Scribd
Upload
37 views9 pages

NMAP How-To

The document provides an overview of how to use the network scanning tool NMAP including basic commands for performing quick scans, specifying targets, selecting scan techniques, performing host discovery, specifying ports, enabling service and version detection, operating system detection, and evading firewalls and IDS. It also covers output formats and using NMAP scripts.

Uploaded by

Nguyen Trung
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
37 views9 pages

NMAP How-To

The document provides an overview of how to use the network scanning tool NMAP including basic commands for performing quick scans, specifying targets, selecting scan techniques, performing host discovery, specifying ports, enabling service and version detection, operating system detection, and evading firewalls and IDS. It also covers output formats and using NMAP scripts.

Uploaded by

Nguyen Trung
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 9

NMAP How-To

Miguel Sampaio da Veiga Follow


Feb 26 · 2 min read

Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
Quick scans
nmap -sV target — scan 1000 ports of ‘target’ (target1 target2)
(target# rst-target#last) and obtain service version number

nmap -p- target -scan all ports of ‘target’

Comands Help
Target Speci cation
Single host: nmap 192.168.0.1

Speci c hosts: nmap 192.168.0.1 192.168.0.2

Range: nmap 192.168.0.1–254

Domain: nmap mydomain.org

CIDR notation: nmap 192.168.0.1/24

Targets from le (-iL): nmap -iL targets.txt

Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
Random 100 ports (-iR): nmap -iR 100

Exclude hosts (--exclude): nmap --exlude 192.168.0.1

Scan techniques
TCP SYN port scan (-sS): nmap -sS 192.168.0.1

TCP connect port scan (-sT): nmap -sT 192.168.0.1

UDP port scan (-sU): nmap -sU 192.168.0.1

TCP ACK port scan (-sA): nmap -sA 192.168.0.1

TCP Window port scan (-sW): nmap -sW 192.168.0.1

TCP Maimon port scan (-sM): nmap -sM 192.168.0.1

Host Discovery
Only list targets (-sL): nmap -sL 192.168.0.1

Host discovery only (-sn): nmap -sn 192.168.0.1

Port scan only (-Pn): nmap -Pn 192.168.0.1

Port speci cation


Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
port X scan (-p X): nmap -p 21 192.168.0.1

port range scan (-p X-Y): nmap -p 21–150 192.168.0.1

multiple UDP and TCP port scan (-p U:X,T:Y-Z): nmap -p U:53,T:80–100
192.168.0.1

scan all ports (-p-): nmap -p- 192.168.0.1

scan ports by service name (-p service_name): nmap -p http 192.168.0.1

Fast port scan (-F): nmap -F 192.168.0.1

Scan top ports ( — top-ports X): nmap --top-ports 1000 192.168.0.1

Service and Version Detection


Service version detection (-sV): nmap -sV 192.168.0.1

Service version detection light [faster] (-sV --version-light): nmap -sV —


version-light 192.168.0.1

Service version detection all[slower] (-sV --version-light): nmap -sV —


version-all 192.168.0.1

OS Detection
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
OS detection with TCP/IP stack (-O): nmap -O 192.168.0.1

Limit detection to promising targets (-O --osscan-limit): nmap -O --


osscan-limit 192.168.0.1

Aggressive detection (-O --osscan-guest): nmap -O --osscan-guest


192.168.0.1

Maximum number of tries (-O -a-max-os-tries X): nmap -O --max-os-


tries 5 192.168.0.1

OS, version, script scanning, traceroute (-A): nmap -A 192.168.0.1

Firewall/IDS Evasion and Spoo ng


Use fragmented IP packages (-f): nmap -f 192.168.0.1

Mask scan with decoys(-D decoy1, decoy2,…): nmap -D


192.168.0.253,192.168.0.254 192.168.0.1

Spoof address (-S IP): nmap -S 192.168.0.250 192.168.0.1

Output formats
Output to le (-oN): nmap -oN scan. le 192.168.0.1

Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
Output XML to le (-oX): nmap -oX scan.xml 192.168.0.1

Output grepable to le (-oG): nmap -oG grep. le 192.168.0.1

Output 3 formats in once (-oA): nmap -oA scan 192.168.0.1

Increase verbose output (-v): nmap -v 192.168.0.1

Scripts
Default set of scripts (-sC): nmap -sC 192.168.0.1

Run safe scripts (--script safe): nmap --script safe 192.168.0.1

View scripts help (--script-help XXX): nmap --script-help whois-domain

nmap scripts path: /usr/share/nmap/scripts

Nmap Pentesting Reconnaissance How To

1 clap

WRITTEN BY

Miguel Sampaio da Veiga Follow

Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
Freelance writer, tech enthusiast

Hacker Toolbelt Follow

Hacking tools and how-to

Write the rst response

More From Medium

Also tagged Reconnaissance

How to Mine Twitter for Targeted


Information with Twint
Null Byte
May 2 · 20 min read 123

Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
Top on Medium

10 Bad Habits of Unsuccessful People


Darius Foroux in Forge
Jul 9 · 5 min read 46K

Top on Medium

The Uncanny Power of Incompetent


Men
Danny Wallace in Forge
Jul 25 · 9 min read 5.8K

Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD

You might also like