The Nmap Scripting Engine (FOSDEM 2010)

These are resources for the talk I gave at FOSDEM 2010. The FOSDEM talk page is here and my speaker page is here.

I gave an expanded version of the talk at a meeting of the dc303 group on February 19, 2010.


The Nmap Scripting Engine extends the results of an Nmap port scan. It combines the Lua programming language, a library of network functions, and the results provided by other parts of Nmap to give more information about network hosts and their open ports.

There are standard scripts that grab SSH host keys or SSL certificates, discover the remote date and time, check for weak passwords and unpatched vulnerabilites, and much more.

The talk will explain how the scripting engine fits in with Nmap's other functions, the structure of a script, and how to modify a script or write your own. We'll see how the scripting engine can benefit casual users, researchers, and security auditors. Finally there will be a brief overview of what's new in Nmap and its associated tools for the benefit of casual users.

Audience handout: PDF, Scribus source.

HTML narrative
(shown on screen during the talk).

131 MB. 34:14. Erratum: A couple of times I said “ten million icons,” when what I meant was “one million icons.”

Favicon graphics.

favicon programs:

bzr get