|
|
|
@ -1,3 +1,5 @@
|
|
|
|
|
|
|
|
Here is the Nmap cheat sheet converted to Markdown format:
|
|
|
|
|
|
|
|
|
|
|
|
# NMAP Cheat Sheet
|
|
|
|
# NMAP Cheat Sheet
|
|
|
|
|
|
|
|
|
|
|
|
## Table of Contents
|
|
|
|
## Table of Contents
|
|
|
|
@ -11,42 +13,32 @@
|
|
|
|
7. [Nmap Scripts](#nmap-scripts)
|
|
|
|
7. [Nmap Scripts](#nmap-scripts)
|
|
|
|
8. [Batch Script for Nmap](#batch-script-for-nmap)
|
|
|
|
8. [Batch Script for Nmap](#batch-script-for-nmap)
|
|
|
|
|
|
|
|
|
|
|
|
---
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
## Ping Scanning
|
|
|
|
## Ping Scanning
|
|
|
|
|
|
|
|
|
|
|
|
\`\`\`bash
|
|
|
|
```bash
|
|
|
|
nmap -sn 192.168.10.1
|
|
|
|
nmap -sn 192.168.10.1
|
|
|
|
nmap -sP 192.168.10.2
|
|
|
|
nmap -sP 192.168.10.2
|
|
|
|
\`\`\`
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
---
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
## ARP Scanning
|
|
|
|
## ARP Scanning
|
|
|
|
|
|
|
|
|
|
|
|
\`\`\`bash
|
|
|
|
```bash
|
|
|
|
nmap -sP -PR 192.168.10.1
|
|
|
|
nmap -sP -PR 192.168.10.1
|
|
|
|
\`\`\`
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
> **Note**: Press the spacebar to show the current progression of the scan.
|
|
|
|
> **Note**: Press the spacebar to show the current progression of the scan.
|
|
|
|
|
|
|
|
|
|
|
|
---
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
## SYN Scanning
|
|
|
|
## SYN Scanning
|
|
|
|
|
|
|
|
|
|
|
|
\`\`\`bash
|
|
|
|
```bash
|
|
|
|
nmap -sS 192.168.10.1
|
|
|
|
nmap -sS 192.168.10.1
|
|
|
|
\`\`\`
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
---
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
## UDP Scanning
|
|
|
|
## UDP Scanning
|
|
|
|
|
|
|
|
|
|
|
|
\`\`\`bash
|
|
|
|
```bash
|
|
|
|
nmap -sU 192.168.10.1
|
|
|
|
nmap -sU 192.168.10.1
|
|
|
|
\`\`\`
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
---
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
## Useful Nmap Switches
|
|
|
|
## Useful Nmap Switches
|
|
|
|
|
|
|
|
|
|
|
|
@ -61,8 +53,6 @@ nmap -sU 192.168.10.1
|
|
|
|
- `-p-` : All ports
|
|
|
|
- `-p-` : All ports
|
|
|
|
- `-o` : To output a file
|
|
|
|
- `-o` : To output a file
|
|
|
|
|
|
|
|
|
|
|
|
---
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
## Identifying OS and Applications
|
|
|
|
## Identifying OS and Applications
|
|
|
|
|
|
|
|
|
|
|
|
- `-sV` : Enable Version Detection
|
|
|
|
- `-sV` : Enable Version Detection
|
|
|
|
@ -70,53 +60,53 @@ nmap -sU 192.168.10.1
|
|
|
|
- `-A` : Enable OS Detection, Version Detection, Script Scanning, and Traceroute
|
|
|
|
- `-A` : Enable OS Detection, Version Detection, Script Scanning, and Traceroute
|
|
|
|
- `--osscan-guess` : Aggressive OS guessing
|
|
|
|
- `--osscan-guess` : Aggressive OS guessing
|
|
|
|
|
|
|
|
|
|
|
|
---
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
## Nmap Scripts
|
|
|
|
## Nmap Scripts
|
|
|
|
|
|
|
|
|
|
|
|
**Syntax**: `nmap —script scriptname targetIP`
|
|
|
|
**Syntax**: `nmap —script scriptname targetIP`
|
|
|
|
|
|
|
|
|
|
|
|
Examples:
|
|
|
|
Examples:
|
|
|
|
|
|
|
|
|
|
|
|
\`\`\`bash
|
|
|
|
```bash
|
|
|
|
nmap —script http-headers 192.168.10.1
|
|
|
|
nmap —script http-headers 192.168.10.1
|
|
|
|
nmap —script smtp-commands 192.168.10.1
|
|
|
|
nmap —script smtp-commands 192.168.10.1
|
|
|
|
nmap -sV --script=banner 192.168.10.1
|
|
|
|
nmap -sV --script=banner 192.168.10.1
|
|
|
|
nmap -sV --script=smb* 192.168.10.1
|
|
|
|
nmap -sV --script=smb* 192.168.10.1
|
|
|
|
nmap --script=http-title 192.168.10.1
|
|
|
|
nmap --script=http-title 192.168.10.1
|
|
|
|
nmap --script=http-enum 192.168.10.0/24
|
|
|
|
nmap --script=http-enum 192.168.10.0/24
|
|
|
|
\`\`\`
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
> [How to Use Nmap Script Engine (NSE) Scripts in Linux](https://www.tecmint.com/use-nmap-script-engine-nse-scripts-in-linux/)
|
|
|
|
> [How to Use Nmap Script Engine (NSE) Scripts in Linux](https://www.tecmint.com/use-nmap-script-engine-nse-scripts-in-linux/)
|
|
|
|
|
|
|
|
|
|
|
|
---
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
## Batch Script for Nmap
|
|
|
|
## Batch Script for Nmap
|
|
|
|
|
|
|
|
|
|
|
|
1. First, download Neovim or your favorite text editor.
|
|
|
|
1. First, download Neovim or your favorite text editor.
|
|
|
|
|
|
|
|
|
|
|
|
2. Create a file named `nmapScan.sh`.
|
|
|
|
2. Create a file named `nmapScan.sh`.
|
|
|
|
|
|
|
|
|
|
|
|
\`\`\`bash
|
|
|
|
```bash
|
|
|
|
#!/bin/bash
|
|
|
|
#!/bin/bash
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
nmap -sT -p 1-10000 -v -v -T5 -sV -O --osscan-guess --script=banner -oN 192.168.10.1TCP.txt 192.168.10.1
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
nmap -sU -p 1-500 -v -v --scan-delay 1s -sV --script=banner -oN 192.168.10.1UDP.txt 192.168.10.1
|
|
|
|
|
|
|
|
|
|
|
|
nmap -sT -p 1-10000 -v -v -T5 -sV -O --osscan-guess --script=banner -oN 192.168.10.1TCP.txt 192.168.10.1
|
|
|
|
nmap -sT -p 1-10000 -v -v -T5 -sV -O --osscan-guess --script=banner -oN 192.168.10.2TCP.txt 192.168.10.2
|
|
|
|
nmap -sU -p 1-500 -v -v --scan-delay 1s -sV --script=banner -oN 192.168.10.1UDP.txt 192.168.10.1
|
|
|
|
|
|
|
|
nmap -sT -p 1-10000 -v -v -T5 -sV -O --osscan-guess --script=banner -oN 192.168.10.2TCP.txt 192.168.10.2
|
|
|
|
nmap -sU -p 1-500 -v -v --scan-delay 1s -sV --script=banner -oN 192.168.10.2UDP.txt 192.168.10.2
|
|
|
|
nmap -sU -p 1-500 -v -v --scan-delay 1s -sV --script=banner -oN 192.168.10.2UDP.txt 192.168.10.2
|
|
|
|
```
|
|
|
|
\`\`\`
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
3. Save and exit.
|
|
|
|
3. Save and exit.
|
|
|
|
|
|
|
|
|
|
|
|
4. Make the script executable:
|
|
|
|
4. Make the script executable:
|
|
|
|
|
|
|
|
|
|
|
|
\`\`\`bash
|
|
|
|
```bash
|
|
|
|
sudo chmod +x nmapScan.sh
|
|
|
|
sudo chmod +x nmapScan.sh
|
|
|
|
\`\`\`
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
5. Run the script:
|
|
|
|
5. Run the script:
|
|
|
|
|
|
|
|
|
|
|
|
\`\`\`bash
|
|
|
|
```bash
|
|
|
|
sudo ./nmapScan.sh
|
|
|
|
sudo ./nmapScan.sh
|
|
|
|
\`\`\`
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
---
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Let me know if you would like me to modify or add anything!
|
|
|
|
|
$./Netrunner_&
11 months ago
committed by
GitHub