en:it-security:nmap

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision		 Previous revision
Last revisionBoth sides next revision
en:it-security:nmap [2024/02/04 23:27] – removed psycoreen:it-security:nmap [2024/02/05 00:40] – Automatic translation 135.181.137.61
Line 1: Line 1:
 +{{tag>deutsch startpage linux kali it-security pentest}}
 +====== Helpful NMAP scanner commands ======
  
 +Here are some very useful commands for NMAP.
 +
 +===== Command Set =====
 +
 +==== Discover Hosts ====
 +
 +<code bash>
 +export IPRANGE='172.16.0.0/16'
 +nmap -e tun0 -sn -v -oA pingscan $IPRANGE
 +</code>
 +
 +==== Parse Results ====
 +
 +<code bash>
 +grep Up pingscan.gnmap | awk '{print$2}' > 172_16_ping_ips.txt
 +</code>
 +
 +==== Discover Services ====
 +
 +<code bash>
 +nmap -v -sSV -A -O -iL 172_16_ping_ips.txt
 +</code>
 +
 +==== Discover more Hosts ====
 +
 +<code bash>
 +nmap -PE -PS80,443,3389 -PP -PU40125,161 -PA21 --source-port 53 $IPRANGE
 +</code>
 +
 +----
 +
 +===== Other commands =====
 +
 +==== Ping Scan ====
 +
 +<code bash>
 +nmap -sP 172.16.0.0/16
 +</code>
 +
 +==== quick scan ====
 +
 +<code bash>
 +nmap-sn 192.168.0.1/24
 +</code>
 +
 +==== Systematic scan ====
 +
 +<code bash>
 +nmap -e tun0 -PE -sn -n -oA pingscan 172.16.0.0/16
 +</code>
 +
 +<code bash>
 +grep Up pingscan.gnmap | awk '{print$2}' > 172_16_ping_ips.txt
 +</code>
 +
 +<code bash>
 +nmap -e tun0 -sSV -O --top-ports 3800 -oA portscan172_ping_ips -iL 172_16_ping_ips.txt
 +</code>
 +
 +==== Targeted scanning ====
 +
 +<code bash>
 +nmap -v -A -O -oX /root/op.xml -iL /home/kali/Desktop/hosts.txt
 +</code>
 +
 +<code text>
 +-A: Enable OS detection, version detection, script scanning, and traceroute
 +-O: Enable OS detection
 +-oN/-oX/-oS/-oG <file>: Output scan in normal, XML, s|<rIpt kIddi3,
 +     and Grepable format, respectively, to the given filename.
 +-iL <inputfilename>: Input from list of hosts/networks
 +</code>
 +
 +==== Scan host services ====
 +
 +<code bash>nmap -sSV $IP</code>
 +
 +==== Scan vulnerabilities ====
 +
 +<code>nmap -v --script vuln $IP</code>
 +
 +
 +==== Disguise NMAP scans ====
 +
 +<code bash>
 +--scan-delay/--max-scan-delay <time>: Adjust delay between probes
 +</code>
 +
 +==== Banner Grabbing ====
 +
 +<code>nmap -sV --script=banner <target></code>
  • en/it-security/nmap.txt
  • Last modified: 2024/02/05 08:35
  • by psycore
  • Currently locked by: 18.218.156.231