Scribd
Upload
1K views3 pages

Nmap Cheat Sheet: Basic Scanning Techniques

This document provides a cheat sheet for the nmap network scanning tool, summarizing various commands for basic scanning techniques, discovery options, firewall evasion techniques, version detection, output options, Ndiff comparison, and the Nmap Scripting Engine. It lists commands for scanning single targets and ranges, excluding targets, ping scans, operating system detection, saving output, and executing NSE scripts by category. The cheat sheet aims to unite other nmap cheat sheets into one reference for common nmap tasks.

Uploaded by

Jel Utorrent
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
1K views3 pages

Nmap Cheat Sheet: Basic Scanning Techniques

This document provides a cheat sheet for the nmap network scanning tool, summarizing various commands for basic scanning techniques, discovery options, firewall evasion techniques, version detection, output options, Ndiff comparison, and the Nmap Scripting Engine. It lists commands for scanning single targets and ranges, excluding targets, ping scans, operating system detection, saving output, and executing NSE scripts by category. The cheat sheet aims to unite other nmap cheat sheets into one reference for common nmap tasks.

Uploaded by

Jel Utorrent
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

nmap Cheat Sheet

See-Security Technologies
nmap Cheat Sheet
Built by Yuval (tisf) Nativ from See-Security's Hacking Defined Experts program
This nmap cheat sheet is uniting a few other cheat sheets
Basic Scanning Techniques
Scan a single target nmap [target]
Scan multiple targets nmap [target1,target2,etc]
Scan a list of targets nmap -iL [list.txt]
Scan a range of hosts nmap [range of IP addresses]
Scan an entire subnet nmap [IP address/cdir]
Scan random hosts nmap -iR [number]
Excluding targets from a scan nmap [targets] exclude [targets]
Excluding targets using a list nmap [targets] excludefile [list.txt]
Perform an aggressive scan nmap -! [target]
Scan an IPv6 target nmap -" [target]
Discovery Options
Perform a ping scan only nmap -sP [target]
Dont ping nmap -P# [target]
TCP SYN Ping nmap -P$ [target]
TCP ACK ping nmap -P! [target]
UDP ping nmap -P% [target]
SCTP Init Ping nmap -P& [target]
ICMP echo ping nmap -P' [target]
ICMP Timestamp ping nmap -PP [target]
ICMP address mask ping nmap -P( [target]
IP protocol ping nmap -P) [target]
ARP ping nmap -PR [target]
Traceroute nmap traceroute [target]
Force reverse DNS resolution nmap -R [target]
Disable reverse DNS resolution nmap -n [target]
Alternative DNS lookup nmap s*stem-dns [target]
Manually specify DNS servers nmap dns-ser+ers [ser+ers] [target]
Create a host list nmap -sL [targets]
nmap Cheat Sheet
See-Security Technologies
Firewall Evasion Techniques
Fragment packets nmap -f [target]
Specify a specific MTU nmap mtu [(,%] [target]
Use a decoy nmap -- R#-. [number] [target]
Idle zombie scan nmap -sI [/ombie] [target]
Manually specify a source port nmap source-port [port] [target]
Append random data nmap data-lengt0 [si/e] [target]
Randomize target scan order nmap randomi/e-0osts [target]
Spoof MAC Address nmap spoof-mac [(!1232+endor] [target]
Send bad checksums nmap badsum [target]
Version Detection
Operating system detection nmap -) [target]
Attempt to guess an unknown nmap -) osscan-guess [target]
Service version detection nmap -s4 [target]
Troubleshooting version scans nmap -s4 +ersion-trace [target]
Perform a RPC scan nmap -sR [target]
Output Options
Save output to a text file nmap -o# [scan.txt] [target]
Save output to a xml file nmap -o5 [scan.xml] [target]
Grepable output nmap -o6 [scan.txt] [target]
Output all supported file types nmap -o! [pat0/filename] [target]
Periodically display statistics nmap stats-e+er* [time] [target]
133t output nmap -o$ [scan.txt] [target]
Ndiff
Comparison using Ndiff ndiff [scan1.xml] [scan2.xml]
Ndiff verbose mode ndiff -+ [scan1.xml] [scan2.xml]
XML output mode ndiff xml [scan1.xm] [scan2.xml]
nmap Cheat Sheet
See-Security Technologies
Nmap Scripting Engine
Execute individual scripts nmap script [script.nse] [target]
Execute multiple scripts nmap script [expression] [target]
Execute scripts by category nmap script [cat] [target]
Execute multiple scripts categories nmap script [cat1,cat2, etc]
Troubleshoot scripts nmap script [script] script-trace [target]
Update the script database nmap script-updatedb
Script categories
all
auth
default
discovery
external
intrusive
malware
safe
vuln
eferences
See-Security's main page
Hacking Defined.org
See-Security's Facebook Page
nmap Professional Discovery Guide
nmap's Official eb Page

You might also like