nmap vs nuclei

[Sec13B]

usually for nmap i use :

nmap -Pn -sC -sV -oA results_tcp -T4 --min-rate=1000 -vvvvvvv --reason -p- --script vuln 10.10.10.2

Nmap many times show false vuln.

and for nuclei :

sudo echo '10.10.10.2' | sudo naabu  -p 0-65535 | sudo  nuclei -t vulnerabilities/ -t cves/ -t exposures/ -t exposed-panels/ -t network/ -t miscellaneous/ -t misconfiguration/ -severity critical,high  -stats -bs 100 -c 50 -o results.txt

nuclei take more , but stop at 72%
and didnt find the mssql vuln

any idea is welcome

 

[BlackAPT]

Попробуй это

GitHub - scipag/vulscan: Advanced vulnerability scanning with Nmap NSE

Advanced vulnerability scanning with Nmap NSE. Contribute to scipag/vulscan development by creating an account on GitHub.

github.com

 

[Q84]

usually for nmap i use :

nmap -Pn -sC -sV -oA results_tcp -T4 --min-rate=1000 -vvvvvvv --reason -p- --script vuln 10.10.10.2

Посмотреть вложение 93045

Nmap many times show false vuln.

and for nuclei :

sudo echo '10.10.10.2' | sudo naabu  -p 0-65535 | sudo  nuclei -t vulnerabilities/ -t cves/ -t exposures/ -t exposed-panels/ -t network/ -t miscellaneous/ -t misconfiguration/ -severity critical,high  -stats -bs 100 -c 50 -o results.txt

Посмотреть вложение 93043


nuclei take more , but stop at 72%
and didnt find the mssql vuln

any idea is welcome

Разве nmap не подбирает уязвимости по версии сервиса как и shodan? nuclei своего порт сканера не имеет, только по уязвимостям

correct me if wrong

 

[Sec13B]

Разве nmap не подбирает уязвимости по версии сервиса как и shodan? nuclei своего порт сканера не имеет, только по уязвимостям

correct me if wrong

i dont know how shodan pick vulnerabilities , i dont think use nmap like principal service

 

[zdestuta]

Which scripting engine NSE (it's Lua in nmap) or YAML (nuclei) more flexible and powerful?
I think Lua more flexible (it's language) than YAML (which is markup) - isn't it?
But nuclei faster than nmap.

 

[sxsnad]

Which scripting engine NSE (it's Lua in nmap) or YAML (nuclei) more flexible and powerful?
I think Lua more flexible (it's language) than YAML (which is markup) - isn't it?
But nuclei faster than nmap.

i think nuclei is much more robust than nmap's lua

 

[BlackAPT]

I have to agree with sxsnad

Nuclei more reliable and accurate because of YAML

 

[Sec13B]

i see , both find different vuln