Using scripts

NSE, or the Nmap scripting engine, allows users to create their own scripts to perform different tasks automatically. These scripts are executed side by side when a scan is run. They can be used to perform more effective version detection, view the exploitation of a vulnerability, and so on.

The command for using a script is as follows:

nmap -sV  host.com -script dns-brute  

This command can be seen in the following screenshot:

The following screenshot shows the output for the preceding command:

Here, the dns-brute script tries to fetch the available subdomains by brute forcing it against a set of common subdomain names.