GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → psc4re → NSE-scripts

psc4re / NSE-scripts

Licence: other
NSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST, CVE-2021-21972, proxyshell, CVE-2021-34473

Programming Languages

lua
6591 projects

Labels

scannernmappocvulnerabilityvulnerability-detectionvcenternmap-scriptsnmap-scan-scriptnse-scriptsmbv3smbghostsigredcve-2020-1350cve-2021-21972proxyshellcve-2021-34473

Projects that are alternatives of or similar to NSE-scripts

Vulscan
Advanced vulnerability scanning with Nmap NSE
Stars: ✭ 2,305 (+2095.24%)
Mutual labels:  nmap, vulnerability, vulnerability-detection, nmap-scripts, nmap-scan-script
Api
Vulners Python API wrapper
Stars: ✭ 313 (+198.1%)
Mutual labels:  scanner, vulnerability, vulnerability-detection
quick-scripts
A collection of my quick and dirty scripts for vulnerability POC and detections
Stars: ✭ 73 (-30.48%)
Mutual labels:  scanner, vulnerability, vulnerability-detection
Hellraiser
Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.
Stars: ✭ 413 (+293.33%)
Mutual labels:  scanner, nmap, vulnerability-detection
Hacking
hacker, ready for more of our story ! 🚀
Stars: ✭ 413 (+293.33%)
Mutual labels:  scanner, poc, vulnerability
Openvas Scanner
Open Vulnerability Assessment Scanner - Scanner for Greenbone Vulnerability Management (GVM)
Stars: ✭ 1,056 (+905.71%)
Mutual labels:  scanner, vulnerability, vulnerability-detection
Whour
Tool for information gathering, IPReverse, AdminFInder, DNS, WHOIS, SQLi Scanner with google.
Stars: ✭ 18 (-82.86%)
Mutual labels:  scanner, vulnerability, vulnerability-detection
nmap-log4shell
Nmap Log4Shell NSE script for discovery Apache Log4j RCE (CVE-2021-44228)
Stars: ✭ 54 (-48.57%)
Mutual labels:  nmap, vulnerability, nmap-scripts
nmap-nse-modules
My collection of nmap nse modules
Stars: ✭ 59 (-43.81%)
Mutual labels:  nmap, nmap-scripts
hassh-utils
hassh-utils: Nmap NSE Script and Docker image for HASSH - the SSH client/server fingerprinting method (https://github.com/salesforce/hassh)
Stars: ✭ 41 (-60.95%)
Mutual labels:  nmap, nmap-scripts
vulnerablecode
A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/
Stars: ✭ 269 (+156.19%)
Mutual labels:  vulnerability, vulnerability-detection
SQL Injection Payload
SQL Injection Payload List
Stars: ✭ 62 (-40.95%)
Mutual labels:  vulnerability, vulnerability-detection
scan-cli-plugin
Docker Scan is a Command Line Interface to run vulnerability detection on your Dockerfiles and Docker images
Stars: ✭ 135 (+28.57%)
Mutual labels:  vulnerability, vulnerability-detection
CVE-2020-1611
Juniper Junos Space (CVE-2020-1611) (PoC)
Stars: ✭ 25 (-76.19%)
Mutual labels:  poc, vulnerability
MX1014
MX1014 is a flexible, lightweight and fast port scanner.
Stars: ✭ 79 (-24.76%)
Mutual labels:  scanner, nmap
browserrecon-php
Advanced Web Browser Fingerprinting
Stars: ✭ 29 (-72.38%)
Mutual labels:  vulnerability, vulnerability-detection
CVE-2020-0796-POC
CVE-2020-0796 Pre-Auth POC
Stars: ✭ 86 (-18.1%)
Mutual labels:  poc, smbghost
ObsidianSailboat
Nmap and NSE command line wrapper in the style of Metasploit
Stars: ✭ 36 (-65.71%)
Mutual labels:  nmap, nmap-scripts
log4jscanwin
Log4j Vulnerability Scanner for Windows
Stars: ✭ 142 (+35.24%)
Mutual labels:  scanner, vulnerability
Pentesting
Misc. Public Reports of Penetration Testing and Security Audits.
Stars: ✭ 24 (-77.14%)
Mutual labels:  poc, vulnerability
View All Similar Projects ➔

Contains Custom NSE scripts

CVE-2020-0796

NSE script to detect vulnerable CVE-2020-0796 issue, with Microsoft SMBv3 Compression (aka coronablue, SMBGhost)

The script is a modified version of smb-protocols.nse script with a modified output data for v3.11 detection and validating CVE-2020-0796.

Note: This script just safe checks for CVE-2020-0796 vulnerability on SMBv3 and doesn't attempt anything beyond that.

Installation and running

Copy the .nse file to nmap/scripts/ folder and run update

cp cve-2020-0796.nse /usr/share/nmap/scripts/

nmap --script-updatedb

Run as

nmap -p445 --script cve-2020-0796 <<target>>

-- @output
-- | smb-protocols:
-- | dialects:
-- | NT LM 0.12 (SMBv1) [dangerous, but default]
-- | 2.02
-- | 2.10
-- | 3.00
-- | 3.02
-- |_ 3.11 (SMBv3.11) LZNT1 compression algorithm - Vulnerable to CVE-2020-0796 SMBGhost

Checks for compression based on https://github.com/ollypwn/SMBGhost/ Could've been done utilizing smb.lua in the nselib but it required substantial editing of the functions, went with sockets.

CVE-2020-1350

NSE script to detect vulnerable CVE-2020-1350 issue, with Microsoft DNS server (aka SIGRed)

The script utilizes code components of dns-nsid.nse script with checks for CVE-2020-1350

Note: This script just safe checks for CVE-2020-1350 vulnerability on Microsoft DNS Servers for identification purposes only and doesn't attempt anything beyond that. This script is not perfect and depends on the output of dig CH TXT bind.version @target and fails when DNS version number is hidden

Installation and running

Copy the .nse file to nmap/scripts/ folder and run update

cp cve-2020-1350.nse /usr/share/nmap/scripts/

nmap --script-updatedb

Run as

sudo nmap -sSU -p53 --script cve-2020-1350 <<target>>

sudo nmap -sSU -p53 --script cve-2020-1350 <<target>> --script-args output=<outputfile.txt>

http-custom-title

NSE Script to search for custom HTTP titles provided as script arguments. This script helps in searching and providing only results of HTTP titles required.

Installation and running

Copy the .nse file to nmap/scripts/ folder and run update

cp http-custom-title.nse /usr/share/nmap/scripts/

nmap --script-updatedb

Run as

nmap --script ./http-custom-title.nse -p80 scanme.nmap.org --script-args customtitle='ScanMe'

nmap --script ./http-custom-title.nse <<target>> --script-args customtitle='Apache'

vCenter RCE CVE-2021-21972 check

For checking against CVE-2021-21972, CVE-2021-21973 Vulnerability in vCenter. The script also additionally prints the vSphere Version and Build Number

Copy the .nse file to nmap/scripts/ folder and run update

cp cve-2021-21972.nse /usr/share/nmap/scripts/

nmap --script-updatedb

Run as

nmap --script cve-2021-21972.nse -p443 <host> (optional: --script-args output=report.txt)

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].