp-inject.nse [edit]
[-] servicetags.nse [edit]
[-] netbus-brute.nse [edit]
[-] ms-sql-hasdbaccess.nse [edit]
[-] gopher-ls.nse [edit]
[-] asn-query.nse [edit]
[-] firewall-bypass.nse [edit]
[-] redis-brute.nse [edit]
[-] dpap-brute.nse [edit]
[-] imap-capabilities.nse [edit]
[-] smtp-vuln-cve2010-4344.nse [edit]
[-] tls-nextprotoneg.nse [edit]
[-] upnp-info.nse [edit]
[-] http-icloud-findmyiphone.nse [edit]
[-] ventrilo-info.nse [edit]
[-] hostmap-ip2hosts.nse [edit]
[-] wdb-version.nse [edit]
[-] http-qnap-nas-info.nse [edit]
[-] smb-enum-groups.nse [edit]
[-] address-info.nse [edit]
[-] smb-mbenum.nse [edit]
[-] dns-srv-enum.nse [edit]
[-] http-iis-webdav-vuln.nse [edit]
[-] broadcast-listener.nse [edit]
[-] http-default-accounts.nse [edit]
[-] mysql-audit.nse [edit]
[-] bittorrent-discovery.nse [edit]
[-] reverse-index.nse [edit]
[-] smb-os-discovery.nse [edit]
[-] smtp-strangeport.nse [edit]
[-] socks-open-proxy.nse [edit]
[-] http-vhosts.nse [edit]
[-] broadcast-upnp-info.nse [edit]
[-] afp-serverinfo.nse [edit]
[-] targets-ipv6-multicast-slaac.nse [edit]
[-] ldap-novell-getpass.nse [edit]
[-] nfs-showmount.nse [edit]
[-] http-vuln-cve2012-1823.nse [edit]
[-] stun-version.nse [edit]
[-] http-fileupload-exploiter.nse [edit]
[-] vnc-info.nse [edit]
[-] http-axis2-dir-traversal.nse [edit]
[-] ssh-hostkey.nse [edit]
[-] http-phpmyadmin-dir-traversal.nse [edit]
[-] hadoop-jobtracker-info.nse [edit]
[-] http-stored-xss.nse [edit]
[-] hbase-region-info.nse [edit]
[-] broadcast-ataoe-discover.nse [edit]
[-] dns-check-zone.nse [edit]
[-] rdp-enum-encryption.nse [edit]
[-] ms-sql-query.nse [edit]
[-] http-wordpress-plugins.nse [edit]
[-] irc-info.nse [edit]
[-] rmi-vuln-classloader.nse [edit]
[-] ssl-known-key.nse [edit]
[-] mysql-dump-hashes.nse [edit]
[-] rexec-brute.nse [edit]
[-] mmouse-exec.nse [edit]
[-] vmauthd-brute.nse [edit]
[-] dns-ip6-arpa-scan.nse [edit]
[-] smb-system-info.nse [edit]
[-] irc-brute.nse [edit]
[-] broadcast-versant-locate.nse [edit]
[-] xmpp-brute.nse [edit]
[-] ldap-search.nse [edit]
[-] http-put.nse [edit]
[-] banner.nse [edit]
[-] http-adobe-coldfusion-apsa1301.nse [edit]
[-] llmnr-resolve.nse [edit]
[-] domino-enum-users.nse [edit]
[-] broadcast-ms-sql-discover.nse [edit]
[-] telnet-brute.nse [edit]
[-] isns-info.nse [edit]
[-] http-userdir-enum.nse [edit]
[-] smb-enum-users.nse [edit]
[-] dns-nsid.nse [edit]
[-] ndmp-version.nse [edit]
[-] voldemort-info.nse [edit]
[-] sslv2.nse [edit]
[-] redis-info.nse [edit]
[-] drda-brute.nse [edit]
[-] smtp-vuln-cve2011-1720.nse [edit]
[-] skypev2-version.nse [edit]
[-] http-open-proxy.nse [edit]
[-] irc-unrealircd-backdoor.nse [edit]
[-] ssl-date.nse [edit]
[-] couchdb-databases.nse [edit]
[-] snmp-win32-software.nse [edit]
[-] whois.nse [edit]
[-] http-email-harvest.nse [edit]
[-] http-virustotal.nse [edit]
[-] broadcast-pim-discovery.nse [edit]
[-] distcc-cve2004-2687.nse [edit]
[-] http-exif-spider.nse [edit]
[-] couchdb-stats.nse [edit]
[-] rpc-grind.nse [edit]
[-] finger.nse [edit]
[-] metasploit-msgrpc-brute.nse [edit]
[-] http-waf-fingerprint.nse [edit]
[-] http-config-backup.nse [edit]
[-] http-vuln-cve2010-2861.nse [edit]
[-] ipv6-ra-flood.nse [edit]
[-] http-phpself-xss.nse [edit]
[-] http-sql-injection.nse [edit]
[-] telnet-encryption.nse [edit]
[-] jdwp-exec.nse [edit]
[-] hddtemp-info.nse [edit]
[-] metasploit-info.nse [edit]
[-] ipidseq.nse [edit]
[-] http-auth.nse [edit]
[-] ncp-enum-users.nse [edit]
[-] sip-enum-users.nse [edit]
[-] daap-get-library.nse [edit]
[-] socks-auth-info.nse [edit]
[-] broadcast-dhcp-discover.nse [edit]
[-] http-vuln-cve2009-3960.nse [edit]
[-] http-coldfusion-subzero.nse [edit]
[-] mongodb-databases.nse [edit]
[-] xdmcp-discover.nse [edit]
[-] http-chrono.nse [edit]
[-] netbus-auth-bypass.nse [edit]
[-] drda-info.nse [edit]
[-] membase-http-info.nse [edit]
[-] smb-flood.nse [edit]
[-] dns-zeustracker.nse [edit]
[-] http-apache-negotiation.nse [edit]
[-] iscsi-info.nse [edit]
[-] smb-server-stats.nse [edit]
[-] mysql-vuln-cve2012-2122.nse [edit]
[-] dns-service-discovery.nse [edit]
[-] creds-summary.nse [edit]
[-] oracle-sid-brute.nse [edit]
[-] dns-recursion.nse [edit]
[-] broadcast-pc-anywhere.nse [edit]
[-] http-slowloris-check.nse [edit]
[-] snmp-brute.nse [edit]
[-] ftp-proftpd-backdoor.nse [edit]
[-] imap-brute.nse [edit]
[-] gkrellm-info.nse [edit]
[-] versant-info.nse [edit]
[-] svn-brute.nse [edit]
[-] hadoop-datanode-info.nse [edit]
[-] informix-brute.nse [edit]
[-] mmouse-brute.nse [edit]
[-] samba-vuln-cve-2012-1182.nse [edit]
[-] broadcast-ping.nse [edit]
[-] unusual-port.nse [edit]
[-] smtp-brute.nse [edit]
[-] http-vuln-cve2013-0156.nse [edit]
[-] http-trace.nse [edit]
[-] rmi-dumpregistry.nse [edit]
[-] dns-blacklist.nse [edit]
[-] ldap-brute.nse [edit]
[-] pcanywhere-brute.nse [edit]
[-] dns-client-subnet-scan.nse [edit]
[-] snmp-win32-shares.nse [edit]