Skip to content

Instantly share code, notes, and snippets.

@Malayke
Last active June 5, 2020 02:03
Show Gist options
  • Save Malayke/1799c9449fd6c8ab73b1e7f76918c116 to your computer and use it in GitHub Desktop.
Save Malayke/1799c9449fd6c8ab73b1e7f76918c116 to your computer and use it in GitHub Desktop.
nmap quick scan script
#!/bin/bash
NOCOLOR='\033[0m'
RED='\033[0;31m'
GREEN='\033[0;32m'
ORANGE='\033[0;33m'
BLUE='\033[0;34m'
PURPLE='\033[0;35m'
CYAN='\033[0;36m'
LIGHTGRAY='\033[0;37m'
DARKGRAY='\033[1;30m'
LIGHTRED='\033[1;31m'
LIGHTGREEN='\033[1;32m'
YELLOW='\033[1;33m'
LIGHTBLUE='\033[1;34m'
LIGHTPURPLE='\033[1;35m'
LIGHTCYAN='\033[1;36m'
WHITE='\033[1;37m'
echo -e -n "${GREEN}Input target:${NOCOLOR}"
read target
# Modify the --min-rate parameter according to your target network bandwidth
# -----------
# Being careful with --min-rate even outside of production/ICS is a good idea.
# Stay well under 10.000 at first, you else might trip a switch or router over the edge,
# especially super old ones or if you just don't know. "Building switches" are sometimes really, really.
# from https://twitter.com/Wolpertwo/status/1247163736491614210
# -----------
echo -e "${GREEN}start quick scan all ports${NOCOLOR}"
ports=$(nmap -p- --min-rate=5000 --max-retries=0 --defeat-rst-ratelimit -n -Pn -T4 $target | grep ^[0-9] | cut -d '/' -f 1 | tr '\n' ',' | sed s/,$//)
echo -e "Open ports:${RED}$ports${NOCOLOR}"
echo -e "${GREEN}start version scan${NOCOLOR}"
nmap --min-rate=5000 --max-retries=0 --defeat-rst-ratelimit -n -Pn -T4 -p$ports -sC -sV $target
@Malayke
Copy link
Author

Malayke commented Apr 26, 2020

Since a SYN packet is about 60 bytes, you have roughly the following scan rates in Mbps:
10'000 p/s → 5 Mbps
20'000 p/s → 10 Mbps
100'000 p/s → 50 Mbps
200'000 p/s 100 Mbps

A good tuning option is also --defeat-rst-ratelimit if you only care about open ports!

from: https://twitter.com/mindfuckup/status/1246785570505883648

@Malayke
Copy link
Author

Malayke commented Apr 26, 2020

@Malayke
Copy link
Author

Malayke commented Apr 26, 2020

You can also add -T5 to speed up and --max-retries 1 to just ignore ports which are dropping packets.
from: https://twitter.com/b0rn2r00t/status/1246890681219469312

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment