In this chapter, my objective is to teach you about the prebuilt functions and wide range of libraries available in Nmap Scripting Engine (NSE) to exploit vulnerabilities in different applications, services, and network protocols. As with any other development framework, the main benefit is to cut down the development time when creating exploits—time that is very valuable during pen tests, especially during those dreaded short-term engagements.

All NSE exploits inherit a powerful feature—the scanning capabilities of Nmap. Script execution rules are very flexible and allow us to use host rules, port rules, and even Nmap's version detection information to spot vulnerabilities. Once you have a working ...