Daniel Miller ✝ Profile picture
Join me on Mastodon! https://t.co/v4ivxXc2fd Husband. Father. Nmap & Npcap developer. Pedant. Nerd.
Jan 15, 2021 7 tweets 2 min read
Nmap scans grinding to a halt? Tired of waiting hours for results? Tried -T4 and -T5 already and looking for something more sophisticated? Try these options out:

--max-rtt-timeout: Never wait longer than this to get a response to a single probe
1/5
--script-timeout: Don't let a single NSE script take longer than this to run. Script won't produce output, but you get everything else from the scan. New in Nmap 7.25.

2/5
Jan 9, 2018 19 tweets 13 min read
#Nmap comes with 586 #NSE scripts. 148 of them are default (-sC) or version (-sV) scripts. The rest (438) have to be invoked directly or by category, so many folks don't use them. Here are my top 18 NSE scripts you should run in 2018: #DiscoveringNSE #DiscoveringNSE 1/18: Fingerprint 100s of web apps and embedded devices with http-enum. Got Nikto? http-enum uses that fingerprint file, too. nmap.org/nsedoc/scripts… Found a device with a web interface? Check for default creds with http-default-accounts. nmap.org/nsedoc/scripts…