312-50V11 · Question #260
Which of the following resources does NMAP need to be used as a basic vulnerability scanner covering several vectors like SMB, HTTP and FTP?
The correct answer is C. NMAP scripting engine. Nmap extends its capabilities into vulnerability scanning through its own built-in Nmap Scripting Engine (NSE), which provides scripts targeting protocols like SMB, HTTP, and FTP.
Question
Which of the following resources does NMAP need to be used as a basic vulnerability scanner covering several vectors like SMB, HTTP and FTP?
Options
- AMetasploit scripting engine
- BNessus scripting engine
- CNMAP scripting engine
- DSAINT scripting engine
How the community answered
(29 responses)- A3% (1)
- B3% (1)
- C90% (26)
- D3% (1)
Why each option
Nmap extends its capabilities into vulnerability scanning through its own built-in Nmap Scripting Engine (NSE), which provides scripts targeting protocols like SMB, HTTP, and FTP.
Metasploit has its own separate scripting and module framework; it is not integrated into or used by Nmap for scanning.
Nessus uses its own proprietary Nessus Attack Scripting Language (NASL) engine, which is entirely separate from Nmap and not callable by it.
The Nmap Scripting Engine (NSE) is Nmap's native scripting framework that allows users to write and run Lua-based scripts to automate a wide range of network tasks including vulnerability detection. NSE includes script categories such as 'vuln' and 'exploit' with ready-made scripts for services like SMB (e.g., ms17-010), HTTP, and FTP, making it the correct resource for extending Nmap into a basic multi-vector vulnerability scanner.
SAINT (Security Administrator's Integrated Network Tool) is an independent commercial vulnerability scanner with its own engine that has no integration with Nmap.
Concept tested: Nmap Scripting Engine for vulnerability scanning
Source: https://nmap.org/book/nse.html
Topics
Community Discussion
No community discussion yet for this question.