- Open a terminal in Kali Linux and type “nmap –script <scriptname> <target IP or domain
name>” to perform a basic script-based vulnerability scan. Replace <scriptname> with the
name of the script you want to use (e.g. “http-vuln-cve2010-2861”). - To scan for a specific type of vulnerability, use the “–script-args” option followed by the
relevant argument (e.g. “nmap –script http-vuln-cve2010-2861 –script-args http-vuln-
cve2010-2861.path=’/’ <target IP or domain name>”). - To scan multiple scripts at once, use the “–script <category or file>” option (e.g. “nmap —
script http- <target IP or domain name>”). - To check for vulnerabilities in specific services, use the “–script-args <service>-vuln-” option
(e.g. “nmap –script-args vulns.showall –script <service>-vuln- <target IP or domain name>”). - To increase the verbosity of the output, use the “-v” option (e.g. “nmap -v –script http-vuln-
cve2010-2861 <target IP or domain name>”).
Reference:
Nmap: https://nmap.org/book/man.html