Skip to content

Nazi404/Black_NSE

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

18 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
headers-grabber.nse
headers-grabber.nse
 
 
secret-finder.nse
secret-finder.nse
 
 
title.nse
title.nse
 
 

Repository files navigation

🕷 Black_NSE

Custom Nmap Scripting Engine (NSE) collection for advanced reconnaissance, leakage detection & stealth fingerprinting.

📌 About

Black_NSE is an open-source Nmap NSE script collection focused on automating advanced web reconnaissance tasks.
It helps identify misconfigurations, exposed secrets, insecure headers, hidden resources, and behavioral fingerprints commonly leveraged during security assessments and penetration testing.

This project is designed to be lightweight, modular, and automation-friendly.

📂 Scripts

Script Name Description
title.nse Redirect-aware web fingerprinting using HTTP responses
headers-grabber.nse HTTP response header fingerprinting to detect technologies, security headers & misconfigurations
secret-finder.nse Scans for exposed sensitive files, configs, backups, keys & debug artifacts

🚀 Installation

git clone https://github.com/Nazi404/Black_NSE.git
cd Black_NSE

⚙ Usage

🔹 Title Fingerprint Script

nmap --script=./title.nse target.com -p80,443

🔹 HTTP Headers Grabber

nmap --script=./headers-grabber.nse target.com -p80,443

🔹 Secret Finder

nmap --script=./secret-finder.nse target.com -p80,443

🧪 Sample Output (headers-grabber)

PORT   STATE SERVICE
80/tcp open  http
| header-grabber:
|
|   [INFO] Status: 301
|   content-type: text/plain
|   date: Wed, 31 Dec 2025 14:26:50 GMT
|   content-length: 0
|   server: proxygen-bolt
|   connection: close
|_  location: https://www.facebook.com/

🧪 Sample Output (title)

PORT    STATE SERVICE
80/tcp  open  http
|_title: Status: 302 | Title: <hidden>
443/tcp open  https
|_title: Status: 200 | Title: BBC Home - Breaking News, World News, US News, Sports, Business, Innovation, Climate, Culture, Travel, Video &amp; Audio

🧪 Sample Output (secret-finder)

PORT      STATE    SERVICE
22/tcp    open     ssh
80/tcp    open     http
| secret-finder:  [INFO]  [200]  /
|  [INFO]  [200]  /images
|  [CRITICAL]  [403]  /.svn
|  [CRITICAL]  [403]  /.svn/
|  [CRITICAL]  [403]  /.htaccess
|  [CRITICAL]  [403]  /.htpasswd
|  [CRITICAL]  [403]  /.htaccess.bak
|_ [CRITICAL]  [403]  /.htpasswd.bak
1503/tcp  filtered imtc-mcs
1719/tcp  filtered h323gatestat
1720/tcp  filtered h323q931
2000/tcp  filtered cisco-sccp

⚠ Disclaimer

This project is created strictly for educational purposes and authorized security testing only.
Unauthorized scanning or misuse of these scripts against systems without permission is illegal.
The author holds no responsibility for any misuse.

👨‍💻 Author

William Steven
Team: Nazi404

📜 License

This project is licensed under the GPL-3.0 License.

Free to use, modify, and distribute under open‑source terms.

About

Custom Nmap Scripting Engine (NSE) collection for advanced reconnaissance, leakage detection & stealth fingerprinting.

Topics

lua lua-script lua-scripting nse nmap-scripts nmap-scan-script lua-programming

Resources

Readme

License

GPL-3.0 license
Activity

Stars

6 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages