Basic NMAP Commands
Nmap is a free tool that can be used to conduct various sorts of scans on networks. Normally, when people think of Nmap, they assume itβs used to conduct some sort of nefarious network reconnaissance in preparation for an attack. But as with all powerful tools, Nmap can be used for far more than breaking into networks.
Of the scan types listed below table, only the connect and ftp bounce scans can be ran without privileged access. The last thing to remember is that these scans can only be ran one at a time except if you are running a UDP and TCP scan at the same time.
Now let us take a look at the parameters NMAP uses to perform the different types of system scans. Remember the basic command line format for nmap is:
Syntax: nmap <scan type> <options> <target>
π€
Target Selection
1 Scan a single IP
Command Syntax : nmap 192.168.20.128
2 Scan a host
Command Syntax: nmap www.yeahhub.com
3 Scan a range of IPs
Command Syntax: nmap 192.168.20.120β128
4 Scan a subnet
Command Syntax: nmap 192.168.20.2/24
5 Scan targets from Text file
Command Syntax: nmap -iL ips.txt
β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β
Port Selection
6 Scan a single port
Command Syntax: nmap -p 22 192.168.20.128
7 Scan a range of ports
Command Syntax: nmap -p 1β100 192.168.20.128
8 Scan 100 common ports
Command Syntax: nmap -F 192.168.20.128
9 Scan all ports
Command Syntax
Command Syntax: nmap -p- 192.168.20.128
10 Specify UDP or TCP scan
Command Syntax: nmap -p U:137,T:139 192.168.20.128
β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β
Scan Types
11 Scan using TCP connect
Command Syntax: nmap -sT 192.168.20.128
12 Scan using TCP SYN scan
Command Syntax:nmap -sS 192.168.20.128
13 Scan UDP ports
Command Syntax:nmap -sU -p 123,161,162 192.168.20.128
14 Scan Selected ports (Ignore Discovery)
Command Syntax: nmap -Pn -F 192.168.20.128
Service and OS Detection
15 Detect OS and Services
Command Syntax: nmap -A 192.168.20.128
16 Standard service detection
Command Syntax: nmap -sV 192.168.20.128
17 Aggressive service detection
Command Syntax: nmap -sV βversion-intensity 5 192.168.20.128
β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β
Output Formats
18 Save default output to file
Command Syntax : nmap -oN result.txt 192.168.20.128
19 Save results as XML
Command Syntax : nmap -oX resultxml.xml 192.168.20.128
20 Save formatted results (Grep)
Command Syntax : nmap -oG formattable.txt 192.168.20.128
21 Save in all formats
Command Syntax : nmap -oA allformats 192.168.20.128
β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β
Scripting Engine
22 Scan using default safe scripts
Command Syntax: nmap -sV -sC 192.168.20.128
23 Get help for a script
Command Syntax: nmap βscript-help=ssl-heartbleed
24 Scan using a specific script
Command Syntax: nmap -sV -p 443 -script=ssl-heartbleed 192.168.20.133
25 Update script database
Command Syntax: nmap βscript-updatedb
β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β
Some Useful NSE Scripts
26 Scan for UDP DDOS reflectors
Command Syntax: nmap -sU -A -PN -n -pU:19,53,123,161 -script=ntp-monlist,dns-recursion,snmp-sysdescr 192.168.20.2/24
27 Gather page titles from HTTP Servers
Command Syntax: nmap βscript=http-title 192.168.20.128
28 Get HTTP headers of web services
Command Syntax: nmap βscript=http-headers 192.168.20.128
29 Find web apps from known paths
Command Syntax: nmap βscript=http-enum 192.168.20.128
30 Find exposed Netbios servers
Command Syntax: nmap -sU βscript nbtstat.nse -p 137 192.168.20.128
#cybersecurity #cybersecurityawareness #cybersecuritytraining #cybersecuritynews #cybersecurityexpert #cybersecurityengineer #cybersecurityawarenessmonth #cybersecuritytips #cybersecurityexperts #cybersecurityconference #cybersecuritymonth #cybersecuritythreats #cybersecurityconsultant #cybersecurityjobs #cybersecurityservices #cybersecuritysummit #cybersecurityanalyst #cybersecurityindonesia #cybersecurityprogram #cybersecuritystartup #cybersecurityleader
**********************************END**********************************
