2014-02-02 09:57:44 +00:00
|
|
|
# nmap
|
|
|
|
|
2015-12-29 15:28:01 +00:00
|
|
|
> Network exploration tool and security / port scanner.
|
|
|
|
> Some features only activate when Nmap is run with privileges.
|
2019-06-03 01:06:36 +01:00
|
|
|
> More information: <https://nmap.org>.
|
2014-02-02 09:57:44 +00:00
|
|
|
|
2020-10-14 14:46:17 +01:00
|
|
|
- Check if an IP address is up, and guess the remote host's operating system:
|
|
|
|
|
|
|
|
`nmap -O {{ip_or_hostname}}`
|
|
|
|
|
2021-07-28 15:19:23 +01:00
|
|
|
- Try to determine whether the specified hosts are up and what their names are:
|
2014-02-02 09:57:44 +00:00
|
|
|
|
2015-12-29 15:28:01 +00:00
|
|
|
`nmap -sn {{ip_or_hostname}} {{optional_another_address}}`
|
2014-02-02 09:57:44 +00:00
|
|
|
|
2016-01-07 17:31:27 +00:00
|
|
|
- Like above, but also run a default 1000-port TCP scan if host seems up:
|
2014-02-02 09:57:44 +00:00
|
|
|
|
2015-12-29 15:28:01 +00:00
|
|
|
`nmap {{ip_or_hostname}} {{optional_another_address}}`
|
2015-12-29 00:34:45 +00:00
|
|
|
|
2016-01-21 12:21:22 +00:00
|
|
|
- Also enable scripts, service detection, OS fingerprinting and traceroute:
|
2015-12-29 00:34:45 +00:00
|
|
|
|
2015-12-29 15:28:01 +00:00
|
|
|
`nmap -A {{address_or_addresses}}`
|
2015-12-29 00:34:45 +00:00
|
|
|
|
2016-01-21 12:21:22 +00:00
|
|
|
- Assume good network connection and speed up execution:
|
2015-12-29 00:34:45 +00:00
|
|
|
|
2015-12-29 15:28:01 +00:00
|
|
|
`nmap -T4 {{address_or_addresses}}`
|
|
|
|
|
2021-04-22 21:06:36 +01:00
|
|
|
- Scan a specific list of ports (use `-p-` for all ports `1-65535`):
|
2015-12-29 15:28:01 +00:00
|
|
|
|
2019-02-01 17:17:21 +00:00
|
|
|
`nmap -p {{port1,port2,…,portN}} {{address_or_addresses}}`
|
2015-12-29 15:28:01 +00:00
|
|
|
|
2021-04-22 21:06:36 +01:00
|
|
|
- Perform TCP and UDP scanning (use `-sU` for UDP only, `-sZ` for SCTP, `-sO` for IP):
|
2015-12-29 15:28:01 +00:00
|
|
|
|
|
|
|
`nmap -sSU {{address_or_addresses}}`
|
2017-10-23 22:33:57 +01:00
|
|
|
|
2020-12-04 12:37:44 +00:00
|
|
|
- Perform full port, service, version detection scan with all default NSE scripts active against a host to determine weaknesses and info:
|
2020-10-14 23:29:25 +01:00
|
|
|
|
|
|
|
`nmap -sC -sV {{address_or_addresses}}`
|