Halcyon – An IDE for Faster Nmap Scripting Engine Development


Date
Location
Singapore

Halcyon is the first IDE specifically focused on Nmap Script (NSE) Development. This research idea was originated while writing custom Nmap Scripts for Enterprise Penetration Testing Scenarios. The existing challenge in developing Nmap Scripts (NSE) was the lack of a development environment that gives easiness in building custom scripts for real world scanning, at the same time fast enough to develop such custom scripts. Halcyon is free to use, java based application that comes with code intelligence, code builder, auto-completion, debugging and error correction options and also a bunch of other features like other development IDE(s) has. This research was started to give better development interface/environment to researchers and thus enhance the number of NSE writers in the information security community.

Halcyon IDE can understand Nmap library as well as traditional LUA syntax. Possible repetitive codes such as web crawling, bruteforcing etc., is pre-built in the IDE and this makes easy for script writers to save their time while developing majority of test scenarios. The talk starts with a quick introduction to how Nmap scripts work and developed, and then showcase different features on Halcyon IDE to build real world scripts faster with various built-in features in the IDE. Halcyon surely provide a rich NSE development environment bundled with features such as improved user interface, code intelligence workspace, easy single click configuration, optimised code generator, scan settings to work with multiple scripts at the same time, pre/post script development actions and lot more.