In this chapter, I highlighted the benefits of creating exploits using NSE. The libraries available for handling different network protocols and other aspects of exploit development can save us valuable time when exploiting network vulnerabilities. If you are working with more obscure protocols, the simplicity of Lua will allow you to create your own NSE library without much overhead.
You learned to exploit some of the latest and most dangerous vulnerabilities such as Bash's shellshock, SSL's heartbleed, and a 2014 Pwnie Award-winning IPMI/BMC configuration disclosure vulnerability—in most cases with fewer than 100 lines of code. Finally, we covered the vulns
NSE library, which is designed to help developers create organized vulnerability reports that automatically get generated in normal and XML output modes.
The only thing left to do now is to go create your very own NSE exploit. If you ever hit a wall, don't forget to reach out to me or the Nmap development mailing list. All collaborators...