nmap
Base Syntax
nmap {Targets} [ScanType] [Options]
Target
| Purpose |
Example |
| 1 target |
nmap IP |
| scan multiple targets |
nmap IP1, IP2, IP3 |
| scan a list |
nmap -iL list.txt |
| scan CIDR range |
nmap 192.168.1.0/24 |
Ports
| Purpose |
Example |
| Scan top 1k popular ports |
nmap IP |
| Port range |
nmap -p x-y |
| Port list |
nmap -p x,y,z |
| linear portrange |
nmap -r x-y |
Probing
| Purpose |
Example |
| Don't probe |
nmap IP -Pn |
| Default probe |
nmap IP -PB |
| ICMP Echo Request |
nmap IP -PE |
| ICMP Timestamp Request |
nmap IP -PP |
| ICMP Network Request |
nmap IP -PM |
Scan Type
| Purpose |
Example |
| Probe only |
nmap IP -sn |
| SYN Scan |
nmap IP -sS |
| TCP Connect Scan |
nmap IP -sT |
| UDP Scan |
nmap IP -su |
| Version scan |
nmap IP -sV |
| OS Detection |
nmap IP -PM |
| Set TCP flags |
nmap IP --scanflags: x,y,z |
Timing Options
| Purpose |
Example |
| Paranoid |
nmap IP -T0 |
| Sneaky |
nmap IP -T1 |
| Polite |
nmap IP -T2 |
| Normal |
nmap IP -T3 |
| Aggressive |
nmap IP -T4 |
| Insane |
nmap IP -T5 |
| Purpose |
Example |
| Standard |
nmap IP -oN file.txt |
| Greppable |
nmap IP -oG file.txt |
| XML |
nmap IP -oX file.txt |
| all formats |
nmap IP -oA file |
Misc Options
| Purpose |
Example |
| Aggresive scan |
nmap IP -A |
| nmap reason why a port is in a state |
nmap IP --reason |
No comments to display
No comments to display