Sanoop Thomas

Paper Title

Building custom scans for real world enterprise network

Abstract

Pentesters largely uses Nmap. Some uses it very smartly way beyond than a port scanner. The rich set of scripts called as NSEs made this scanner an inevitable tool in a pentesters box. This allows you to use Nmap for vulnerability discovery, exploitation and a lot more other things as well. This research is a tool to develop Nmap script more effectively. It makes necessary environment for the Nmap script development based on the underlying OS. The current challenges in developing Nmap Script are following:

• Most of the cases, development happens in generic console editor which don't understand LUA and Nmap library in one code window
• The syntax needs to be referred in respective wiki of Nmap NSE and LUA
• Debugging custom NSE code needs to be specified with a lot more nmap options

Halcyon gives following features to overcome above-mentioned challenges and beyond.

• It can understand both LUA and Nmap library
• Allows code completion
• Easily builder as it supports LUA and NSE syntax highlighting
• One click debug and run. Lot of debugging switches can be set through it's GUI.
• Easy navigation to scripts and related libraries. This allows a script writer to modify existing libraries, data files, wordlist etc.

Talk outline:

• Introduction to Nmap Script Scans
• Some Smart usage of NSE to real world scanning
• Anatomy of NSE
• Existing challenges
• Halcyon features
• Live demo on a working NSE

Speaker Bio

Sanoop is a security researcher and trainer. He has been involved with security research and vulnerability assessments of applications, networks, and servers; also worked in the area of incident response, malware analysis, forensics etc. His main area of interest is threat research and analysis, mobile security and automating assessment methods and tools to help security professionals. He was a speaker at OWASP India 2013.