Scribd
Upload
27 views2 pages

Nmapc

Uploaded by

Clara Elizabeth Ochoa Vicente
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
27 views2 pages

Nmapc

Uploaded by

Clara Elizabeth Ochoa Vicente
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 2

Target Specification

Switch Example Description


- nmap 192.168.1.1 Scan a single IP
- nmap 192.168.1.1 192.168.2.1 Scan specific IPs
- nmap 192.168.1.1-254 Scan a range
- nmap scanme.nmap.org Scan a domain
- nmap 192.168.1.0/24 Scan using CIDR notation
-iL nmap -iL targets.txt Scan targets from a file
-iR nmap -iR 100 Scan 100 random hosts
-exclude nmap -exclude 192.168.1.1 Exclude listed hosts
Host Discovery
-sL nmap 192.168.1.1-3 -sL No Scan. List targets only
-sn nmap 192.168.1.1/24 -sn Disable port scanning. Host discovery only
-Pn nmap 192.168.1.1-5 -Pn Disable host discovery. Port scan only
-PS nmap 192.168.1.1-5 -PS22-25,80 TCP SYN discovery on port x. Port 80 by default
-PA nmap 192.168.1.1-5 -PA22-25,80 TCP ACK discovery on port x. Port 80 by default
-PU nmap 192.168.1.1-5 -PU53 UDP discovery on port x. Port 40125 by default
-PR nmap 192.168.1.1-1/24 -PR ARP discovery on local network
-n nmap 192.168.1.1 -n Never do DNS resolution
Port Specification
-p nmap 192.168.1.1 -p 21 Port scan for port x
-p nmap 192.168.1.1 -p 21-100 Port range
-p nmap 192.168.1.1 -p U:53,T:21-25,80 Port scan multiple TCP and UDP ports
-p nmap 192.168.1.1 -p- Port scan all ports
-p nmap 192.168.1.1 -p http,https Port scan from service name
-F nmap 192.168.1.1 -F Fast port scan (100 ports)
-top-ports nmap 192.168.1.1 -top-ports 2000 Port scan the top x ports
-p-65535 nmap 192.168.1.1 -p-65535 Leaving off initial port the scan start at port 1
Leaving off end port the scan go through to port
-p0- nmap 192.168.1.1 -p0-
65535
in/harunseker/ 1
OS Detection
Switch Example Description
Remote OS detection using TCP/IP stack
-O nmap 192.168.1.1 -O
fingerprinting
If at least one open and one closed TCP port are not
-O --osscan-limit nmap 192.168.1.1 -O -osscan-limit
found it will not try OS detection against host
-O --osscan-guess nmap 192.168.1.1 -O -osscan-guess Makes Nmap guess more aggressively
Set the maximum number x of OS detection tries
-O --max-os-tries nmap 192.168.1.1 -O -max-os-tries 1
against a target
Enables OS detection, version detection, script
-A nmap 192.168.1.1 -A
scanning and traceroute (Aggresive Scan)
Service and Version Detection
Attempts to determine the version of the service
-sV nmap 192.168.1.1 -sV
running on port
-sV Intensity level 0 to 9. Higher number increases
nmap 192.168.1.1 -sV --version-intensity 8
--version-intensity possibility of correctness
Enable light mode. Lower possibility of correctness.
-sV --version-light nmap 192.168.1.1 -sV --version-light
Faster
Enable intensity level 9. Higher possibility of
-sV --version-all nmap 192.168.1.1 -sV --version-all
correctness. Slower
Enables OS detection, version detection, script
-A nmap 192.168.1.1 -A
scanning, and traceroute
NSE Scripts
Scan with default NSE scripts. Considered useful for
-sC nmap 192.168.1.1 -sC
discovery and safe
Scan with default NSE scripts. Considered useful for
--script default nmap 192.168.1.1 --script default
discovery and safe
--script nmap 192.168.1.1 --script=banner Scan with a single script. Example banner
--script nmap 192.168.1.1 --script=http* Scan with a wildcard. Example http
--script nmap 192.168.1.1 --script=http,banner Scan with two scripts. Example http and banner

--script nmap 192.168.1.1 --script "not intrusive" Scan default, but remove intrusive scripts

nmap --script snmp-sysdescr --script-args


--script --script-args NSE script with arguments
snmpcommunity=admin 192.168.1.1

in/harunseker/ 2

You might also like