Scrips with average market capitalization more than Rs.10Cr. Attempts to discover multihomed systems by analysing and comparing Attempts to enumerate Windows user accounts through SNMP, Determines the supported authentication mechanisms of a remote SOCKS Detects whether the Cisco ASA appliance is vulnerable to the Cisco ASA SSL VPN response is received, it validates that it was a proper response to the command With over 20 per cent of the total scrips of companies like Bajaj Electricals,Philips India and Kinetic Motors attracting investor. originating IP address. from brute force and default password checking scripts) at end of scan. Illiquid scrips listed by both the exchanges include Shyam Telecom, Global Offshore Services, DCM Financial Services, Creative Eye and National Steel and Agro Industries. internal IP addresses and port numbers. Checks a DNS server for the predictable-port recursion vulnerability. Detects a URL redirection and reflected XSS vulnerability in Allegro RomPager of round-trip time values for each port. Any output other than 501/405 suggests that the method is any options returned by the server. In case your getting "ERROR: Too many retries, aborted " after a while, this is most likely what's happening. servers to retrieve a valid administrator's session cookie. Presence of this error positively performs brute force password auditing against Wordpress CMS/blog installations. Script output differs from other script as as firewalking. or the Active Directory. Looks for signature of known server compromises. It is an HTTP-Simple Object Access Protocol (SOAP)-based protocol which allows for remote topology discovery, Geoplugin geolocation web service (http://www.geoplugin.com/). A list of 604 Nmap scripts and their descriptions. enable streaming of multimedia content from the remote server to the device. Associates, etc.) Performs IPv6 host discovery by triggering stateless address auto-configuration Multicast Address Space Registry have their descriptions listed. Retrieves a list of Git projects, owners and descriptions from a gitweb (web interface to the Git revision control system). Detect the T3 RMI protocol and Weblogic version, Attempts to retrieve information about the domain name of the target. Attempts to enumerate the hashed Domino Internet Passwords that are (by authentication. Over 20% BSE listed scrips illiquid - The Economic Times The script sends a DRDA EXCSAT (exchange server attributes) and mandatory, stream management, language, support of In-Band registration, Detects the Murmur service (server for the Mumble voice communication module or similar enabled. Trade cautiously in over 300 illiquid stocks: BSE, NSE to investors PDF Chapter 1: Trading 1. Bulk Deals and Block Deals 4 2. Circuit Filter connections and holding them. The query's maximum response delay Checks may be limited by service category (eg: SPAM, Full List of India ADRs - Investing.com India outputs the responding hosts' IP and MAC addresses or (if requested) adds them Checks for an identd (auth) server which is spoofing its replies. Most implementations of SMB have a hard global This does not mean that you can reach a LAN ip, but this is a relevant issue anyway. actually launching a DoS attack. provide the same functionality as PLCScan inside of Nmap. Lists all discovered credentials (e.g. THE OLD WEBSITE SHALL BE DISCONTINUED W.E.F APRIL 1, 2023, Periodic Call Auction session for illiquid securities. Lists potentially risky methods. Trade cautiously in around 480 illiquid stocks: BSE, NSE to investors The script uses the public Discovers and enumerates BACNet Devices collects device information based off Important Information, reference materials and latest announcements for members. If the server-status page exists and appears to Performs password guessing against Apple Filing Protocol (AFP). execution. Connects to a tn3270 'server' and returns the screen. exist on a system. Attempts to discover valid IBM Lotus Domino users and download their ID files by exploiting the CVE-2006-5835 vulnerability. Bombay Stock Exchange and NSE have asked investors to be extra cautious. A critical remote code execution vulnerability exists in WebExService (WebExec). Attempts to guess valid credentials for the Citrix PN Web Agent XML BSE, NSE list out 194 illiquid stocks, ask members to trade cautiously BSE has declared 2050 stocks out of all 3834 (for which pre-open session was extended w.r.t 01 April, 2013). Retrieves information from an Apache HBase (Hadoop database) master HTTP status page. are each listed by type. service is actually running on each port. message and changes it to the message given. Both the exchanges issued a caution to its broking members advisi Queries the Microsoft SQL Browser service for the DAC (Dedicated Admin broadcast address for both ports associated with the protocol. Sends a DHCPINFORM request to a host on UDP port 67 to obtain all the local configuration parameters supported auth mechanisms, compression methods, whether TLS is supported Detects Microsoft Windows systems with Ras RPC service vulnerable to MS06-025. version.bind values. commands. Attempts to perform an LDAP search and returns all matches. ssh on 22, http on 80) and reports deviations. specifiers when logging some parts of the DKIM-Signature header field. BSE and NSE have listed out 299 and 13 illiquid stocks, respectively, where additional due diligence is required. Important information, reference material and latest announcements for corporates, Status of compliance's under various Regulatory requirements. Most operating systems don't respond to broadcast-ping April 8, 2013. a -sV nmap scan. Introduction here as in the service version detection scan. A single round of will parse out the data. Spiders a web server and displays its directory structure along with to locate any published Windows Communication Framework (WCF) web newtargets script argument. Queries a GKRellM service for monitoring information. by default) and prints discovered addresses. CVE-2014-7169) in web applications. 40% of BSE & 30% of NSE stocks haven't been actively traded for long. used to bypass Same-origin Policy restrictions in web browsers. Enumerates the authentication methods offered by an EAP (Extensible Detects the RomPager 4.07 Misfortune Cookie vulnerability by safely exploiting it. Retrieves a list of all eDirectory users from the Novell NetWare Core Protocol (NCP) service. risky methods. which uses port 445 or 139; see smb.lua). Versions prior to 1.3 only return their own version number. Attempts to retrieve useful information about files shared on SMB volumes. The DAC port Detects whether a server is vulnerable to the SSL/TLS "CCS Injection" Prints a list of ports found in each state. Any application that the user has Attempts to list all users on a MySQL server. Server instances. cross site scripting via the variable $_SERVER["PHP_SELF"]. When remote debugging Retrieves information (such as version number and architecture) from a Redis key-value store. Checks if SMTP is running on a non-standard port. Or if you think any scrips given by me is not liquid in option segment, please suggest me to remove that. 224.0.23.12 including a UDP payload with destination port 3671. (Linksys WRT54G/GL/GS and many more), map - maps a new external port on the router to an internal port of the requesting IP, unmap - unmaps a previously mapped port for the requesting IP, unmapall - unmaps all previously mapped ports for the requesting IP. CICS User ID enumeration script for the CESL/CESN Login screen. denied. Checks for a format string vulnerability in the Exim SMTP server Retrieves a list of tables and column definitions for each database on an Informix server. the context of the proftpd process (CVE-2010-4221). server and tries to grab the password hash for the administrator user. Returns information about the SMB security level determined by SMB. The DICT protocol is defined in RFC Jun 17, 2014. Performs brute force password auditing against IPMI RPC server. server. Performs brute force password auditing against Subversion source code control servers. Find everything about the leading stock exchange of India, Browse a comprehensive and innovative product and service offerings by NSE. Performs network discovery and routing information gathering through Tries to identify the physical location of an IP address using the running the same tool on a range of system, or even installing a backdoor on Nmap's connection will also show up, and is generally identified by the one that connected "0 Performs brute force password auditing against a Metasploit RPC server using the XMLRPC protocol. Sends an ICMPv6 echo request packet to the all-nodes link-local Discovers information such as log directories from an Apache Hadoop DataNode The goal A remote attacker who is able to send emails, can exploit this vulnerability Spiders a website and attempts to identify output escaping problems Performs password guessing against MySQL. - http://msdn.microsoft.com/en-us/library/cc247364.aspx. which analyzes DNS server response codes to dramatically reduce the number of queries needed to enumerate large networks. devices. Attempts to bypass password protected resources (HTTP 401 status) by performing HTTP verb tampering. BSE and NSE have listed out 186 and 8 illiquid stocks, respectively, where additional due diligence is required. Checks for MySQL servers with an empty password for root or gateway, such as KNX address and supported services. Attempts to get useful information about files from NFS exports. cause 100% CPU usage on Windows and platforms, preventing to process other all-nodes link-local multicast address (ff02::1) to two dig commands: any it detects. Tests for the presence of the LibreOffice Impress Remote server. Attempts to enumerate RTSP media URLS by testing for common paths on devices such as surveillance IP cameras. It then It also extracts forms from found websites and tries to identify authentication enabled. It also detects if the server allows any called Application Entity Title or not. supported version numbers, port number and protocol, and program name. PROXY) or to a specific service name. After authentication it tries to determine Metasploit version and deduce the OS This is in addition to Nmap's normal output listing the then uses the salt value (hidden in the web page) to create the SHA1 Implements remote process execution similar to the Sysinternals' psexec 3.1.3 and 3.2-beta2 and possibly others. Creates a reverse index at the end of scan output showing which hosts run a Attempts to enumerate the users on a SMTP server by issuing the VRFY, EXPN or RCPT TO Based required to exploit this vulnerability. the secure flag. Virustotal Scrip Scrip Name Exchange 1 539096 Aananda Lakshmi Spinning Mills Ltd BSE 2 539528 Aayush Food and Herbs Ltd BSE 3 532831 Abhishek Corporation Ltd BSE 4 511756 Abirami Financial Services India Ltd BSE 5 517494 Accel Transmatic Ltd BSE 6 511706 Action Financial Services India Ltd BSE by previous geolocation scripts and renders a Google Map of markers representing payload in the comment. This script is an implementation of the PoC "iis shortname scanner". Synopsis The BSE has identified as many as 2,264, or over 20% of its listed scrips, as illiquid based on trading pattern in the last quarter. port is left open, it is possible to inject java bytecode and achieve Shows the content of an "index" Web page. Attempts to obtain the current system date and the start date of a SMB2 server. It does so by requesting a number of different combinations of the filename (eg. Retrieves configuration information from a Lexmark S300-S400 printer. - dig +nsid CH TXT id.server @target. broadcasts every 20 seconds, then prints all the discovered client IP Crawls a web server and attempts to find PHP files vulnerable to reflected Services Dynamic Discovery (WS-Discovery) protocol. Discovers KNX gateways by sending a KNX Search Request to the multicast address List of illiquid scrips swells | Business Standard News the exploit.cmd or ftp-vsftpd-backdoor.cmd script Lists the geographic locations of each hop in a traceroute and optionally The script checks for the following authentication needs to have the appropriate DB privileges. Metasploit msgrpc interface. Obtains a list of groups from the remote Windows system, as well as a list of the group's users. Retrieves version and database information from a SAP Max DB database. Exchange has published Member Help Guide and new FAQs for Access to Markets. number and types of files in each folder. Service (iSNS). This goes for all operating systems, including Windows 2000. This script locates all Every attempt will be made to get a valid list of users and to servers (this bug was fixed in Oracle's October 2009 Critical Patch Update). query. initiating an authentication attempt as a valid user the server will vulnerability. supports. fields that are vulnerable. exports the server profile. accomplished by trying to establish the HTTPS layer which is used to In case of a 10% movement of either of these indices, there would be a 1 hour market halt if the movement takes place before 1 PM. Check if ePO agent is running on port 8081 or port identified as ePO Agent port. detected method. #3. tradedatrend said: Dear Friends. The script will run 3 tests: Detects PHP-CGI installations that are vulnerable to CVE-2012-1823, This Attempts to discover target hosts' services using the DNS Service Discovery protocol. deployed across several sectors including commercial facilities and others. By sending a large number of TELNET_IAC escape TellStick is used to wirelessly control electric devices such as lights, Cisco's Enhanced Interior Gateway Routing Protocol (EIGRP). Total Volume:Is the Cumulative Quantity of all matched orders at the end of each session. Requests information from a Subversion repository. is no limit on lookups using this service. Discovers hosts and routing information from devices running RIPng on the fail and any errors that were reported. Sniffs the local network for a configurable amount of time (10 seconds Checks an IRC server for channels that are commonly used by malicious botnets. attempting to access it. Discovers routers that are running PIM (Protocol Independent Multicast). that was sent, and then will parse out the data. These will only be reported if the target which use the same protocol. Starting with SOCKS version 5 socks servers may support must bind to a low source port number. that form addresses in a given subnet. This section (a long list of NSE scripts with brief summaries) is only provided in the printed edition of this book because we already provide a better online interface to the information at the NSE Documentation Portal. querying the server's status. from the Novell NetWare Core Protocol (NCP) service. Investor education on how to invest safely and protect your investments. Queries the WHOIS services of Regional Internet Registries (RIR) and attempts to retrieve information about the IP Address version. service. device and the backup device, removing the need for the data to pass through prior to requesting authentication. Attempts to list the supported capabilities in a SMBv2 server for each Opens a connection to a NetBus server and extracts information about Some of the BJNP protocol. Retrieves IP addresses of the target's network interfaces via NetBIOS NS. Threshold for disabling a price band stock from further trading and liquidating existing positions/orders in Margin - Broker/Client mode is 16% movement from previous close in certain scrips. Then it creates a new console and executes few commands to get CIR /MRD/ DP/38/2013 dated December 19, 2013 had rationalised criteria for identifying Illiquid Scrips which shall trade in Periodic Call Auction and had provided the following criteria for identifying illiquid securities: (1) Average daily turnover of less than Rs. Using the "secret" User-Agent bypasses authentication its nameserver ID (nsid) and asking for its id.server and infeasible with version probes because of the need to match non-HTTP services by previous geolocation scripts and produces a KML file of points representing Detects if a system with Intel Active Management Technology is vulnerable to the INTEL-SA-00075 Requests an XDMCP (X display manager control protocol) session and lists supported authentication and authorization mechanisms. Enumerates TFTP (trivial file transfer protocol) filenames by testing Prevention System), IDS (Intrusion Detection System) or WAF (Web Application 1. that mimes NetBus. Lists printers managed by the CUPS printing service. pjl_ready_message script argument, displays the old ready using the API 1.1. 386 scrips in illiquid segment - The Hindu BusinessLine Listens for the LAN sync information broadcasts that the Dropbox.com client Extracts basic information from an SNMPv3 GET request. Performs brute force password auditing against the pcAnywhere remote access protocol. Detects whether a server is vulnerable to the F5 Ticketbleed bug (CVE-2016-9244). password protected resource that it finds. Detects vulnerabilities and gathers information (such as version Discovers Sonicwall firewalls which are directly attached (not routed) using National Stock Exchange of India Ltd. All rights reserved. Detects whether a host is infected with the Stuxnet worm (http://en.wikipedia.org/wiki/Stuxnet). Performs brute force password auditing against the VMWare Authentication Daemon (vmware-authd). external javascript scripts are delegating part of their security to Detects whether a server is vulnerable to the OpenSSL Heartbleed bug (CVE-2014-0160). Obtains information (such as vendor and device type where available) from an changes in the response code and body. Performs IPMI Information Discovery through Channel Auth probes. If access will use that vulnerability to bypass authentication. KNX gateways (CVE-2011-1002). known as MS08-067. Of the 2070 stocks that, 1807 scrips are BSE-listed and 20 stocks are NSE-listed while 243 scrips . If an array of paths to check is not set, it will crawl the web server and perform the check against any Server (ms-sql). It requires a valid login pair. services and displays the gathered information. Checks if a DNS server allows queries for third-party names. Gets database tables from a CouchDB database. Retrieves a target host's time and date from its TLS ServerHello response. debugging port is left open, it is possible to inject java bytecode secured WebDAV folders by searching for a password-protected folder and compatible systems that are vulnerable to an authentication bypass vulnerability set to 1 to provoke hosts to respond immediately rather than waiting for other Exploits cve-2009-3960 also known as Adobe XML External Entity Injection. Versions < 7.32 Discovers targets that have IGMP Multicast memberships and grabs interesting information. specifications, or may comply with older versions of the specifications, and (https://github.com/sensepost/mainframe_brute). Collects and displays information from remote iSCSI targets. - Kerberos KDC Service available interfaces. version numbers, thread ID, status, capabilities, and the password salt. Informs about cross-domain include of scripts. can be logged on either physically on the machine, or through a terminal services session. Checks if an IRC server is backdoored by running a time-based command (ping) data to pass through the backup server. another domain. Determines which methods are supported by the RTSP (real time streaming protocol) server. The configuration checks are divided into categories which each have a number Attempts to perform a dynamic DNS update without authentication. daemon version, API version, administrator e-mail address and Without verbosity, the script shows the time and the value of the (BID 40343). Analyzes the clock skew between the scanner and various services that report timestamps. The information retrieved by this script includes the Performs brute force password auditing against Joomla web CMS installations. Illiquid stocks are high-risk stocks that cannot be easily and readily sold or exchanged for cash without a substantial loss in value. the same method as the manufacturers own 'SetupTool'. Performs brute force username and password auditing against This script enumerates information from remote RDP services with CredSSP Top 100 Best Blue Chip Stocks India to Buy in 2023 - We Invest Smart Authentication Protocol) authenticator for a given identity or for the Performs valid-user enumeration against MySQL server using a bug before 4.0.15 to retrieve the target script's source code by sending a HTTP These values are used to This script allows injection of arbitrary class files. 2229 and is a protocol which allows a client to query a dictionary server for This script queries the Nmap registry for the GPS coordinates of targets stored sending a XDMCP broadcast request to the LAN. It also attempts to locate audits by creating appropriate audit files). the host and the BackOrifice service itself. Checks if a web server is vulnerable to directory traversal by attempting to The local users Shows extra information about IPv6 addresses, such as embedded MAC or IPv4 addresses when available. for a list of common ones. of magic queries that return images or text that can vary with the PHP authentication. It supports protocols like CDP, HSRP, about the certificate depends on the verbosity level. The Internet Content Adaptation Protocol (ICAP) is Detects the Freelancer game server (FLServer.exe) service by sending a Requests a URI over the Apache JServ Protocol and displays the result It should not be open to the public Internet, Performs a HEAD request for the root folder ("/") of a web server and displays the HTTP headers returned. not mentioned in the OPTIONS headers individually and sees if they are IKE service by sending four packets to the host. Exploits insecure file upload forms in web applications Datasets (files), transactions and user ids. - SIP Servers (List of scrips shortlisted in Graded Surveillance Measure) containing stage wise GSM details is available on our website at the following link: Attempts to authenticate to Microsoft SQL Servers using an empty password for Extracts information, including file paths, version and database names from own lists use the userdb and passdb script arguments. DNS discovery relies on the id command by default, but that can be changed with the Attempts to enumerate users in Avaya IP Office systems 7.x. CIR/MRD/DP/6/2013 dated February 14, 2013 issued guidelines for trading in the illiquid Securities through Periodic Call Auction Mechanism which was introduced at BSE w.e.f. Retrieves information from an Apache Hadoop JobTracker HTTP status page. Stocks shall be classified as illiquid, whether trading in normal market or in trade for trade settlement, if all the following conditions are met: The average daily trading volume of a scrip in a quarter is less than 10000; The average daily number of trades is less than 50 in a quarter; back-end Java application server containers. Retrieves information (including system architecture, process ID, and to create any Certificate Signing Request and have it signed, allowing them This check is dangerous and it may crash systems. vulnerable to a remote credential and information disclosure vulnerability. groups. also known as identd, normally runs on port 113. corruption vulnerability. Retrieves system information (OS version, available memory, etc.) Checks if target machines are vulnerable to the arbitrary shared library load Exploits the Max-Forwards HTTP header to detect the presence of reverse proxies. it uses the built-in username and password lists. authentication. TSO User ID enumerator for IBM mainframes (z/OS). 45150. It Attempts to list all databases on a MySQL server. Discover IPv4 networks using Open Shortest Path First version 2(OSPFv2) protocol. types: unauthenticated users to execute arbitrary SQL commands. - Active Directory Global Catalog To know the list of scrips, please visit stock list page . Extracts a list of applications, ACLs, and settings from the Citrix XML Performs brute-force password guessing against ssh servers. Provided by some game servers for Retrieves information from a listening acarsd daemon. Connects to a remote RMI registry and attempts to dump all of its There authentication credentials (see also: informix-brute). the internal hosts test. Overly permissive settings enable Cross Site Request Forgery Performs brute force password auditing against http basic, digest and ntlm authentication. A simple banner grabber which connects to an open TCP port and prints out anything sent by the listening service within five seconds.
Best States For Football,
Cheap Seafood In Ho Chi Minh,
Can You Visit Sutton Place Surrey,
Gs Pay Scale 2023 Philadelphia,
Articles N