You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2.5 KiB
2.5 KiB
NMAP Cheat Sheet 🖥️
Table of Contents 📋
- Ping Scanning 📡
- ARP Scanning 📶
- SYN Scanning 👾
- UDP Scanning 💾
- Useful Nmap Switches ⚙️
- Identifying OS and Applications 🤖
- Nmap Scripts 📜
- Batch Script for Nmap 💻
Ping Scanning 📡
nmap -sn 192.168.10.1
nmap -sP 192.168.10.2
ARP Scanning 📶
nmap -sP -PR 192.168.10.1
Note: Press the spacebar to show the current progression of the scan.
SYN Scanning 👾
nmap -sS 192.168.10.1
UDP Scanning 💾
nmap -sU 192.168.10.1
Useful Nmap Switches ⚙️
-h: Help-v: Verbose-vv: Very Verbose-n: No DNS Reverse Lookup-T: Sets the speed of the scan (-T5being the fastest,-T0the slowest)-p: Specify ports-p 80: Specific port-p 1-10: Range of ports-p-: All ports
-o: To output a file
Identifying OS and Applications 🤖
-sV: Enable Version Detection-O: Enable OS Detection-A: Enable OS Detection, Version Detection, Script Scanning, and Traceroute--osscan-guess: Aggressive OS guessing
Nmap Scripts 📜
Syntax: nmap —script scriptname targetIP
Examples:
nmap —script http-headers 192.168.10.1
nmap —script smtp-commands 192.168.10.1
nmap -sV --script=banner 192.168.10.1
nmap -sV --script=smb* 192.168.10.1
nmap --script=http-title 192.168.10.1
nmap --script=http-enum 192.168.10.0/24
Batch Script for Nmap 💻
-
First, download Neovim or your favorite text editor. 📝
-
Create a file named
nmapScan.sh.
#!/bin/bash
nmap -sT -p 1-10000 -v -v -T5 -sV -O --osscan-guess --script=banner -oN 192.168.10.1TCP.txt 192.168.10.1
nmap -sU -p 1-500 -v -v --scan-delay 1s -sV --script=banner -oN 192.168.10.1UDP.txt 192.168.10.1
nmap -sT -p 1-10000 -v -v -T5 -sV -O --osscan-guess --script=banner -oN 192.168.10.2TCP.txt 192.168.10.2
nmap -sU -p 1-500 -v -v --scan-delay 1s -sV --script=banner -oN 192.168.10.2UDP.txt 192.168.10.2
-
Save and exit. 💾
-
Make the script executable:
sudo chmod +x nmapScan.sh
- Run the script:
sudo ./nmapScan.sh