Nmap is without doubt one of the most important tools in security testing. Initially developed as portscanner, the introduction of NSE (Nmap Scripting Language) enhanced the software heavily. NSE scripts allow to create additional tests, which may provide the functionality of a vulnerability scanner. Basic data collected by Nmap and additional network requests can be used to determine software products and security flaws.
The talk is discussing the possibilities of NSE scripting, the improvement of professional scanning (with a customer-based example) and current development in the field of NSE programming (my httprecon-nse port and vulscan module). Administrators and auditors will see the their benefits of automated testing.