Nmap NSE scripts that I have created or customised. At this stage these are custom scripts that you will have to copy into your Nmap Scripts directory manually to use them.
##Installation of Custom Nmap Scripts
Depending on your installation method and distribution the exact location of the Nmap script files could be slightly different. If you have installed from source then copying these into the /usr/local/share/nmap/scripts/
folder will do the trick.
Note for the http-wordpress-themes.nse script you will also need to copy the wp-themes.lst into the /usr/local/share/nmap/nselib/data/
folder for the script to access the theme list.
If you have a Windows installation of Nmap or are using a package, then the location of the files could be slightly different (it should not be too hard to find).
##http-wordpress-info.nse
This script is non-intrusive and simply examines the source HTML of a WordPress page to find plugins, theme and the version of WordPress from the Meta Generator Tag, if the Meta Generator is not present it will attempt to download the /readme.html file that also contains the WordPress version.
##http-wordpress-plugins.nse
A modified version of the original http-wordpress-plugins.nse
script that will also attempt to identify the version of the plugins that have been detected following the brute force of the plugin paths.
##http-wordpress-themes.nse
Another modified version of the http-wordpress-plugins.nse
script this script will identify themes installed in the /wp-content/themes/ folder and also attempt to identify the version of the themes from the style.css file. The wp-theme.lst was created by crawling the Top 1 million WordPress sites and ranking the themes by popularity.
Themes that are installed but not in use by a WordPress installation can still contain vulnerabilities that could lead to the compromise of the WordPress installation and server.
##hostmap-hackertarget.nse
Similar to the hostmap-robtex.nse this script will attempt to identify hosts sharing the IP address that is being scanned. The hosts are found using the Reverse IP Lookup API that utilises DNS records from the Scans.IO project.