tldr/pages/common/nmap.md

# nmap

> Network exploration tool and security / port scanner.
> Some features only activate when Nmap is run with privileges.
> More information: <https://nmap.org>.

- Check if an IP address is up, and guess the remote host's operating system:

`nmap -O {{ip_or_hostname}}`

- Try to determine whether the specified hosts are up and what are their names:

`nmap -sn {{ip_or_hostname}} {{optional_another_address}}`

- Like above, but also run a default 1000-port TCP scan if host seems up:

`nmap {{ip_or_hostname}} {{optional_another_address}}`

- Also enable scripts, service detection, OS fingerprinting and traceroute:

`nmap -A {{address_or_addresses}}`

- Assume good network connection and speed up execution:

`nmap -T4 {{address_or_addresses}}`

- Scan a specific list of ports (use -p- for all ports 1-65535):

`nmap -p {{port1,port2,…,portN}} {{address_or_addresses}}`

- Perform TCP and UDP scanning (use -sU for UDP only, -sZ for SCTP, -sO for IP):

`nmap -sSU {{address_or_addresses}}`

- Perform TLS cipher scan against a host to determine supported ciphers and SSL/TLS protocols:

`nmap --script ssl-enum-ciphers {{address_or_addresses}} -p 443`

- Perform full port, service, version detection scan with all default NSE scripts active against a host to determin weaknesses and info:

`nmap -sC -sV {{address_or_addresses}}`
nmap docs 2014-02-02 09:57:44 +00:00			`# nmap`

Update nmap.md. 2015-12-29 15:28:01 +00:00			`> Network exploration tool and security / port scanner.`
			`> Some features only activate when Nmap is run with privileges.`
Refactor: reword English pages' links' descriptions. 2019-06-03 01:06:36 +01:00			`> More information: <https://nmap.org>.`
nmap docs 2014-02-02 09:57:44 +00:00
nmap: add -O example (#4400) 2020-10-14 14:46:17 +01:00			`- Check if an IP address is up, and guess the remote host's operating system:`

			`nmap -O {{ip_or_hostname}}`

Formatted all pages according to guidelines. 2016-01-07 17:31:27 +00:00			`- Try to determine whether the specified hosts are up and what are their names:`
nmap docs 2014-02-02 09:57:44 +00:00
Update nmap.md. 2015-12-29 15:28:01 +00:00			`nmap -sn {{ip_or_hostname}} {{optional_another_address}}`
nmap docs 2014-02-02 09:57:44 +00:00
Formatted all pages according to guidelines. 2016-01-07 17:31:27 +00:00			`- Like above, but also run a default 1000-port TCP scan if host seems up:`
nmap docs 2014-02-02 09:57:44 +00:00
Update nmap.md. 2015-12-29 15:28:01 +00:00			`nmap {{ip_or_hostname}} {{optional_another_address}}`
added fast scan for nmap 2015-12-29 00:34:45 +00:00
Formatted nmap 2016-01-21 12:21:22 +00:00			`- Also enable scripts, service detection, OS fingerprinting and traceroute:`
added fast scan for nmap 2015-12-29 00:34:45 +00:00
Update nmap.md. 2015-12-29 15:28:01 +00:00			`nmap -A {{address_or_addresses}}`
added fast scan for nmap 2015-12-29 00:34:45 +00:00
Formatted nmap 2016-01-21 12:21:22 +00:00			`- Assume good network connection and speed up execution:`
added fast scan for nmap 2015-12-29 00:34:45 +00:00
Update nmap.md. 2015-12-29 15:28:01 +00:00			`nmap -T4 {{address_or_addresses}}`

Formatted all pages according to guidelines. 2016-01-07 17:31:27 +00:00			`- Scan a specific list of ports (use -p- for all ports 1-65535):`
Update nmap.md. 2015-12-29 15:28:01 +00:00
nmap, pdftk, samtools, tig: ellipsis consistency. 2019-02-01 17:17:21 +00:00			`nmap -p {{port1,port2,…,portN}} {{address_or_addresses}}`
Update nmap.md. 2015-12-29 15:28:01 +00:00
Formatted nmap 2016-01-21 12:21:22 +00:00			`- Perform TCP and UDP scanning (use -sU for UDP only, -sZ for SCTP, -sO for IP):`
Update nmap.md. 2015-12-29 15:28:01 +00:00
			`nmap -sSU {{address_or_addresses}}`
Add more examples for nmap for common activities such as: - scanning a host with nse scripts - scanning enabled SSL/TLS ciphers/protocols on a host on port 443 2017-10-23 22:33:57 +01:00
			`- Perform TLS cipher scan against a host to determine supported ciphers and SSL/TLS protocols:`

			`nmap --script ssl-enum-ciphers {{address_or_addresses}} -p 443`
nmap: add full nse scan example (#4480) 2020-10-14 23:29:25 +01:00
			`- Perform full port, service, version detection scan with all default NSE scripts active against a host to determin weaknesses and info:`

			`nmap -sC -sV {{address_or_addresses}}`