Nmap NSE 6.01: socks-open-proxy

Checks if an open socks proxy is running on the target. The script attempts to connect to a proxy server and send socks4 and socks5 payloads. It is considered an open proxy if the script receives a Request Granted response from the target port. The payloads try to open a connection to www.google.com port 80. A different test host can be passed as 'proxy.url' argument. SYNTAX: proxy.url: URL that will be requested to the proxy. proxy.pattern: Pattern that will be searched inside the request results.