NMAP
Revision as of 14:38, 30 September 2017 by Rafahsolis (talk | contribs)
nmap A -T4 -p- -vv 20.1.40.23 nmap -n -Pn -p- -A 10.28.0.24 nmap -p- 10.28.0.150 nmap --scritp *vuln* 10.28.0.166 nmap --scritp vuln 10.28.0.166 # vuln category instead of scripts with the word vuln
Discover IP's in a subnet (no root)
$ nmap -sP 192.168.0.0/24
Scan for open ports (no root)
$ nmap 192.168.0.0/24
Identify the Operating System of a host (requires root)
nmap -O 192.168.0.164
Identify Hostnames (no root)
$ nmap -sL 192.168.0.0/24
TCP Syn and UDP Scan (requires root)
nmap -sS -sU -PN 192.168.0.164
TCP SYN and UDP scan for all ports (requires root)
nmap -sS -sU -PN -p 1-65535 192.168.0.164
TCP Connect Scan (no root)
$ nmap -sT 192.168.0.164
Aggressively Scan Hosts (no root)
$ nmap -T4 -A 192.168.0.0/24
Fast Scan (no root)
$ nmap -T4 -F 192.168.0.164
Verbose
$ nmap -T4 -A -v 192.168.0.164