Professionally Evil Blog

A blog by experts of penetration testing and other security assessments.
    NMAP NSE Scripting By Example: Wordpress Version Detection
    In my last blog post, I gave a high-level introduction to the Nmap Scripting Engine (NSE).  In this blog post, I’d like to cover an example of writing a simple one with focus on the process around creating one.  For this example, we are going to create a simple Nmap script that will perform a ...
    Continue Reading

    Never miss a Professionally Evil update!

    Introduction to Writing Nmap Scripting Engine (NSE) Scripts
    NMAP  |  programming  |  NSE
    One thing I notice a lot of people are missing in their skill set as security professionals is the ...
    Continue Reading
    Nmap vs. Masscan
    hacking  |  NMAP  |  port scanning  |  masscan  |  host discovery
    If you are in IT, chances are you have at least heard of Nmap and Masscan.  Both are free and ...
    Continue Reading
    How to Update the Nmap OUI Database
    network  |  professionally evil  |  Secure Ideas  |  NMAP  |  Linux  |  IEEE  |  OUI  |  nmap-mac-prefixes
    Overview     In a previous blog post, I covered what an OUI is, how to extract them from a MAC ...
    Continue Reading
    How to Create Custom Probes For NMAP Service/Version Detection
    network  |  hacking  |  cybersecurity  |  pentesting  |  scanning  |  NMAP  |  version  |  service  |  probe  |  ports  |  match  |  chrome  |  debugging  |  nmap-service-probes  |  softmatch  |  rarity  |  directive  |  remote
    Overview NMAP is a fantastic tool for performing initial reconnaissance and enumeration.  A simple ...
    Continue Reading