Our Logo
Our Courses

Nmap Cheat Sheet

 

nmap cheat sheet

Here are simple nmap commands that will make your penetration testing easier.

Nmap is a free and open-source network scanner. Nmap is used to discover hosts and services on a computer network by sending packets and analyzing the responses. Nmap provides a number of features for probing Computer Networks, including Host Discovery and Services and Operating System detection.

Nmap Target Selection

Scan a single IP – nmap 192.168.1.1
Scan a host – nmap www.testhostname.com
Scan a range of IPs – nmap 192.168.1.1-20
Scan a subnet – nmap 192.168.1.0/24
Scan targets from a text file – nmap -iL list-of-ips.txt

Nmap Port Selection

Scan a single Port – nmap -p 22 192.168.1.1
Scan a range of ports – nmap -p 1-100 192.168.1.1
Scan 100 most common ports (Fast) – nmap -F 192.168.1.1
Scan all 65535 ports – nmap -p- 192.168.1.1

Nmap Port Scan types

Scan using TCP connect – nmap -sT 192.168.1.1
Scan using TCP SYN scan (default) – nmap -sS 192.168.1.1
Scan UDP ports – nmap -sU -p 123,161,162 192.168.1.1
Scan selected ports – ignore discovery – nmap -Pn -F 192.168.1.1

Service and OS Detection

Detect OS and Services – nmap -A 192.168.1.1
Standard service detection – nmap -sV 192.168.1.1
More aggressive Service Detection – nmap -sV –version-intensity 5 192.168.1.1
Lighter banner grabbing detection – nmap -sV –version-intensity 0 192.168.1.1

Nmap Output Formats

Save default output to file – nmap -oN outputfile.txt 192.168.1.1
Save results as XML – nmap -oX outputfile.xml 192.168.1.1
Save results in a format for grep – nmap -oG outputfile.txt 192.168.1.1
Save in all formats – nmap -oA outputfile 192.168.1.1

Digging deeper with NSE Scripts

Scan using default safe scripts – nmap -sV -sC 192.168.1.1
Get help for a script – nmap –script-help=ssl-heartbleed
Scan using a specific NSE script – nmap -sV -p 443 –script=ssl-heartbleed.nse 192.168.1.1
Scan with a set of scripts – nmap -sV –script=smb* 192.168.1.1

Scan for UDP DDOS reflectors

nmap –sU –A –PN –n –pU:19,53,123,161 –script=ntp-monlist,dns-recursion,snmp-sysdescr 192.168.1.0/24

HTTP Service Information

nmap –script=http-title 192.168.1.0/24
Get HTTP headers of web services – nmap –script=http-headers 192.168.1.0/24
Find web apps from known paths – nmap –script=http-enum 192.168.1.0/24

Detect Heartbleed SSL

nmap -sV -p 443 –script=ssl-heartbleed 192.168.1.0/24

IP Address information

nmap –script=asn-query,whois,ip-geolocation-maxmind 192.168.1.0/24
Amana Bank Tanzania
East Africa Breweries LTD
East Africa Bank Djibouti
First Atlantic Bank Ghana
Zigama CSS rwanda
Finplus Kenya
Asante Finace Group Kenya
Our Logo

established in Nairobi Kenya, Creative Ground Tech strives to promote Cyber Security Awareness and offer a world class Cyber Security and Data Science training courses. we believe in Africa and we are building Africa’s next generation of skilled Data Scientists and cybersecurity professionals through hands-on training courses.

Head Office

Site Links

Services

Recent Posts

Ⓒ - All Rights Are Reserved. Creative Ground Technologies

error: Content is protected !!
Our Logo

Our training courses are designed to help businesses develop the workforce with the vital skills any organization requires.

The #1 cyber security and data science training provider in Africa.

Our Courses

Newsletter

Sign up to our newsletter