Hand-Picked Top-Read Stories
Trending Tags
495 views
No comments

NMAP Commands

Sander
25 October 2021
 
Basic scans 
Scan a Single Targetnmap [target]
Scan Multiple Targetsnmap [target1] [target2]
Scan a Range of Hostsnmap [start ip address- end ip address]
Scan an Entire Subnetnmap [ip address/cdir]
Scan Random Hostsnmap -iR [number]
Excluding Targets from a Scannmap [targets] – exclude [targets]
Excluding Targets Using a Listnmap [targets] – excludefile [list.txt]
Perform an Aggressive Scannmap -A [target]
Scan an IPv6 Targetnmap -6 [target ipv6]
  
  
Discovery Scans 
Perform a Ping Only Scannmap -sP [target]
Don’t Pingnmap -PN [target]
TCP SYN Pingnmap -PS [target]
TCP ACK Pingnmap -PA [target]
UDP Pingnmap -PU [target]
SCTP INIT Pingnmap -PY [target]
ICMP Echo Pingnmap -PE [target]
ICMP Timestamp Pingnmap -PP [target]
CMP Address Mask Pingnmap -PM [target]
IP Protocol Pingnmap -PO [target]
ARP Pingnmap -PR [target]
Traceroutenmap –traceroute [target]
Force Reverse DNS Resolutionnmap -R [target]
Disable Reverse DNS Resolutionnmap -n [target]
Alternative DNS Lookupnmap –system-dns [target]
Manually Specify DNS Server(s)nmap –dns-servers [servers] [target]
Create a Host Listnmap -sL [targets]
  
  
Advanced Scans 
TCP SYN Scannmap -sS [target]
TCP Connect Scannmap -sT [target]
UDP Scannmap -sU [target]
TCP NULL Scannmap -sN [target]
TCP FIN Scannmap -sF [target]
Xmas Scannmap -sX [target]
TCP ACK Scannmap -sA [target]
Custom TCP Scannmap –scanflags [flags] [target]
IP Protocol Scannmap -sO [target]
Send Raw Ethernet Packetsnmap –send-eth [target]
Send IP Packetsnmap –send-ip [target]
  
  
Port Scanning options 
Perform a Fast Scannmap -F [target]
Scan Specific Portsnmap -p [port(s)] [target]
Scan Ports by Namenmap -p [port name(s)] [target]
Scan Ports by Protocolnmap -sU -sT -p U: [ports],T:[ports] [target]
Scan All Portsnmap -p ‘*’ [target]
Scan Top Portsnmap –top-ports [number] [target]
Perform a Sequential Port Scannmap -r [target]
  
  
Firewall evasion 
augment Packetsnmap -f [target]
pacify a Specific MTUnmap –mtu [MTU] [target]
Use a Decoynmap -D RND:[number] [target]
le Zombie Scannmap -sI [zombie] [target]
Manually Specify a Source Portnmap –source-port [port] [target]
Append Random Datanmap –data-length [size] [target]
Randomize Target Scan Ordernmap –randomize-hosts [target]
Spoof MAC Addressnmap –spoof-mac [MAC|0|vendor] [target]
Send Bad Checksumsnmap –badsum [target]
  
  
NMAP Scipting 
Execute Individual Scriptsnmap –script [script.nse] [target]
Execute Multiple Scriptsnmap –script [expression] [target]
Script Categoriesall, auth, default, discovery, external, intrusive, malware, safe, vuln
Execute Scripts by Categorynmap –script [category] [target]
Execute Multiple Script Categoriesnmap –script [category1,category2,etc]
Troubleshoot Scriptsnmap –script [script] –script trace [target]
Update the Script Databasenmap –script-updatedb

 

Scan thru Metasploit and import scan results in DB

Scan a target/network/subnet:

				
					nmap -Pn -sS -A -oX Scan-Results x.x.x.x/24


Import in Metasploit:

				
					db_import Scan-Results


View the hosts imported from the Scan-Results, type:

				
					hosts


View the services from the imported Scan-Results, type:

				
					db_services
Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post
evil_twin_attack

Evil Twin Attack

16 April 2021
867 views
Next Post
bash-script

Update Kernel header

4 November 2021
230 views
Related Posts