nmap vulnerability scan

Vulnerability Scanning with nmap

First I start the metasploitable 2 docker container for scanning

docker start meta2
docker ps
docker exec -it meta2 /bin/bash
hostname -I

Ip Address of metasploitable 2 VM is 172.17.0.2

sudo nmap -oA ./metasploitable-nmap-vulSCAN -Pn -n --open -F -sV --script nmap-vulners 172.17.0.2

Seems that somethin is missing! Let's download the nmap-vulners script

cd /usr/share/nmap/scripts
git clone https://github.com/vulnersCom/nmap-vulners.git

sudo ln -s /usr/share/nmap/scripts/nmap-vulners/vulners.nse /usr/share/nmap/scripts/nmap-vulners

After the simlink is created, let's run the nmap command again

As you can see this is really cool! You will get all the CVE articles and Exploits linked :)

Another NSE script we can use for vulnerability scanning can be found here:

https://github.com/scipag/vulscan

cd /opt
sudo git clone https://github.com/scipag/vulscan scipag_vulscan
sudo ln -s /opt/scipag_vulscan /usr/share/nmap/scripts/vulscan
sudo nmap -oA ./metasploitable-nmap-vulSCAN02 -Pn -n --open -F -sV --script vulscan/vulscan.nse -v 172.17.0.2

The script provides a lot of output and also seems to be outdated. It's always good to check different opportunities, but I'd prefere the first one.

PreviousOpenVAS NextMSF Auxiliary Modules

Last updated 2 years ago