Detecting Critical Vulnerabilities: Nmap NSE Workshop for The CISA KEV Catalog

  • Thursday, 24 Aug 2023 2:00PM EST (24 Aug 2023 18:00 UTC)
  • Speaker: Jon Gorenflo

This workshop is a hands-on session focused on creating custom Nmap NSE scripts tailored for the CISA Known Exploited Vulnerabilities Catalog. In this 2-hour workshop, participants will learn essential NSE scripting skills, with a specific emphasis on detecting vulnerabilities listed in the catalog.

The workshop begins with an introduction to Nmap and NSE scripting, highlighting their significance in identifying and addressing known vulnerabilities. Attendees will explore NSE scripting basics, including script structure, libraries, and functions. Real-world examples from existing NSE scripts for entries in the CISA Known Exploited Vulnerabilities Catalog will be utilized to showcase effective detection techniques. Participants will learn from these examples to adapt and create NSE scripts for new entries added to the catalog.

In the practical exercises, attendees will have the opportunity to write their custom NSE script to detect newly added vulnerabilities, ensuring that their network scanning capabilities stay up-to-date with emerging threats. Script testing, execution, and contributing to the Nmap community will also be covered, fostering confidence in participants to deploy their custom NSE scripts effectively.

Join us to enhance your Nmap expertise with a specialized focus on the CISA Known Exploited Vulnerabilities Catalog. Whether you are a seasoned administrator or aspiring security professional, this workshop offers invaluable skills for detecting and addressing critical vulnerabilities in your network.

Prior to the workshop - please download the Slingshot C2 Matrix Edition here:

You can also view this support video for Slingshot for setup - SANS Slingshot #C2Matrix Edition: Virtual Machine with multiple Command and Control Frameworks

Support during the workshop will be offered in the SANS Offensive Ops Discord here:

Join the #sans-workshop channel here: