Building Custom Scans for Real World Enterprise Network

Abstract

Pentesters largely uses Nmap. Some uses it very smartly way beyond than a port scanner. The rich set of scripts called as NSEs made this scanner an inevitable tool in a pentesters box. This allows you to use Nmap for vulnerability discovery, exploitation and a lot more other things as well. This research is a tool to develop Nmap script more effectively. It makes necessary environment for the Nmap script development based on the underlying OS. The current challenges in developing Nmap Script are following:

• Most of the cases, development happens in generic console editor which don’t understand LUA and Nmap library in one code window
• The syntax needs to be referred in respective wiki of Nmap NSE and LUA
• Debugging custom NSE code needs to be specified with a lot more nmap options
• Halcyon gives following features to overcome above-mentioned challenges and beyond.

It can understand both LUA and Nmap library

• Allows code completion
• Easily builder as it supports LUA and NSE syntax highlighting
• One click debug and run. Lot of debugging switches can be set through the GUI.
• Easy navigation to scripts and related libraries. This allows a script writer to modify existing libraries, data files, wordlist etc.

Link Slides Video