The Nmap Scripting Engine extends the results of an Nmap port scan. It combines the Lua programming language, a library of network functions, and the results provided by other parts of Nmap to give more information about network hosts and their open ports. There are standard scripts that grab SSH host keys or SSL certificates, discover the remote date and time, check for weak passwords and unpatched vulnerabilites, and much more. The talk will explain how the scripting engine fits in with Nmap's other functions, the structure of a script, and how to modify a script or write your own. We'll see how the scripting engine can benefit casual users, researchers, and security auditors. Finally there will be a brief overview of what's new in Nmap and its associated tools for the benefit of casual users.