NMAP

Nmap's script categories include, but are not limited to, the following:

• auth: Utilize credentials or bypass authentication on target hosts.

• broadcast: Discover hosts not included on command line by broadcasting on local network.

• brute: Attempt to guess passwords on target systems, for a variety of protocols, including http, SNMP, IAX, MySQL, VNC, etc. default: Scripts run automatically when -sC or -A are used.

• discovery: Try to learn more information about target hosts through public sources of information, SNMP, directory services, and more.

• dos: May cause denial of service conditions in target hosts.

• exploit: Attempt to exploit target systems.

• external: Interact with third-party systems not included in target list.

• fuzzer: Send unexpected input in network protocol fields.

• intrusive: May crash target, consume excessive resources, or otherwise impact target machines in a malicious fashion.

• malware: Look for signs of malware infection on the target hosts.

• safe: Designed not to impact target in a negative fashion.

• version: Measure the version of software or protocol spoken by target hosts.

• vul: Measure whether target systems have a known vulnerability.