{{tag>english startpage linux kali it-security pentest}}
====== Helpful NMAP scanner commands ======
Here are some very useful commands for NMAP.
===== Command Set =====
==== Discover Hosts ====
export IPRANGE='172.16.0.0/16'
nmap -e tun0 -sn -v -oA pingscan $IPRANGE
==== Parse Results ====
grep Up pingscan.gnmap | awk '{print$2}' > 172_16_ping_ips.txt
==== Discover Services ====
nmap -v -sSV -A -O -iL 172_16_ping_ips.txt
==== Discover more Hosts ====
nmap -PE -PS80,443,3389 -PP -PU40125,161 -PA21 --source-port 53 $IPRANGE
----
===== Other commands =====
==== Ping Scan ====
nmap -sP 172.16.0.0/16
==== quick scan ====
nmap-sn 192.168.0.1/24
==== Systematic scan ====
nmap -e tun0 -PE -sn -n -oA pingscan 172.16.0.0/16
grep Up pingscan.gnmap | awk '{print$2}' > 172_16_ping_ips.txt
nmap -e tun0 -sSV -O --top-ports 3800 -oA portscan172_ping_ips -iL 172_16_ping_ips.txt
==== Targeted scanning ====
nmap -v -A -O -oX /root/op.xml -iL /home/kali/Desktop/hosts.txt
-A: Enable OS detection, version detection, script scanning, and traceroute
-O: Enable OS detection
-oN/-oX/-oS/-oG : Output scan in normal, XML, s|: Input from list of hosts/networks
==== Scan host services ====
nmap -sSV $IP
==== Scan vulnerabilities ====
nmap -v --script vuln $IP
==== Disguise NMAP scans ====
--scan-delay/--max-scan-delay
==== Banner Grabbing ====
nmap -sV --script=banner