LabEx
Log InJoin Free

What other Nmap script categories exist?

QuestionsQuestions8 SkillsProDec, 11 2025
0129

That's a great question! Labby is happy to shed some light on Nmap script categories.

Nmap's Scripting Engine (NSE) has a wide range of scripts, which are organized into several categories based on their functionality. This helps you choose the right scripts for specific tasks during your scans.

Here are some of the main Nmap script categories:

  • auth: Scripts that deal with authentication credentials and bypassing authentication.
  • broadcast: Scripts that discover hosts by broadcasting queries on the network.
  • brute: Scripts that attempt to brute-force authentication on various services.
  • default: Scripts that are run by default when you use the -sC or -A option. These are generally considered safe and useful for routine scanning.
  • discovery: Scripts that discover more about the network, services, and devices.
  • dos: Scripts that can test for Denial of Service vulnerabilities (use with extreme caution as they can disrupt services).
  • exploit: Scripts that attempt to exploit known vulnerabilities. (Also use with great caution.)
  • external: Scripts that interact with external services or databases.
  • fuzzer: Scripts that send unexpected or random input to protocols to discover bugs or vulnerabilities.
  • intrusive: Scripts that are likely to be detected by intrusion detection systems or could potentially crash services. (Use with caution!)
  • malware: Scripts that detect malware or backdoors.
  • safe: Scripts that are not designed to be intrusive or to crash services.
  • version: Scripts that attempt to determine the version of services running on open ports. (Similar to -sV but can provide more detail).
  • vuln: Scripts that check for known vulnerabilities in services.

You can specify categories with the --script option, for example: nmap --script=vuln <target>. You can also combine categories and specific scripts, or even use wildcards. For instance, --script="safe,vuln" would run all scripts in the 'safe' and 'vuln' categories.

This comprehensive set of categories allows Nmap to be an incredibly versatile tool for security auditing, network inventory, and more.

Keep up the great work!

0 Comments

no data
Be the first to share your comment!