Remember active scanning? You learned how to use Nmap to find open ports and identify services. Well, Nmap goes way beyond that. The Nmap Scripting Engine (NSE) is a library of scripts that can run all sorts of checks against services – including vulnerability checks.

NSE scripts are powerful because they understand the protocols. Here are the ones you’ll use most often for vulnerability scanning:

ssl-enum-ciphers – Checks for weak SSL/TLS cipher suites and encryption issues

smb-vuln-ms17-010 – Tests for the infamous EternalBlue vulnerability (Windows)

smb-vuln-conficker – Checks for Conficker worm infection

Part of the free Intro to Cyber course by Cover6 Solutions.