Nmap's scripting engine is a powerful tool for script writers. Never before has it been so easy to run scripts against thousands of hosts in parallel. With the power of Nmap at your fingertips, you just sit back and watch the results pour in!

Windows makes a particularly juicy target, since SMB/RPC hands out the keys to the kingdom (on older versions, it put out a welcome mat and made cookies, too). To help use these keys, I developed a collection of scripts that help take the "test" out of "Windows pen test". From listing users to advanced bruteforcing to dumping passwords, these scripts can own hundreds or thousands of Windows systems simultaneously.

This presentation will demonstrate the best scripts, and show the wealth of information a fully patched Windows system offers. Then we'll dig deeper, and look at the nuts and bolts of how these scripts work and how easily you can write your own. Need to upload and run a file on 10,000 boxes? Piece of cake! Santa can give out a million computers in just one night, but Nmap can pwn them in half the time.

Ron Bowes

I am an active Nmap developer, primarily writing NSE scripts. I have a SANS GPEN Gold certification, and a Bachelor of Computer Science from the University of Manitoba. My blog is http://www.skullsecurity.org and, besides my day job, I do freelance security work. Security research and programming are my favourite hobbies, and make a great combination!