- This is the most important release since Nmap 6.00 back in May 2012! For a list of the most significant improvements and new features,
- [NSE] Added 6 NSE scripts from 6 authors, bringing the total up to 515! and the summaries are below (authors are listed in brackets):
* targets-xml extracts target addresses from previous Nmap XML results files.
* ssl-dh-params checks for problems with weak, non-safe, and export-grade Diffie-Hellman parameters in TLS handshakes. This includes the LOGJAM vulnerability (CVE-2015-4000).
* nje-node-brute does brute-forcing of z/OS JES Network Job Entry node names.
* ip-https-discover detectings support for Microsoft's IP over HTTPS tunneling protocol.
* broadcast-sonicwall-discover detects and extracts information from SonicWall firewalls.
* http-vuln-cve2014-8877 checks for and optionally exploits a vulnerability in CM Download Manager plugin for Wordpress.
- New option --no-shutdown prevents Ncat from shutting down when it reads EOF on stdin. This is the same as traditional netcat's "-d" option.
- Improve parsing in http.lua for multiple Set-Cookie headers in a single response.