Create Your Own Nmap Scripts Using Lua [Tutorial]

February 16, 2019 by 40 Comments

How to Code in Lua to Create Nmap Scripts
Full Tutorial:
Subscribe to Null Byte:
Kody’s Twitter:

Nmap is a powerful tool for network scanning and analysis. On this episode of Cyber Weapons Lab, we’ll teach you how to use Lua to code out your own Nmap script to run, that way you’re not always relying on other hackers and pentesters’ scripts to get a job done.

Follow Null Byte on:
Weekly newsletter:


40 Replies to “Create Your Own Nmap Scripts Using Lua [Tutorial]”

  1. Hello when im using free Wi-Fi with a proxy how do i get to the server of other stores HELP 😎😬😨😄

  2. Vanilla How says:

    Can you teach me how to learn python and hack WiFi stuff.

  3. Dave says:

    Great vid as always amigo! Lua is cool: it's also the 'preferred' scripting language of wireshark & can be used in real time with nodeMCUs. I'm glad to see the lang get some luv 💖💖

  4. billy says:

    BTW “testy” is a medical term for your balls 🍒

  5. SM TeCh says:

    make.more video about userland….pls sir

  6. Hey can you guys make a detailed video explaining how to root android devices.. there are a few tutorials but most of them don't work..

  7. Muy bien explicado! Gracias

  8. Great video my friend. Stay blessed❤💯

  9. Martian Moon says:

    You really don’t like PriceLine eh? 😂

  10. Rain Y says:

    What Kali Linux version your using ?.

  11. Steve says:

    When your terminal opened and I saw I spit out my drink LOL, had to wipe the monitor down, shit lmao. They should put that in their ads PRICELINE 'An Awful Travel Service, that left Kody stranded at DEFCON'. I have been looking into nmap and what its really capable of and there is a ton of scans and ways to put your personal touch on them. I was on the and they actually have some really good reading material on there. Im more serious about getting certs and I went there to get an idea of where to start, I did my CCNA over the summer which was fun but I want to do something with security. Here are some decent nmap commands, these are from the infosec site Another thing is I have been using these CTF challenges to practice and its a lot of fun actually. There is this channel called hackthebox here on YT hosted by IppSec which is pretty dope. Its humbling though because this dude is clearly pretty advanced it kind of makes my head hurt watching it but nevertheless educational. I talked to him, he said he has been at this about 4 years. That all said @Null Byte is by far STILL my favorite YouTube channel because of how long I have been going on before I ever knew this channel existed. Its an added bonus to have a visual guide to your written articles. I'd really be disappointed if you guys ever left, another good video .

  12. Cosky says:

    Best video ever made.I love Lua. Can you explain how wireshark is made with lua ?

  13. TDC says:

    Love ur intro mate!
    Great video, cheers!!

  14. T D says:

    "This terrible terrible travel site." I died 😂😂😂

  15. mr8icecream says:

    what laptops are you using?

  16. how to track mobile networks

  17. Eros Donchev says:

    Show us some Windows hacking please 🙂

  18. Bro in my vmware kalilinux does not show its wifi Option it shows only wire connection
    how to solve it

  19. This a good initiative i say because we will learn through this, so we can also create our own script. I will thanking you teach a lot of stuffs

  20. Can you also use python3 instead of Lua?

  21. DS Bros says:

    Just Awesome !!!
    I am quite lucky that I came across your channel. Liked and subscribed.
    Clear, crisp, & perfect explanation. Keep making such videos bro !!

  22. You should make a zombie drone

  23. Memo Puertas says:

    Great video!! 😀 😀

  24. Mr Kay says:

    Hello please e-mail tp me now to crack wpa wpa2 wps

  25. RacerX says:

    REQUEST: OSINT scan video

  26. Hackaholics says:

    only video on youtube without a dislike !!!

  27. M4GN3TIC ___ says:

    This is why roblox is really easy to exploit

  28. uromulou says:

    Brazil in game ^-^

  29. 2A ADDICT says:

    The commands I used:
    1. "nmap -p80,443 –script dns-brute": I am searching ports 80 and 443 on and I also added a script to be run after the command is executed, with this DNS brute-forcing script I should get a lot more information about the target.

    2. Go to this website "", select Lua as the programming language you want to use.

    3. function sort (a,b)

    if a > b then

    return a


    return b



    print("Enter two numbers")

    a =

    b =


    4. "cd /usr/share/nmap/scripts": This command will put me inside of the scripts folder which is inside another folder called nmap.

    5. "nano testy.nse": This command will open a nano window, this is where I'll write my script.

    6. — HEAD —

    description = [[

    This is a simple script example that determines if a port is open.


    author = "Null Byte"

    — RULE —

    portrule = function(host, port)

    return port.protocol == "tcp"

    and port.state == "open"


    — ACTION —

    action = function(host, port)

    return "This port is open!"


    7. "ls": This command will allow me to see all of the nmap scripting engines within the scripts folder.

    8. "nmap -p80,443 –script testy": I added the nmap script that I wrote to this command, this script has it's own logic that is dependent on the result of the ports I choose to scan.

  30. dayaniira says:

    So i can learn lua instead of python for example? I mean, can i do all the things with lua that i can do in python3? 🙂

  31. X G says:

    This was a great beginner tutorial. How can I perform a new scan based on the results from the original scan in my LUA/NSE script?

  32. how to find webserver version using Lua script

Leave a Comment

Your email address will not be published. Required fields are marked *