Nmap videos and slides
The purpose of this page is to collect all Nmap related presentations.
Nmap: Scanning the Internet
Author: Fyodor (@nmap)
Location:Black Hat and Defcon 2008
The Nmap Security Scanner was built to efficiently scan large networks, but Nmap's author Fyodor took this to a new level by scanning millions of Internet hosts during the Summer of 2008 as part of the Worldscan project. In this presentation given at the Black Hat Briefings and Defcon (August 2008), he presents the most interesting findings and empirical statistics from these scans, along with practical advice for improving your own scan performance. An overview of new Nmap features is also provided, including the Nmap Scripting Engine, Zenmap UI, new performance options, Ncat, and Ndiff. Most of these features are now available in Nmap 4.75 and later
Advanced network scanning with nmap 6
Location:Libre Software Meeting 2012, Geneva
Nmap version 6 was released in March 2012. In this talk, I present the project, its development and some of the cool features of Nmap 6.
Nmap Scripting Engine
Mastering the Nmap Scripting Engine
Author: Fyodor (@nmap) and David Fifield
Location: Defcon & Black Hat USA 2010
Rather than give a dry overview of NSE, Fyodor and Nmap co-maintainer David Fifield demonstrate practical solutions to common problems. They have scanned millions of hosts with NSE and discuss vulnerabilities found on enterprise networks and how Nmap can be used to quickly detect those problems on your own systems. Then they demonstrate how easy it is to write custom NSE scripts by writing one from scratch and using it to hack a webcam.
Nmap NSE Hacking for IT Security Professionals
Author: Marc Ruef (@mruef)
Nmap is without doubt one of the most important tools in security testing. Initially developed as portscanner, the introduction of NSE (Nmap Scripting Language) enhanced the software heavily. NSE scripts allow to create additional tests, which may provide the functionality of a vulnerability scanner. Basic data collected by nmap and additional network requests can be used to determine software products and security flaws. The talk is discussing the possibilities of NSE scripting, the improvement of professional scanning (with a customer-based example) and current development in the field of NSE programming (my httprecon-nse port and vulscan module). Administrators and auditors will see the their benefits of automated testing.
Author: Paulino Calderon (@calderpwn)
Location: Reunión de la Comunidad Underground de México
Abstract: Overview of Nmap NSE, examples of usage and how to write your own NSE scripts.
Advanced Nmap Scripting: Make Nmap work for you!
Author: Ron Bowes (@iagox86)
Location: Derbycon (Louisville, Kentucky)
Date: October 2, 2011
The Nmap Scripting Engine, or NSE, has brought Nmap's power to an unprecedented level. More than just a portscanner, Nmap's Scripting Engine has the speed and power to scan thousands of hosts in parallel, quickly and with amazing results. Whether building packets from the ground up (such as probing DHCP or finding sniffers) or using high-level protocols (such as MSRPC or AFS), NSE makes it easy. In this highly technical presentation, the audience will be introduced to some interesting NSE scripts, be shown in detail how they work, and learn how to write their own from scratch. Learn how to make Nmap work for you!
Nmap Scripting Engine introduction with http-enumeration
Author: Robert Rowley (@iamlei)
Location: Toorcon San Diego, CA
Date: October 11, 2011
This fast talk (18 minutes) covers the basics of the nmap scripting engine, the lua programming language and detail how the http-enum script can easily turn nmap into a web application version identifier, web vulnerability scanner, and more. It goes over my experience with NSE and how fast it was to get started and have valid contributions to the NMAP projects.
It will be presumed the audience is already familiar with nmap, HTTP, and some sort of object oriented programming.
Nmap Scripting Engine
Author: Hani Benhabiles (@kroosec)
Location: BSides Algiers (Algiers, Algeria)
Date: May 5, 2012
Abstract: This presentation is about the Nmap Scripting Engine commonly known as NSE, why was it added, its scripts general architecture, some already powerful and useful scripts that already ship with Nmap and how one can easily extend Nmap by writing a script from scratch.