Nmap 5.50 released

Nmap is a free and open source utility for network exploration or security auditing.

A primary focus of the 5.50 release is the Nmap Scripting Engine, which has allowed Nmap to expand up the protocol stack and take network discovery to the next level. Nmap can now query all sorts of application protocols, including web servers, databases, DNS servers, FTP, and now even Gopher servers! These capabilities are in self-contained libraries and scripts to avoid bloating Nmap’s core engine.

Since Nmap 5.21, the number of NSE scripts has more than doubled to 177 and NSE libraries jumped from 30 to 54.

The actual NSE engine became more powerful as well. Newtargets support allows scripts like dns-zone-xfer and dns-service-discovery to add discovered hosts to Nmap’s scan queue. The developers also added a brute forcing engine, network broadcast script support, and two new script scanning phases known as prerule and postrule.

636 OS fingerprints and 1,037 version detection signatures were added to Nmap since 5.21, bringing the totals to 2,982 and 7,319, respectively. No other tool comes close.