Scribd
Upload
14 views2 pages

Nmap Commands Guide

Basic commands

Uploaded by

parakhshinde2002
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
14 views2 pages

Nmap Commands Guide

Basic commands

Uploaded by

parakhshinde2002
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 2

Complete Nmap Commands Guide

# 1. Basic Scanning Commands


nmap <target> - Basic scan of the target (IP or domain)
nmap 192.168.1.1-100 - Scan multiple IPs in a range
nmap 192.168.1.0/24 - Scan all devices in a subnet
nmap example.com - Scan a domain name

# 2. Port Scanning
nmap -p 22 <target> - Scan a specific port (22 for SSH)
nmap -p 22,80,443 <target> - Scan multiple ports
nmap -p- <target> - Scan all 65,535 ports
nmap -F <target> - Fast scan of only common ports

# 3. Scan Types
nmap -sT <target> - TCP Connect Scan (full connection)
nmap -sS <target> - SYN Scan (stealthy)
nmap -sU <target> - UDP Scan
nmap -sN <target> - NULL Scan (no TCP flags)
nmap -sF <target> - FIN Scan
nmap -sX <target> - Xmas Scan
nmap -sA <target> - ACK Scan

# 4. Advanced Scanning
nmap -A <target> - Aggressive scan (OS, services, scripts, traceroute)
nmap -O <target> - OS detection
nmap -sV <target> - Service version detection
nmap -sC <target> - Default script scan
nmap -T4 <target> - Faster scan timing
nmap -Pn <target> - Scan without pinging first
nmap -n <target> - Scan without DNS resolution
nmap -6 <target> - Scan an IPv6 address

# 5. Nmap Scripting Engine (NSE)


nmap --script-help=default - List available scripts
nmap --script=vuln <target> - Scan for vulnerabilities
nmap --script=http-title <target> - Get website title
nmap --script=ftp-anon <target> - Check for anonymous FTP login
nmap --script=smb-os-discovery <target> - Detect OS via SMB

# 6. Evading Firewalls & IDS


nmap -f <target> - Send fragmented packets
nmap -D RND:10 <target> - Use 10 random decoys
nmap --randomize-hosts <target> - Randomize scan order
nmap -T2 <target> - Slow scan to avoid detection
nmap --data-length 50 <target> - Send extra data in packets

# 7. Saving Scan Results


nmap -oN output.txt <target> - Save results in normal text file
nmap -oX output.xml <target> - Save results in XML format
nmap -oG output.txt <target> - Save in grepable format
nmap -oA output <target> - Save in all three formats

# 8. Other Useful Commands


nmap --top-ports 100 <target> - Scan top 100 common ports
nmap -p- --open <target> - Show only open ports
nmap --script=banner <target> - Grab service banners
nmap --traceroute <target> - Perform a traceroute
nmap --reason <target> - Show why ports are open/closed

You might also like