Exercise: Perform a script-based vulnerability scan using the Nmap tool

  1. Open a terminal in Kali Linux and type “nmap –script <scriptname> <target IP or domain
    name>” to perform a basic script-based vulnerability scan. Replace <scriptname> with the
    name of the script you want to use (e.g. “http-vuln-cve2010-2861”).
  2. To scan for a specific type of vulnerability, use the “–script-args” option followed by the
    relevant argument (e.g. “nmap –script http-vuln-cve2010-2861 –script-args http-vuln-
    cve2010-2861.path=’/’ <target IP or domain name>”).
  3. To scan multiple scripts at once, use the “–script <category or file>” option (e.g. “nmap —
    script http- <target IP or domain name>”).
  4. To check for vulnerabilities in specific services, use the “–script-args <service>-vuln-” option
    (e.g. “nmap –script-args vulns.showall –script <service>-vuln- <target IP or domain name>”).
  5. To increase the verbosity of the output, use the “-v” option (e.g. “nmap -v –script http-vuln-
    cve2010-2861 <target IP or domain name>”).

Reference:
Nmap: https://nmap.org/book/man.html

Open chat
Hello 👋.
Tell me, how can I help you?