OP 20 December, 2022 - 02:23 AM
What is Nmap?
Nmap ("Network Mapper") is a free and open source utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running. It was designed to rapidly scan large networks, but works fine against single hosts.
Command Line
nmap [ <Scan Type> ...] [ <Options> ] { <target specification> }
Basic Scanning Techniques
The -s switch determines the type of scan to perform.
Nmap Switch Description
-sA ACK scan
-sF FIN scan
-sI IDLE scan
-sL DNS scan (a.k.a. list scan)
-sN NULL scan
-sO Protocol scan
-sP Ping scan
-sR RPC scan
-sS SYN scan
-sT TCP connect scan
-sW Windows scan
-sX XMAS scan
Scan a Single Target
nmap [target]
Scan Multiple Targets
nmap [target1, target2, etc]
Scan a List of Targets
nmap -iL [list.txt]
Scan a Range of Hosts
nmap [range of IP addresses]
Scan an Entire Subnet
nmap [ip address/cdir]
Scan Random Hosts
nmap -iR [number]
Exclude Targets From a Scan
nmap [targets] --exclude [targets]
Exclude Targets Using a List
nmap [targets] --excludefile [list.txt]
Perform an Aggresive Scan
nmap -A [target]
Scan an IPv6 Target
nmap -6 [target]
Port Scanning Options
Perform a Fast Scan
nmap -F [target]
Scan Specific Ports
nmap -p [port(s)] [target]
Scan Ports by Name
nmap -p [port name(s)] [target]
Scan Ports by Protocol
nmap -sU -sT -p U:[ports],T:[ports] [target]
Scan All Ports
nmap -p 1-65535 [target]
Scan Top Ports
nmap --top-ports [number] [target]
Perform a Sequential Port Scan
nmap -r [target]
Attempt to Guess an Unknown OS
nmap -O --osscan-guess [target]
Service Version Detection
nmap -sV [target]
Troubleshoot Version Scan
nmap -sV --version-trace [target]
Perform a RPC Scan
nmap -sR [target]
![[Image: PepeBlush.png]](https://external-content.duckduckgo.com/iu/?u=https%3A%2F%2Fstatic.cracked.io%2Fimages%2Fsmilies%2FPepeBlush.png)
Nmap ("Network Mapper") is a free and open source utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running. It was designed to rapidly scan large networks, but works fine against single hosts.
Command Line
nmap [ <Scan Type> ...] [ <Options> ] { <target specification> }
Basic Scanning Techniques
The -s switch determines the type of scan to perform.
Nmap Switch Description
-sA ACK scan
-sF FIN scan
-sI IDLE scan
-sL DNS scan (a.k.a. list scan)
-sN NULL scan
-sO Protocol scan
-sP Ping scan
-sR RPC scan
-sS SYN scan
-sT TCP connect scan
-sW Windows scan
-sX XMAS scan
Scan a Single Target
nmap [target]
Scan Multiple Targets
nmap [target1, target2, etc]
Scan a List of Targets
nmap -iL [list.txt]
Scan a Range of Hosts
nmap [range of IP addresses]
Scan an Entire Subnet
nmap [ip address/cdir]
Scan Random Hosts
nmap -iR [number]
Exclude Targets From a Scan
nmap [targets] --exclude [targets]
Exclude Targets Using a List
nmap [targets] --excludefile [list.txt]
Perform an Aggresive Scan
nmap -A [target]
Scan an IPv6 Target
nmap -6 [target]
Port Scanning Options
Perform a Fast Scan
nmap -F [target]
Scan Specific Ports
nmap -p [port(s)] [target]
Scan Ports by Name
nmap -p [port name(s)] [target]
Scan Ports by Protocol
nmap -sU -sT -p U:[ports],T:[ports] [target]
Scan All Ports
nmap -p 1-65535 [target]
Scan Top Ports
nmap --top-ports [number] [target]
Perform a Sequential Port Scan
nmap -r [target]
Attempt to Guess an Unknown OS
nmap -O --osscan-guess [target]
Service Version Detection
nmap -sV [target]
Troubleshoot Version Scan
nmap -sV --version-trace [target]
Perform a RPC Scan
nmap -sR [target]
